Privacy Policy

Effective date: 12 April 2026 · Last updated: 12 April 2026

Applicability: This policy applies to the Nexus POS Platform operated by TruVision Technologies Pty Ltd (ABN pending), including the NexusMobile application (available on Google Play, Apple App Store, and as a web application), the NexusPOS API, and all related services (collectively, “Nexus” or “the Platform”). This policy applies to users in Australia, New Zealand, and any other jurisdiction where Nexus operates.

1. About This Policy

TruVision Technologies Pty Ltd (“TruVision”, “we”, “us”, “our”) is committed to protecting the privacy of individuals whose personal information we handle. This Privacy Policy describes our practices regarding the collection, use, disclosure, storage, and protection of personal information in compliance with the Australian Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), and the privacy requirements of the Google Play Store and Apple App Store.

This policy satisfies the requirements of:

APP 1 — Open and transparent management of personal information
APP 5 — Notification of the collection of personal information
Google Play Data Safety — User data collection and sharing declarations
Apple App Store Review Guidelines §5.1 — Privacy requirements for iOS apps

2. What Personal Information We Collect

2.1 Information provided by your employer

Nexus is an enterprise-sold platform. Individual users do not sign up directly — your employer (the “Tenant”) provisions your account. The Tenant provides:

Your name and email address
Your role assignment (cashier, kitchen, manager, etc.)
Your store assignment(s)

2.2 Information collected automatically

Data type	Purpose	Shared with third parties?
Device identifiers (device ID, platform type)	Device staging, binding, and fleet management	No
App interaction data (screens visited, features used)	App functionality and usage analytics	No
Crash logs and diagnostics	App stability and bug resolution	No
IP address	Security, fraud detection, access control	No

2.3 Information we do NOT collect

We do not collect payment card numbers, CVV, PIN, or track data. All EFTPOS payment processing is handled by third-party providers who are PCI-DSS certified. Nexus never sees, stores, or transmits cardholder data.
We do not collect precise location data, health or fitness data, biometric data, contacts, photos, videos, audio recordings, or web browsing history.
We do not serve advertisements or use advertising identifiers (GAID/IDFA).
We do not track users across other companies' apps or websites.

3. How We Use Personal Information (APP 6)

We use personal information only for the following purposes:

Providing the Nexus service: Authenticating access, processing POS transactions on behalf of your employer, managing device fleet operations, running kitchen display and drive-thru workflows.
Workforce operations: Shift rostering, time-and-attendance tracking, and labour forecasting — all on behalf of your employer as the data controller.
Security and fraud prevention: The Nexus anti-fraud engine analyses transaction patterns to detect anomalies. This processing is automated but no decisions with legal or significant effect on you are made solely by automated means.
App improvement: Crash logs and diagnostics are used to identify and fix bugs. This data is not linked to your identity.

We do not use your personal information for direct marketing, profiling for advertising, or any purpose unrelated to the operation of the Nexus Platform.

4. Who We Share Information With (APP 6)

We do not sell, rent, or trade personal information to any third party.

Recipient	What is shared	Why
Your employer (Tenant administrator)	All operational data created through your use of Nexus	Your employer is the data controller; we process data on their behalf
EFTPOS providers	Transaction amount and terminal ID only — never cardholder data	To authorise and process payments
Hosting provider	Data stored on their servers (encrypted at rest)	Web and database hosting infrastructure

5. Data Storage and Security (APP 11)

All data encrypted in transit using HTTPS/TLS 1.2+
Database credentials stored in encrypted vaults and injected at deploy time — never committed to source code
Platform hosted on servers located in Australia
Database runs on localhost (same-server, not exposed to the internet)
PCI-DSS self-compliance: SAQ-A / SAQ-B-IP classified
Role-based access control (RBAC) on every surface

6. Data Retention and Deletion

Account data: Retained for the duration of the active subscription. Upon deletion request, personal identifiers removed within 30 days.
Transaction records: Anonymised and retained for tax/regulatory compliance (minimum 5 years per Tax Administration Act 1953).
Crash logs: Retained 90 days, then purged.
Device telemetry: Retained while device is bound, deleted upon unbinding.
Post-cancellation: 90-day wind-down for data export, then permanent deletion.

7. Your Rights Under Australian Law

APP 12 — Right of access

You may request access to personal information we hold about you. We will respond within 30 days.

APP 13 — Right of correction

You may request correction of inaccurate, out-of-date, or incomplete personal information. Processed within 30 days.

Right to deletion

You may request deletion of your Nexus account at any time:

In the app: Account Settings → Danger Zone → Delete Account
On the web: truvisiontech.com.au/legal/account-deletion.html
By email: support@nexuspos.truvisiontech.com.au

Right to complain

Contact our Privacy Officer: privacy@truvisiontech.com.au
Or lodge a complaint with the OAIC: oaic.gov.au | 1300 363 992

8. Children's Privacy

Nexus is an enterprise workforce application for adult employees. It is not designed for or marketed to children under 16. We do not knowingly collect children's information.

9. International Data Transfers (APP 8)

Nexus data is processed and stored in Australia. We do not transfer personal information outside Australia except where the recipient is subject to substantially similar privacy protections, you have consented, or the transfer is required by law.

10. Cookies and Tracking

We use only functional session cookies for authentication. No advertising cookies, no third-party analytics, no cross-site tracking, no fingerprinting.

11. Changes to This Policy

Material changes will be notified to Tenant administrators via the Nexus dashboard. The “Last updated” date will be revised. Continued use constitutes acceptance.

12. Contact Us

TruVision Technologies Pty Ltd
Privacy Officer: privacy@truvisiontech.com.au
Support: support@nexuspos.truvisiontech.com.au
Website: truvisiontech.com.au

13. Platform-Specific Disclosures

Google Play (Android)

Data collected: App interactions, crash logs, diagnostics, device IDs
Data shared with third parties: None
Data encrypted in transit: Yes (HTTPS/TLS)
User can request deletion: Yes (in-app + web + email)
Account required: Yes (enterprise-provisioned)

Apple App Store (iOS)

App Tracking Transparency: Not applicable — no cross-app tracking
Privacy Nutrition Labels: Data Used to Track You: None. Data Linked to You: Identifiers, Diagnostics. Data Not Linked to You: Usage Data.
Account deletion: Available in-app (Guideline 5.1.1(v) compliant)