Privacy Policy

CXA - Privacy Policy

1. Background

CXA is committed to protecting the privacy of your personal information.

This Privacy Policy tells you how CXA Research Pty Ltd ABN 32 675 514 459 and its related entities (together “CXA”, “us”, “our” or “we”) will handle your personal information in accordance with the Privacy Act 1988 (Cth) (“Privacy Act”) and the Australian Privacy Principles (“APPs”).

This Privacy Policy applies when you visit the Site or use the Services. By visiting the Site or using the Services, you   agree   to   the   terms   of   this   Privacy   Policy.  You   should   not   use   the Services if you do not agree with this Privacy Policy or our Terms of Service.

Capitalised terms in this Privacy Policy have the meaning given to those terms in the Definitions section (below).

2. Definitions

 “Customer” and “User” means any person who uses CXA’s website or products on any Device.

"Data" means any data inputted by you or with your authority through the use of the Services and includes, without limitation, data owned or supplied by you or data which may otherwise be generated, compiled, arranged or developed by you in using the Services.

Device” means any type of device including a computer, mobile phone, tablet or console that meets the minimum specifications required to use the Platform.

Device Information” means data that can be automatically collected from any device used to access the Site or Services, including your Device type, your Device’s network connections, your Device’s name, your Device’s IP address, information about your Device’s web browser and the internet connection used to access the Site or Services, Geolocation Information, information about apps downloaded to your Device; and biometric data (such as Touch ID/Fingerprint).

Geolocation Information” means information that identifies your location by using via longitude and latitude coordinates obtained through GPS, Wi-Fi or cell site triangulation. 

"Services" means any and all services provided by CXA through the Platform, the Site and any other website, mobile site or Platform operated by us from time to time.

Site” means the internet site at the domain at https://CXA.com.au/.

"Platform" means the CXA website (https://cxaresearch.com), online store and products.

Technical Usage Data” means information we collect from your Device that you use to access the Site or Services such as what you have searched for and viewed on the Site, the date and length of your visit and the way you use our Services, including your IP address, statistics regarding how pages are loaded or viewed, the websites you visited before coming to the Sites and other usage and browsing information collected through cookies.

3. What personal information do we collect?

We collect and use personal information from Users of the Services and visitors of the Site.

We generally do not collect sensitive information (as defined under the Privacy Act) and restrict collection of such information to circumstances where we have either obtained your express consent or we are permitted by law.

If you do not allow us to collect all the personal information we reasonably request, we may not be able to deliver the Services to you.

4. How we collect personal information

We may collect your personal information directly from you or in the course of our dealings with you. For example, we collect personal information from you or about you from:

  • your use of our Services;
  • correspondence between you and us;
  • visits to and submissions you make on our Site; 
  • your interactions with our electronic direct mail and/or emails from our marketing campaigns (such as clicks on links included in these emails); and
  • registration and forms you may fill in for our marketing-related activities and events.

In some instances, we may receive personal information about you from third parties, including our related entities, Providers, government agencies and regulatory authorities. We may also receive personal information about you from your authorised third parties and publicly available sources.

5. Why we collect, hold and use personal information 

We collect and hold your personal information for a variety of purposes, and you permit us to use it:

  • to provide you with use of our Site;
  • for purposes related to performing and supplying the Services to you; 
  • to manage our relationship with you (including maintaining a User profile), communicating with you, identifying you when you contact us, responding to your enquiries and keeping records;
  • in order to perform our contractual arrangements with our partners;
  • to ensure the security of our Site and the Services and maintaining back-ups of our database(s);
  • to offer, promote, advertise, market and sell relevant and suitable Services to you; 
  • to send you relevant notifications, electronic direct mail, email marketing campaigns and/or newsletters;
  • for processing payments you have authorised; and
  • for any other purposes identified at the time of collecting your personal information. 
  • In addition to the above, you permit us to use your personal information:
  • where you have consented to its use or disclosure; 
  • to develop and improve our business, the Site and the Services; 
  • for monitoring, research and analysis in relation to our business, the Site and the Services;
  • to involve you in market research, gauging customer satisfaction and seeking feedback;
  • for our internal accounting and administration;
  • where we reasonably believe that use or disclosure is necessary to lessen or prevent a serious, immediate threat to someone's health or safety or the public's health or safety;
  • where we reasonably suspect that unlawful activity has been, is being or may be engaged in and the use or disclosure is a necessary part of our investigation or in reporting the matter to the relevant authorities;
  • in the preparation for, or conduct of, court proceedings or in an administrative or out-of-court procedure (or the implementation of orders of a court or tribunal or on behalf of an enforcement body);
  • for the purpose of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice; and
  • for any lawful purpose.

Where we wish to use or disclose your personal information for other purposes, we will obtain your consent.

6. Disclosure to third parties

By using our Services and/or by providing us with your personal information (or allowing another person to do so), you acknowledge and consent to us disclosing some or all of your personal information to relevant third parties including:

  • to our related entities as necessary for the provision of our Services or to enable them to provide service offerings you have requested;
  • to our third party provider of verification of identity services (in which case you will be asked to agree to the third party provider’s applicable privacy policy and other policies); 
  • payment service providers for any payments you make via the Services;
  • to a person that uses the Services on your behalf and/or a person you have authorised; 
  • if you enable third party applications to be used in conjunction with the Services, to those third party applications, including Facebook (if your account is linked to your Facebook login credentials); 
  • to our partners, contractors, suppliers, subcontractors and service providers, including without limitation our suppliers of IT based solutions that assist us in providing the Services, distributors of direct marketing communications; marketing agencies, insurers and external business advisors; 
  • in accordance with requirements or authorisations under applicable laws or to comply with our legal obligations; and
  • to any other persons contemplated by this Privacy Policy.

We take reasonable steps to ensure that third party recipients are obliged to protect the privacy and security of your personal information and use it only for the purpose for which it is disclosed.

Occasionally, we may be required to disclose your personal information to third parties that are located outside of Australia.  In this instance, we will take all reasonable steps to ensure that those third parties, in whichever jurisdiction, adhere to the terms of this Privacy Policy.

To the maximum extent provided by law, we are not responsible or liable for the protection and privacy of any personal information provided to third parties. You accept and agree that the disclosed personal information will be held by third parties and may be used by them in accordance with the Privacy Act and any privacy policy they may have, and in such circumstances, the third party recipient will be solely responsible for their use of this personal information.

7. How we hold and store personal information

Your personal information is held and stored on paper, by electronic means or both. We have physical, electronic and procedural safeguards in place for personal information and take reasonable steps to ensure that your personal information is protected from misuse, interference, loss and unauthorised access, modification and disclosure.

Data held and stored on paper is stored in secure key-card premises.
Data held and stored electronically is protected by internal and external firewalls, high encryption and all access to electronic data including databases requires password access that meets certain security requirements.

Access to personal information is restricted to staff and contractors whose job description requires access. Our employees and contractors are contractually obliged to maintain the confidentiality of any personal information held by us.

Data stored or archived off-site is contained within secure facilities. We also require our storage contractors to implement privacy safeguards.

We undertake regular data backups, with the data copied and backed up to multiple locations for redundancy purposes.

Our staff receive regular training on privacy procedures.

8. Destruction of personal information

We will retain your personal information whilst it is required for any of our business functions or for any other lawful purpose. 

We use secure methods to destroy, desensitise or de-identify your personal information when it is no longer needed or legally required to be retained. Paper records are sent for secure destruction. In some instances, paper records and original documents will be returned to you and/or relevant third parties.

Electronic records may be archived to alternative storage and are subject to the procedural safeguards described above.

9. Request to delete personal information and data

You are entitled to request the deletion of your personal information and/or Data provided we are not required to retain the information by law.

To make such a request, please contact us via the details below and we will attend to the manual deletion of the relevant personal information or Data unless it is unlawful, unreasonable or impracticable for us to do so.

10. Access to and correction of personal data

You have a right to request access to or correction of your personal information held by us.

If you wish to access, correct or update any personal information that we hold about you, please contact us via the details below.

We will respond to your request within a reasonable time of you making the request and give you access in the manner you requested unless it is unreasonable or impracticable for us to do so. There may be reasons why we cannot give you access to the information that you have requested, or we refuse to correct your personal information. In these instances, we will let you know these reasons in writing. 

To assist us to keep our records up to date, please notify us of any changes to your personal information.

11. Data breach

We will take seriously and deal promptly with any accidental or unauthorised loss, use or disclosure of personal information. 

We are subject to the Notifiable Data Breaches Scheme (“NDB Scheme”) under the Privacy Act. In assessing and responding to suspected notifiable data breaches, we will act in accordance with:

  • our applicable policies which incorporate the requirements of the NDB Scheme; and 
  • the guidance of the Office of the Australian Information Commissioner (“OAIC”). 

Where a breach of your personal information occurs that is likely to cause serious harm, we will notify you and make recommendations about the steps you should take in response to the breach. Where required by law, the OAIC will also be notified. 

12. Feedback and surveys

From time to time, you may have the option to participate in surveys or provide feedback intended to improve the services offered by us which may involve providing additional personal information. Your participation in such activities is subject to your consent. 

13. Direct marketing

We may use and disclose your personal information for the purpose of direct marketing to you via direct mail, email, SMS, MMS, targeted digital advertising or any other means of marketing communication, where:

  • you have consented to us doing so; or
  • it is otherwise permitted by law.

You may opt out of direct marketing communications at any time by contacting us or by using opt-out facilities set out in the direct marketing communications.

14. Cookies

A cookie is a small data file that is placed on your computer or mobile device when you visit a website. Website owners widely use cookies in order to make their websites work, or to work more efficiently, as well as to provide reporting information. We use cookies to:

  • personalise your visit to our Site (as a cookie allows a web server to 'remember' visitors on subsequent visits without having to prompt them for information previously supplied. A cookie can also remember courses previously viewed by a site visitor);
  • provide information about us to you while you browse; and
  • obtain non-identifying information about your demographic group and general interests.

You may elect to disable cookies and/or geolocation sharing at any time. 

Our Site may contain links to other websites of interest. However, we note that once you have used those links to leave our Site we do not have control over that other website and are not responsible for the protection and privacy of any information you provide whilst visiting such sites, and such sites are not governed by this Privacy Policy. You should exercise caution and look at the privacy policy applicable to the site(s) in question.

15. Changes to this privacy policy

We may update our Privacy Policy from time to time by publishing a new version on our Site. By continuing to use our website or otherwise continuing to deal with us, you accept this Privacy Policy as it applies from time to time.

16. Complaints

We have procedures in place for dealing with complaints and concerns about our practices in relation to the Privacy Act, the APPs, and any alleged breach of this Privacy Policy. We will respond to your complaint in accordance with the relevant provisions of the APPs. For further information, please contact us.

17. Contact

You can contact us via info@cxaresearch.com

Get in contact

This site is protected by hCaptcha and the hCaptcha Privacy Policy and Terms of Service apply.