Skip to content Skip to footer
Nexa Group
Close

NEXA Privacy Policy

17 June 2025

Your privacy 

NEXA Group is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or engage with our software solutions. We comply with the Privacy Act 1988 (Cth) including the Australian Privacy Principles (APPs). 

We take our privacy obligations seriously and have prepared this Privacy Policy to explain how we collect, hold, use and disclose your personal information in compliance with the Privacy Law. It is intended to ensure the open and transparent management of your personal information.

This privacy statement is issued by NEXA Group Pty Ltd ABN 63 117 799 676 (“NEXA”, “our”, “we” or “us”) 

 “You” and “Your” means any individual or entity that purchases, subscribes to, or uses our products or services, as well as any representatives acting on behalf of an organisation.

Information we collect 

NEXA is a privacy conscious organisation. This policy demonstrates our commitment to your privacy. 

The types of information we may collect will include:

  • Name, email address, phone numbers and other relevant contact details. 
  • usernames or passwords used to access our services. 
  • health identifiers. 
  • usage information about your visit to our website and how you use our products and services. 
  • records of your communications and interactions with us. 
  • location information. 

How we collect your data 

We use different methods to collect your personal information. The ways we collect it can be broadly categorised into the following; 

Information you provide to us directly: When you visit or use some parts of our website and/or services we might ask you to provide personal data to us. If you choose not to provide us with personal data, it may affect our ability to provide our products and services to you. 

 In Australia, some information is considered ‘sensitive information’. This includes information about sexual orientation, religious beliefs and health identifiers. This type of information is generally afforded a higher level of protection under the Privacy Act. 

 We will only collect sensitive information about you if you have provided the information to us yourself, or if you otherwise consent to us collecting it. 

 Information we collect automatically: We collect some information about you automatically when you visit our website or use our services, like your IP address and device type. We also collect information when you navigate through our website and services, including what pages you looked at and what links you clicked on.  Automatic information collection includes: 

Location Information 
When you use our location-enabled services or appointment check-in functionality, we may collect and process information about your mobile device’s GPS location (including the latitude, longitude or altitude of your mobile device).  We do not store this data, and it is only used at the time we are providing services to you. If you wish to use the particular feature, you will be asked to consent to your data being used for this purpose. You can withdraw your consent at any time by disabling location-services functions on your device, provided your device allows you to do this. 

This service uses the Google Maps API, please see Google Privacy Policy for further information on how to handle your information http://www.google.com/policies/privacy

Google Analytics and Similar Technologies 
We may allow third-party service providers to use cookies or similar technologies to collect information about your browsing activities over time and across different websites following your use of our Services. We may use Google Analytics in connection with NEXA Products and Google may set cookies on your browser or read cookies that are already there. For more information as to how Google uses cookies in relation to NEXA Products, please see “How Google uses data when you use our partners’ sites or apps”, (located at www.google.com/policies/privacy/partners/, or any other URL Google may provide from time to time). 

Information we get from third parties: The majority of information we collect, we collect directly from you. Sometimes we might collect personal data about you from other sources, such as publicly available materials or trusted third parties like our marketing and research partners. We use this information to supplement the personal data we already hold about you, in order to better inform, personalise and improve our services, and to validate the personal data you provide. 

How we hold and use your information 

NEXA protects your personal information from loss, unauthorised access, misuse, or disclosure. This includes implementing appropriate electronic, and managerial procedures to safeguard and secure the information we collect. 

All records containing personal information and data will be accessed and used only for the purpose for which the information was collected. NEXA and its employees will not disclose a record that contains personal information to any other person or agency unless consent to do so is obtained.  

NEXA and its employees will take such steps (if any) as are reasonable in the circumstances to ensure that the personal information that it collects and has access to is accurate, up-to-date and complete. NEXA will protect the personal information it holds from misuse, interference, loss and from unauthorised access, modification or disclosure. The security of information is of upmost importance.

We may use your information for a range of different purposes, including: 

  • to provide you with, and support the operation and functionality of, our products and services. 
  • to enable you to view and monitor your information. 
  • to administer and manage the products and services we provide, to charge and bill for them, and to collect any amounts owing. 
  • to provide, evaluate and support our products and services, including health records management, secure communications and technology services. 
  • to provide you with customer service, including to assist you with enquiries. 
  • to monitor network use, quality and performance, and to operate, maintain, develop, test and upgrade our systems and infrastructure. 
  • as otherwise authorised or required by law. 

 While we also use some application data to gain a better understanding, through analytics programs, of how users utilise our products and services, this is undertaken on an anonymised or aggregated basis only. 

Our disclosure of your personal information 

NEXA is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your personal information with certain third parties without further notice to you, as set forth below: 

Business Transfers
As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganisation, dissolution or similar event, personal information may be part of the transferred assets. 

Consultants and Related Third Parties 
NEXA, like many businesses, sometimes hires other companies and non-employee individuals to perform certain business-related functions. When we employ another entity or person to perform a function of this nature, we only provide them with the information they need to perform their specific function. Their use will be subject to terms that are consistent with our Privacy Policy. 

Legal Requirements 
NEXA may disclose your personal information if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect or defend the rights or property of NEXA or others, (iii) act in urgent circumstances to protect the personal safety of our users or the public, or (iv) protect against legal liability. 

Exclusions 

This Privacy Policy does not apply to any personal information collected by NEXA other than the information collected through our products and services. This Privacy Policy shall not apply to any unsolicited information you provide to NEXA through any means. This includes but is not limited to the information posted to any public areas of the site or our products and services, any ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed non-confidential, and NEXA shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.

Links to other websites 

This Privacy Policy applies only to our products and services. The Site or products and services may contain links to other websites not operated or controlled by NEXA. The policies and procedures we described here do not apply to third-party sites or services. Any links do not imply that NEXA endorses or has reviewed third party sites or services. We suggest contacting those sites directly for information on their privacy policies. 

Data security 

NEXA products and services are designed with your security and privacy as our highest priority. It is important to us to keep your personal information private and confidential. We take all reasonable steps to ensure that your information is handled securely, in accordance with this Privacy Policy and the generally accepted practices for security of data. 

NEXA Applications / Services, Account and Password Protection 

  • NEXA products and services are designed so your user account is only accessible by you (or in certain  circumstances, people you authorise). 
  • Your account is password and 2FA protected. 
  • We enforce a strong password policy and non-reversible hashing or strong encryption for storage of passwords. 
  • After a period of inactivity, your Account requires you to login with your username, password / 2FA   again, as an additional means of protecting your information. 

Data Encryption 

  • All data containing any personally identifiable information stored by NEXA products and services is always encrypted at rest and in transit. 
  • Our security implementation includes strong cryptographic standards. 

Security Monitoring 

  • NEXA products and services are subject to various ongoing security programs.  For some products, this may include penetration testing and real time security vulnerability analysis. 

NEXA Network, Infrastructure and Hosting 

  • Our network and infrastructure are designed around Essential 8 Level 2 security and are hosted in Australian based data centres (AWS). 
  • All communication between NEXA Health applications and our servers is handled over HTTPS/TLS secure connections.  

Data Disposal 

  • NEXA will take reasonable steps to destroy or de-identify personal information where it is no longer necessary to be retained. 
  • Information stored electronically, cloud-based storage, on internal servers or with third-party providers will be permanently destroyed, including any backup system or offsite storage. 

Staff awareness and training 

All NEXA employees and third parties with administrative or privileged technical access to NEXA production systems and networks shall complete privacy awareness training at the time of hire and annually thereafter. Management shall monitor training completion and shall take appropriate steps to ensure compliance with this policy. Employees and contractors shall be aware of relevant information security and data privacy policies and procedures. The company shall ensure that personnel receive security and data privacy training appropriate to their role and data handling responsibilities. 

Direct marketing 

If you are a customer or prospective customer, we may also use your personal information so that we can promote and market our products and services that we think will be of interest to you on an ongoing basis. This will only be done with your consent and if applicable, the consent of the custodian of the data source.

You may opt-out of this type of marketing by following the steps in the marketing communication or contact us using the contact details set out in the “How to contact us” section of this policy. 

Your rights and choices 

You have rights under Australian privacy laws, including:  

  • Accessing your personal data.  
  • Requesting corrections to inaccurate data.  
  • Withdrawing consent for certain data processing.  
  • Opting out of marketing communications. 

If you have any enquires about your rights under Australian privacy law or would like to access or correct any of your personal information, please contact us at [email protected] 

Changes to this privacy policy, reviews and updates. 

This statement is effective as of 17 June 2025. Our business may change from time to time. As a result, it may be necessary for NEXA to make changes to this Privacy Policy. NEXA reserves the right to update or modify this Privacy Policy at any time without prior notice. This policy will be reviewed annually. The latest version can always be found on our website https://nexa.com.au/privacy 

How to contact us 

To keep your personal information accurate, current, and complete, please contact us as specified below. We will take reasonable steps to update or correct personal information in our possession that you have previously submitted. Please also feel free to contact us if you have any questions about NEXAs’ Privacy Policy or our information practices. 

Contact Information 

If you have any questions or comments about our Privacy Policy outlined above, you can contact us at [email protected] 

How to lodge a complaint 

If you’re not happy with how we’ve handled your personal information, please use the contact details above to let us know. We’ll investigate your complaint and respond to you as quickly as possible (usually within 30 days of hearing from you). If your complaint takes longer to resolve, we’ll let you know how the investigation is progressing. 

If you’re not satisfied with how we’ve handled your complaint, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC). The OAIC has the power to investigate the matter and make a determination. For more information, please visit the OAIC’s website. 

Customer Service Management Solutions That Matter

Socials
Menu
Solutions
Industries

Products

Service Design

Who Are We

Contact
Address

Level 6, 1 Newland Street,
Bondi Junction 2022,
NSW Australia

Contact Us
Contact Us

Phone (02) 8383 3800

Enhancing customer experiences with intelligent queue management, appointment scheduling and patient flow solutions. Backed by data-driven insights and industry expertise, NEXA helps businesses streamline operations, reduce wait times and deliver seamless customer service

NEXA © 2025. All Rights Reserved.