Privacy Policy

Thank you for visiting the Nexus Ingredient website Nexus www.nexusingredient.com. We take the protection of your personal data seriously and want you to feel safe and comfortable when visiting our website.

In the case of mere informational use of the website, we only collect the personal data that your browser transmits to our server and that is technically necessary for the presentation of our website and the guarantee of stability and security.

If you have consented accordingly or if we are legally authorised to do so, we collect personal data from you as a user of the web site in order to provide you with content on the web site on the one hand and to offer you further services on the other hand.

Therefore, it goes without saying that we comply with Australia`s statutory data protection regulations the Privacy Act 1988 (Privacy Act) and treat personal data as strictly confidential. Nexus Ingredient with ABN: ABN 52 636 182 931 of Suite 898, 585 Little Collins Street Vic 3000 Australia (hereinafter referred to as “Nexus Ingredient” or “we”) operates the website and we are also the APP Entity (Controller).

What this privacy policy regulates

This privacy policy governs the handling of personal data. It describes what personal data we collect when you use our website and how we use it. Personal data is individual information about personal or factual circumstances of a specific or identifiable natural person. This includes information such as your name, address, telephone number or date of birth. Statistical information that cannot be directly or indirectly linked to you – such as the popularity of individual website on our website or the number of users of a site – is not personal data.

Your rights

The following provides a brief overview of the Australian Privacy Principles (APP) for further information please continue reading or refer to the Office of the Australian Information Commissioner’s website.

APP 1: Open and transparent management of personal information. This ensures that APP entities manage personal information in an open and transparent way. This includes having a clearly expressed and up to date privacy policy.

APP 2: Anonymity and pseudonymity. Requires APP entities to give individuals the option of not identifying themselves, or of using a pseudonym. Limited exceptions apply.

APP 3: Collection of solicited personal information. Outlines when an APP entity can collect personal information that is solicited. It applies higher standards to the collection of sensitive information.

APP 4: Dealing with unsolicited personal information. Outlines how APP entities must deal with unsolicited personal information.

APP 5: Notification of the collection of personal information. Outlines when and in what circumstances an APP entity that collects personal information must tell an individual about certain matters.

APP 6: Use or disclosure of personal information. Outlines the circumstances in which an APP entity may use or disclose personal information that it holds.

APP 7: Direct marketing. An organisation may only use or disclose personal information for direct marketing purposes if certain conditions are met.

APP 8: Cross-border disclosure of personal information. Outlines the steps an APP entity must take to protect personal information before it is disclosed overseas.

APP 9: Adoption, use or disclosure of government related identifiers. Outlines the limited circumstances when an organisation may adopt a government related identifier of an individual as its own identifier or use or disclose a government related identifier of an individual.

APP 10: Quality of personal information. An APP entity must take reasonable steps to ensure the personal information it collects is accurate, up to date and complete. An entity must also take reasonable steps to ensure the personal information it uses or discloses is accurate, up to date, complete and relevant, having regard to the purpose of the use or disclosure.

APP 11: Security of personal information. An APP entity must take reasonable steps to protect personal information it holds from misuse, interference, and loss, and from unauthorised access, modification or disclosure. An entity has obligations to destroy or de-identify personal information in certain circumstances.

APP 12: Access to personal information. Outlines an APP entity’s obligations when an individual requests to be given access to personal information held about them by the entity. This includes a requirement to provide access unless a specific exception applies.

APP 13: Correction of personal information. Outlines an APP entity’s obligations in relation to correcting the personal information it holds about individuals.

Legal basis for data processing on our website

Based on your consent: Insofar as you have given us consent to process personal data for specific purposes, the lawfulness of this processing is based on your consent. Consent given can be revoked at any time. The revocation of consent does not affect the lawfulness of the data processed until the revocation.

For the fulfilment of contractual obligations: In some cases, the processing of your data is also carried out for the fulfilment of a contract concluded with you at your request or for the fulfilment of a pre-contractual measure, such as in the context of a service obligation towards you. Further details on the relevant data processing purposes can be found in the relevant contractual documents and conditions of participation.

Within the framework of the balancing of interests: Where necessary, we process your data to protect our legitimate interests or the legitimate interests of third parties. These are, for example:

• Use of cookies (more details on this below)
• Assertion of legal claims and defence in legal disputes
• Ensuring stability and security.

Purposes of data processing on our website: Insofar as we process your personal data on our website, this is done for the purposes outlined below:

• Technical provision of the website and monitoring its functionality
• Statistical analysis of the use of the website
• Collection of your device data (through the use of cookies)

How we use information

The main reason we use your information is to provide and improve our services. We also use your information to protect you and to provide you with advertisements that may be of interest to you. Read on for a more detailed explanation of the various reasons we use your information, along with practical examples.

• To provide our services to you
• To provide you with customer support and respond to your enquiries
• To complete your transactions
• To communicate with you about our services
• To improve our services and develop new services
• To develop new features and services
• To prevent, detect and respond to fraud or other illegal or unauthorised activities
• To address ongoing or perceived misconduct
• To perform data analysis to better understand these activities and develop countermeasures
• To retain data related to fraudulent activity to prevent recurrence
• To ensure compliance with laws
• To comply with legal requirements
• To assist law enforcement
• To enforce or exercise our rights, for example, our terms of use

Data processing

We process your personal data on our website in different ways:

(1) Hosting and log files

The hosting services we use are for the provision of the following services: Infrastructure and website services, computing capacity, storage space and database services, security services and technical maintenance services, which we use for the purpose of operating this online offer.

In doing so, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors of this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer.

We, or rather our hosting provider, collect data on every access to this online offer on the basis of our legitimate interests, we, or our hosting provider, collect data about each access to the server on which this service is located (so-called server log files). The access data includes the name of the web site accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.

The IP address is stored for 14 days for security reasons (e.g., to clarify acts of abuse or fraud) and then deleted. Data whose further storage is necessary for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified (e.g., further log file information).

Every time you access our website, your browser automatically sends certain information to the website server to enable communication between your browser and the server. This information is stored in a so-called log file. This includes, for example, information about

• the type and version of the browser you are using,
• the operating system you use,
• the website from which you came to the current page,
• the host name (IP address) of your computer and
• the time at which the page was accessed.

We also use the information transmitted to our server by your browser in anonymised form – i.e. without it being possible to draw any conclusions about you – to analyse and improve our services. In this way we can, for example, discover possible errors or determine on which days and at what times our web sites are particularly heavily used.

(2) Contact

When you contact us, e.g., via our contact forms or by e-mail, the data you provide (e.g., your e-mail address, possibly your name, your telephone number, etc.) is processed by us in order to process your enquiry and, if necessary, to contact you. We delete the data accruing in this context when it is no longer required for the aforementioned purpose, provided that the deletion does not conflict with any statutory retention obligations.

The legal basis for data processing is our legitimate interest. If you provide us with personal data of another person, you must first take the necessary data protection measures for this, e.g., obtain the required prior consent of this person and inform him or her of the purpose for which you are transferring the data to us.

(3) Use of cookies

When you visit our website, we use data collection technologies such as cookies, tags, and pixels in your browser to collect specific information about your current browsing session. These technologies are often commonly referred to as “cookies” on other websites. Cookies also allow our website to remember your actions and preferences (e.g., login details, language, font size and other display preferences) for a period of time so that you do not have to keep re-entering them on your next visit or when navigating from one page to another. We use cookies for various purposes. Different requirements and legal bases apply to the use of these cookies, depending on their purpose. The legal basis for the use of cookies is your consent and our legitimate interest. For further information please see our Cookie Policy.

(4) Direct marketing

The legal basis for the processing of your personal data in the context of direct marketing measures is either your consent or our legitimate interest in marketing and promoting our services. The purpose of processing your personal data in the context of direct marketing measures is to send information, offers and, if applicable, to promote our services.

Your personal data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected; this is the case in particular upon receipt of the revocation or objection. You can revoke your consent at any time for the future or object to the processing of your personal data in the context of direct marketing measures at any time for the future.

(5) Contractual Relationship

In order to establish or implement the contractual relationship with our clients, it is regularly necessary to process the personal master, contract, and payment data provided to us. We also process client and prospect data for evaluation and marketing purposes. This processing is carried out on the legal basis of our legitimate interest and serves our interest in further developing our offer and informing you specifically about our offers. Further data processing may take place if you have consented or if this serves the fulfilment of a legal obligation.

(6) Commercial and business services

We process data of our contractual and business partners, e.g., customers and interested parties in the context of contractual and comparable legal relationships as well as related measures and in the context of communication with contractual partners (or pre-contractual), e.g., to answer inquiries.

We process this data to fulfil our contractual obligations, to secure our rights and for the purposes of the administrative tasks associated with this information as well as for business organisation. We only disclose the data of the contractual partners to third parties within the scope of the applicable law to the extent that this is necessary for the aforementioned purposes or for the fulfilment of legal obligations or with the consent of the contractual partners (e.g., mortgage brokers, solicitors, builders and developers, and other auxiliary services as well as subcontractors, banks, tax and legal advisers, payment service providers or tax authorities).

Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organisational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioural marketing. And, the Legal bases are Contractual performance and pre-contractual inquiries, Legal obligation, and our Legitimate interests.

(7) Technical services

We process the data of our customers and clients in order to enable them to select, purchase or commission the selected services or products. The required information is identified as such in the context of the order, purchase order or comparable contract conclusion and includes the information required for the provision of services and billing as well as contact information.

Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organisational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioural marketing. And, the Legal bases are Contractual performance and pre-contractual inquiries, Legal obligation, and our Legitimate interests.

(8) Administration, financial accounting, office organisation, contact management

We process data in the context of administrative tasks as well as organisation of our operations, financial accounting and compliance with legal obligations, such as archiving. In this regard, we process the same data that we process in the course of providing our contractual services. The purpose and our interest in the processing lies in the administration, financial accounting, office organisation, archiving of data, i.e., tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of data with regard to contractual services and contractual communication corresponds to the data mentioned in these processing activities.

In this context, we disclose or transfer data to the tax authorities, consultants, such as tax advisors or auditors, as well as other fee offices and payment service providers.

Furthermore, based on our business interests, we store information on suppliers, event organisers and other business partners, e.g., for the purpose of contacting them at a later date. This data, most of which is company-related, is generally stored permanently.

Common principles for the processing of your data on our website

1. a) Recipients of the data

Only those internal offices or organisational units as well as other companies affiliated with us under company law will receive your data insofar as this is necessary for the fulfilment of our contractual and legal obligations or we require the data in the context of processing and implementing our legitimate interests.

Your data will be passed on to external recipients in connection with the processing of the contract, insofar as we are obliged to provide information, report or pass on data in order to fulfil legal requirements, you have given us permission to pass on data to third parties or to external service providers who act as order processors on our behalf or perform functions for us (e.g. IT service providers, data centres, data shredders or courier services, marketing, recruiting, security, credit services, logistics, telecommunications, and financial service providers).

1. b) Duration of storage

Your personal data will be stored on the basis of your consent for the purpose of fulfilling a contract or for the exercise of legitimate interests. However, if you withdraw your consent or object to the data processing or the purpose of processing has ceased to exist, the images and other personal data will be deleted from the Nexus Ingredient computer systems or removed from the web sites and social media pages of the shopping centres managed by Nexus Ingredient within a reasonable period of time, unless their – temporary – further processing is required due to statutory retention obligations.

1. c) Transfer of your data to a third country

We transfer your data to bodies based in countries outside Australia that act as processors for us (e.g., our Subsidiaries in the UK and the USA). In addition, your data may be transferred to providers of social media plugins; please refer to their privacy policies for further details.

If there is no official decision on an adequate level of data protection for the country in question, we conclude contracts in accordance with applicable data protection regulations that ensure that your rights and freedoms are adequately protected and guaranteed. We will be happy to provide you with detailed information on request.

Otherwise, we do not transfer your personal data to countries outside Australia or to international organisations.

1. d) Your rights as a person affected by data collection

If you exercise your rights, in accordance with applicable law, we will communicate the rectification or erasure of your personal data or the restriction of processing implemented in accordance with your request to all recipients to whom the personal data have been disclosed, unless such communication is impossible or involves a disproportionate effort.

If you wish to exercise your rights and/or receive all relevant information, please contact us using the contact details provided. We will respond within 1 month of receiving your request at the latest.

If the data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of such data for the purpose of such marketing. If you object to the processing for direct marketing purposes, this data will no longer be processed for these purposes.

Changes to our privacy policy

We reserve the right to amend this privacy policy from time to time so that it always complies with the current legal requirements or in order to implement changes to our services in the privacy policy, e.g., when introducing new services. The new privacy policy will then apply to your next visit.

Questions about data protection

If you have any questions about data protection or would like to exercise your rights as set out above, please contact us.