Data Sanitisation Policy

Techie Australia Limited

1. Purpose

Techie Australia Limited is committed to protecting information privacy while supporting the reuse of donated technology to reduce electronic waste.

This policy defines the principles and methods used to sanitise data-bearing devices donated to Techie Australia.

Devices submitted for specialised sanitisation or destruction services are governed by separate service terms where applicable.

2. Guiding Principles

Techie Australia applies data sanitisation practices designed to:

  • Protect prior data confidentiality
  • Align with recognised industry guidance
  • Support responsible device reuse
  • Minimise unnecessary physical destruction

Sanitisation methods are selected based on device capabilities, storage technology, and operational suitability.

3. Standards Alignment

Techie Australia performs data sanitisation activities in alignment with the guidance provided in NIST SP 800-88 Rev. 1.

Sanitisation outcomes are categorised using the NIST framework:

  • Clear
  • Purge
  • Destroy

4. Sanitisation Strategy

Techie Australia prioritises reuse wherever devices remain functional and sanitisation methods are technically viable.

Where supported by the device:

Native sanitisation commands may be used (e.g. Secure Erase, Sanitize, Cryptographic Erase).

Where native sanitisation mechanisms are unavailable or unsuitable:

Clear methods are applied, consisting of full logical overwrite of the device's accessible address space with verification.

Physical destruction is reserved for devices that:

  • Cannot be reliably sanitised
  • Fail verification processes
  • Are defective or unsafe
  • Are otherwise unsuitable for reuse

5. Storage Technology Considerations

Different storage technologies support different sanitisation mechanisms.

For magnetic media (HDDs)

Logical overwrite methods are considered effective for Clear operations.

For flash-based media (SSDs, USB flash drives, SD cards, CF cards)

Controller-level sanitisation mechanisms are used where available. Where unavailable, Clear methods are applied consisting of logical overwrite with verification of accessible address space.

Due to the architecture of flash memory devices, residual data may persist at the physical cell level despite successful logical sanitisation. Sanitisation assurances apply to the device's accessible logical address space.

6. Verification

Sanitisation processes include verification mechanisms appropriate to the selected method, which may include:

  • Read-back sampling
  • Command completion validation
  • Device status checks
  • Error reporting and logging

7. Documentation & Evidence

Techie Australia maintains sanitisation records which may include:

  • Device identifiers (where available)
  • Sanitisation method applied
  • Verification outcomes
  • Timestamped process logs

Where certificates or reports are issued, they reflect the sanitisation method performed and its defined assurance scope.

8. Environmental Responsibility

Techie Australia seeks to minimise electronic waste. Devices that pass sanitisation verification and remain functional are prioritised for reuse.

Destruction is applied only where sanitisation integrity or device suitability cannot be maintained.

9. Limitations of Sanitisation Assurance

Techie Australia Limited applies data sanitisation practices using methods aligned with recognised industry guidance.

While reasonable care is taken to perform sanitisation and verification processes, Techie Australia does not warrant or guarantee the absolute or permanent removal of all data under all circumstances.

Sanitisation outcomes are dependent on device condition, storage technology, manufacturer design, and factors outside Techie Australia's control.

Sanitisation assurances apply solely to the method performed and the device's accessible logical address space unless explicitly stated otherwise.

10. Services Beyond Standard Sanitisation

Techie Australia Limited may provide sanitisation or destruction services beyond those ordinarily performed as part of its standard donation, refurbishment, and reuse activities.

Such services may include elevated assurance sanitisation methods, specialised verification processes, or physical destruction of storage devices.

Where additional services are requested, Techie Australia reserves the right to apply service fees.

Applicable fees, where charged, reflect labour, equipment usage, operational costs, and assurance requirements.

11. Policy Scope

This policy applies to data-bearing devices donated to Techie Australia Limited.

Sanitisation or destruction services performed outside the donation workflow may be subject to separate service agreements or terms.

12. Review

This policy may be updated periodically to reflect evolving storage technologies, industry guidance, and operational practices.

Contact

For questions about this policy, please contact us at hello@techie.org.au.

See also our Privacy Policy and Terms of Service.