Privacy
Policy

Introduction

Nexasec Pty Ltd (“Nexasec”, “we”, “our”, or “us”) respects your privacy and is committed to handling your personal information responsibly. This Privacy Policy describes how we manage personal information collected in the course of providing our electronic security, network infrastructure, and smart automation services.

We are bound by the Privacy Act 1988 (Cth) (“Privacy Act”) and the thirteen Australian Privacy Principles (“APPs”) that regulate how organisations collect, hold, use, and disclose personal information. We are also subject to the Notifiable Data Breaches scheme.

By engaging our services, visiting our website, or submitting an enquiry, you consent to the collection and use of your personal information as described in this policy. If you do not agree, please refrain from using our services or website.

Information We Collect

We collect only the personal information necessary to deliver and support our services. This may include:

We do not collect sensitive information as defined in the Privacy Act (such as health, race, religion, or biometric data) unless it is directly relevant to a specific service engagement and you have provided explicit consent.

How We Collect It

Nexasec collects personal information through the following channels:

• ✓Directly from you when you submit an enquiry via our website contact form, call us by phone, or send us an email.
• ✓During onsite assessments and installation visits, where our technicians gather property and technical information necessary to complete the job.
• ✓From our website through cookies and analytics tools that collect non-personally identifiable usage data.
• ✓Through referrals from third parties such as builders, property managers, or real estate agents who engage us on your behalf — in which case we will inform you at the earliest practicable opportunity.
• ✓From publicly available sources such as property records or business registers where necessary for commercial credit assessment.

Where practical, we collect personal information directly from you. We will always tell you why we are collecting your information and how it will be used at or before the time of collection.

Why We Collect It

Nexasec collects personal information solely for the purposes for which it is provided and for the ordinary functioning of our business. Primary purposes include:

We will not use or disclose your personal information for any secondary purpose unless you have consented to that use or disclosure, or it is required or authorised by law.

Storage & Security

Personal information is stored in secure business systems including our job management software, accounting platform, and email. Access is restricted to Nexasec staff and contractors who need it to perform their role. All staff are required to maintain the confidentiality of Client information.

Paper records containing personal information are stored securely and disposed of via secure document destruction. Digital records are protected by password authentication and, where applicable, encryption.

We retain personal information for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, and reporting requirements. Generally, client records are retained for a minimum of 7 years following the completion of a project in accordance with Australian tax law requirements.

When personal information is no longer required, we take reasonable steps to destroy it or de-identify it. Records stored in cloud-based systems are deleted in accordance with those platforms’ data retention policies.

Disclosure to Third Parties

Nexasec does not sell, rent, or trade your personal information to third parties for marketing or commercial purposes.

We may share your information with the following categories of third parties strictly as required to deliver our services:

• —
  Equipment suppliers: To facilitate the procurement and warranty of security hardware on your behalf.
• —
  Subcontractors: Where specialist trades (e.g. electricians) are engaged to assist on a project. All subcontractors are bound by confidentiality obligations.
• —
  Payment processors: To securely process credit card and electronic payments. We do not store full card details.
• —
  Accounting & business software: Such as Xero or MYOB, for invoicing and financial record-keeping.
• —
  Monitoring providers: Where a Client has engaged a third-party alarm monitoring service and Nexasec assists with the connection.
• —
  Legal & regulatory authorities: Where required or permitted by law, including in response to a valid legal process or to comply with our licensing obligations.

Before sharing your information with any service provider, we take reasonable steps to ensure that provider has appropriate privacy and security practices in place.

CCTV & Surveillance

Nexasec installs CCTV and other surveillance systems on behalf of Clients. Once installed and handed over, the Client becomes the operator of those systems and assumes full responsibility for their lawful operation.

Clients operating CCTV systems should be aware of the following general obligations (this is not legal advice — consult a solicitor for specific guidance):

• ✓Display clear signage at entry points notifying individuals that CCTV is in operation.
• ✓Position cameras to capture only areas you are lawfully entitled to surveil — generally your own property and not areas where individuals have a reasonable expectation of privacy (e.g. neighbouring properties, public footpaths from a private angle).
• ✓In Victoria, the Surveillance Devices Act 1999 (Vic) restricts the use of optical surveillance devices — familiarise yourself with its provisions before operating your system.
• ✓Store footage securely and limit access to authorised personnel. Do not share footage without a lawful basis.
• ✓Respond to access requests from individuals who appear in your footage, where required by law.

Where Nexasec technicians photograph or video record your property during an assessment or installation for operational purposes (e.g. to document cable runs, equipment placement, or site conditions), those images are retained in our job management system and are not shared except as required for service delivery.

Website & Cookies

When you visit nexasec.com.au, our web hosting and analytics providers may automatically collect certain non-personally identifiable information including your IP address, browser type, operating system, referring URL, pages visited, and time of visit.

Our website may use cookies — small text files stored in your browser — to improve your experience and gather aggregated usage statistics. Cookies do not identify you personally. You can disable cookies through your browser settings, though some website features may not function correctly as a result.

We may use third-party analytics services (such as Google Analytics) to understand how visitors use our website. These services collect anonymised usage data and are governed by their own privacy policies. We do not use these tools to build personal profiles of individual visitors.

Personal information submitted through our website contact form (name, email, phone, enquiry details) is used solely to respond to your enquiry and is handled in accordance with this policy.

Marketing Communications

Nexasec may send you service-related communications including appointment reminders, quote follow-ups, invoice notifications, and warranty expiry reminders. These are transactional in nature and are not subject to marketing opt-out requirements.

We may occasionally send you promotional communications about Nexasec services, special offers, or industry information if you have consented to receive them. We comply with the Spam Act 2003 (Cth) — all marketing emails include a clear unsubscribe link and we will action opt-out requests promptly.

To opt out of marketing communications at any time, click the unsubscribe link in any marketing email, email us at info@nexasec.com.au, or call us on 0494 580 608. Opting out of marketing will not affect the delivery of transactional communications related to your active service engagement.

Your Rights

Under the Australian Privacy Principles, you have the following rights in relation to your personal information held by Nexasec:

To exercise any of these rights, contact us in writing at info@nexasec.com.au or Unit SC004/52 Hallam S Rd, Hallam VIC 3803. We may need to verify your identity before processing your request.

Data Breach Notification

Nexasec is subject to the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act. In the event of an eligible data breach — one that is likely to result in serious harm to any individual whose information is involved — we will:

1. 1

   Notify the Office of the Australian Information Commissioner (OAIC) as soon as practicable.

2. 2

   Notify affected individuals directly where their contact details are known, or publish a statement on our website where direct notification is not practicable.

3. 3

   Include in any notification: a description of the breach, the kind of information involved, and the steps we recommend individuals take in response.

We maintain an internal data breach response plan and conduct periodic reviews of our security practices to minimise the risk of a breach occurring.

Overseas Disclosure

Nexasec primarily stores and processes personal information within Australia. Some of our third-party service providers (such as cloud-based accounting, project management, or communication software) may store data on overseas servers, including in the United States or European Union.

Where personal information is disclosed to overseas recipients, we take reasonable steps to ensure those recipients handle your information consistently with the Australian Privacy Principles. This may include relying on contractual protections (such as data processing agreements) or ensuring the recipient is located in a country with comparable privacy protections.

By providing your personal information to Nexasec, you consent to its potential transfer to overseas service providers as described above, where necessary for the ordinary operation of our business.

Children’s Privacy

Nexasec’s services are directed at adults. We do not knowingly collect personal information from children under the age of 18. All enquiries and service agreements must be made by an adult authorised to act on behalf of the property or organisation.

If we become aware that we have inadvertently collected personal information from a minor, we will take steps to delete that information promptly. If you believe we may have collected information from a child, please contact us at info@nexasec.com.au.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. The current version of this policy is always available on our website at nexasec.com.au/privacy, and the “Last Updated” date at the top of this page will reflect when it was most recently revised.

We encourage you to review this policy periodically. Your continued engagement with Nexasec following a policy update constitutes your acceptance of the revised terms. Where a change is material, we will make reasonable efforts to notify active Clients directly.

Contact & Complaints

If you have a privacy concern, wish to access or correct your personal information, or want to make a complaint, please contact our team:

We will acknowledge your complaint within 5 business days and aim to resolve it within 30 days. If you are not satisfied with our response, you have the right to escalate your complaint to the Office of the Australian Information Commissioner (OAIC):