Is ShieldBox really hosted in Australia?

Yes. 100% of ShieldBox data — every email, attachment, and contact — is stored exclusively on servers physically located in Australia (Sydney and Melbourne data centres). No data ever leaves Australian soil.

Is ShieldBox compliant with the Australian Privacy Act 1988?

Yes. ShieldBox is fully compliant with the Australian Privacy Act 1988 (Privacy Act), the Australian Privacy Principles (APPs), and holds ISO 27001 certification. We also support IRAP-assessed environments for government users.

How does ShieldBox encryption work?

ShieldBox uses AES-256 encryption for all emails at rest and in transit. Users can optionally enable OpenPGP for zero-knowledge end-to-end encryption, meaning even ShieldBox staff cannot access your email content.

Can I use my own domain with ShieldBox?

Yes. ShieldBox supports custom domain hosting on all paid plans. You can use your own domain (e.g. you@yourcompany.com.au) with full DNS management, SPF, DKIM, and DMARC configuration.

Does ShieldBox offer a free plan?

Yes. ShieldBox offers a free plan with 5GB of Australian-hosted encrypted storage, no credit card required. Paid plans start from $9 AUD/month for additional features and storage.

How is ShieldBox different from Gmail or Outlook?

Unlike Gmail (USA) or Outlook (USA/Ireland), ShieldBox stores all data exclusively in Australia, does not scan emails for advertising, is compliant with Australian law, and uses military-grade encryption. Your data is never sold or shared with third parties.

Sydney CBD skyline — ShieldBox headquarters

About ShieldBox

Built in Australia.
For Australia.

We started ShieldBox because every Australian deserves email that stays on Australian soil — no exceptions, no workarounds, no fine print.

2024

Founded in Sydney

45+

Team members

Australian data centres

28K+

Active customers

Our Story

Born from Australia's biggest data breach era

In late 2022, Australia experienced its two largest data breaches in history — Optus and Medibank. Combined, nearly 20 million Australians had their personal data exposed. Both breaches were enabled, in part, by data stored and processed on overseas infrastructure.

James Whitfield, a former ASD analyst, and Priya Nair, the former CTO of a top-10 Australian fintech, had watched this unfold from inside the industry. They had both spent years advising organisations on data sovereignty — and seen businesses paying the price for ignoring it.

In early 2024, they founded ShieldBox with a simple premise: build the email platform they kept telling everyone else to build. 100% Australian servers. Military-grade encryption. Zero offshore data transfers. No advertising. No data harvesting.

18 months later, ShieldBox serves over 28,000 customers — from sole traders to ASX-listed companies and government agencies — and has become Australia's fastest-growing sovereign email platform.

Get Started Free Read Our Blog

Our Values

What drives every decision we make

Sovereignty First

Every product decision is filtered through one question: does this keep Australian data on Australian soil? If not, we don't build it that way.

Security by Design

Security is not a feature we add after building — it's the foundation we build on. Every layer of ShieldBox is designed with zero-trust principles from day one.

Genuinely Australian

We are not a global platform with an Australian subsidiary. We are an Australian company, built by Australians, for Australians, with no offshore investor pressures.

The Team

Built by Australians with real security credentials

Our team combines deep government security experience with world-class engineering — all committed to making Australian data sovereignty the default, not the exception.

James Whitfield

CEO & Co-Founder

ASDCISM

Former analyst at the Australian Signals Directorate with 12 years in government cyber security. James founded ShieldBox in 2024 after witnessing the scale of Australian business data exposure through offshore email providers.

Priya Nair

CTO & Co-Founder

CTOAWS Certified

Previously CTO at a top-10 Australian fintech, Priya brings deep engineering expertise in distributed systems and cryptography. She architected ShieldBox's zero-knowledge encryption stack and Australian-only data pipeline.

Dr. Sarah Mitchell

Head of Security & Compliance

CISSPCISMIRAP

PhD in Information Security from UNSW, 8 years at the Australian Signals Directorate. Sarah leads all IRAP assessments, ISO 27001 audits, and security architecture decisions. She is ShieldBox's IRAP-endorsed assessor liaison.

Marcus Chen

Chief Compliance Officer

CIPP/ASolicitor

10 years as a privacy lawyer specialising in the Australian Privacy Act before joining ShieldBox. Marcus oversees all compliance programs, government customer relationships, and Privacy Act guidance for the product team.

Tom Gallagher

Head of Engineering

AWS SA ProCKAD

Former engineering lead at Atlassian, Tom joined ShieldBox to help scale Australia's most secure infrastructure. He oversees all backend systems, CI/CD pipelines, and the 99.99% uptime SLA across ShieldBox's Sydney and Melbourne data centres.

Certifications & Compliance

Not just claims — verified credentials

ISO 27001 Certified

Information Security Management System certified by BSI Group Australia.

IRAP Assessed

Independently assessed by an ASD-endorsed IRAP assessor against the ISM.

Privacy Act Compliant

Full compliance with the Australian Privacy Act 1988 and all 13 APPs.

ASD Essential Eight

Maturity Level 3 across all eight ASD Essential Eight mitigation strategies.

ShieldBox Pty Ltd

ABN: 12 345 678 900ACN: 123 456 789Registered in NSW, Australia

hello@shieldbox.com.au

Our Locations

100% Australian — no overseas offices, no overseas servers

Every team member, every server, and every byte of customer data sits on Australian soil. That's not a marketing claim — it's our operating model.

HeadquartersSydney

Level 24, 123 George Street
Sydney NSW 2000, Australia

+61 2 9000 0000

sydney@shieldbox.com.au

Primary Data Centre: Equinix SY3, Sydney

Victoria OfficeMelbourne

Level 15, 45 Collins Street
Melbourne VIC 3000, Australia

+61 3 9000 0000

melbourne@shieldbox.com.au

Secondary Data Centre: Equinix ME1, Melbourne

Trusted by Australian Businesses

Real customers, real results

From legal firms to healthcare networks — Australian businesses in every industry rely on ShieldBox for sovereign email compliance.

“We were sitting on a ticking compliance time bomb without realising it. ShieldBox didn't just fix the problem — they made us better positioned for every regulatory conversation we now have with clients.”

Adrian Cheng

Managing Partner

Meridian Accounting Group • Sydney, NSW

“As privacy lawyers, our credibility depends on practising what we preach. ShieldBox is the only platform we've found that genuinely meets the bar we set for our clients.”

Siobhan Bannerman

Founding Partner

Bannerman & Associates Legal • Melbourne, VIC

“The audit result was a relief, but what really sold us was how much simpler everything became. ShieldBox is the most thoughtfully built platform we've used in 15 years.”

Dr Preethi Ramakrishnan

Clinical Director & CEO

Nexus Healthcare Network • Brisbane, QLD

View all customer stories

28,000+ active customers • 4.9/5 satisfaction score • 97% retention rate

Built in Australia.For Australia.