Privacy Policy

Privacy Policy for XGY Pty Ltd

Last updated: March 30, 2026

XGY Pty Ltd ("XGY", "we", "our" or "us") respects your privacy and is committed to handling personal information responsibly.

This Privacy Policy explains how we collect, use, disclose, store and otherwise handle personal information in connection with our website, products, software, services, sales, support and related business operations.

We seek to handle personal information in accordance with applicable privacy laws, including the Privacy Act 1988 (Cth) and the Australian Privacy Principles, and, where applicable, the General Data Protection Regulation (GDPR).

Our services are intended for businesses and professional users. We do not knowingly collect personal information from individuals under 18 years of age.

1. What Personal Information We Collect

We may collect personal information that is reasonably necessary for our business functions and activities, including:

• Contact and business information, such as your name, business email address, phone number, company name, job title, billing address, shipping address, and communication preferences.
• Transaction and account information, such as quotation history, orders, invoices, payment status, warranty records, and support history.
• Website and online usage information, such as IP address, browser type, referring URLs, pages visited, and website interaction data collected through cookies, analytics tools, and similar technologies.
• Product, software, and diagnostic information, such as device identifiers, MAC addresses, host names, licence status, system logs, crash reports, diagnostic information, and performance-related usage data generated through the use of our products, software, or services.
• Communications and inquiry records, such as emails, support tickets, call notes, and other information you provide when contacting us.

2. How We Collect Personal Information

We may collect personal information in the following ways:

• Directly from you, such as when you request a quote, place an order, register a product, create an account, contact us, or request support.
• Automatically, when you visit our website or use our online services, through cookies, server logs, analytics tools, and similar technologies.
• From our products and software, where diagnostic, licensing, update-related, or telemetry information is generated or transmitted during installation, activation, operation, maintenance, or support.
• From third parties, such as distributors, resellers, event organisers, logistics providers, payment providers, or other business partners, where they are permitted to share that information with us.

You can usually manage cookie settings through your browser preferences. However, disabling certain cookies may affect website functionality.

3. Why We Use Personal Information

We may use personal information for the following purposes:

• to provide quotations, process orders, arrange delivery, and manage customer accounts;
• to provide customer service, warranty service, repairs, returns, technical support, and product registration;
• to operate, maintain, secure, troubleshoot, and improve our website, products, software, and services;
• to administer licences, verify compliance with applicable licence terms, and help prevent misuse, fraud, or security incidents;
• to communicate with you about orders, support matters, service notices, technical updates, firmware and software updates, and other operational matters;
• to send marketing communications, technical newsletters, and promotional materials where permitted by law and subject to your marketing preferences;
• to comply with legal, regulatory, tax, accounting, contractual, and internal governance obligations.

Where the GDPR applies, our legal bases for processing may include:

• performance of a contract;
• compliance with legal obligations;
• our legitimate interests in operating and improving our business, products, and services; and
• your consent, where consent is required.

4. How We Disclose Personal Information

We do not sell personal information. We may disclose personal information to:

• distributors, resellers, and channel partners involved in sales, fulfilment, or local support;
• payment processors and financial service providers to process transactions;
• shipping, warehousing, and logistics providers to deliver products and manage returns;
• IT, cloud hosting, analytics, communications, security, CRM, and support service providers that help us operate our business and systems;
• professional advisers, such as lawyers, accountants, auditors, and insurers;
• regulators, courts, law enforcement agencies, government bodies, or other third parties where required or authorised by law; and
• parties involved in a merger, acquisition, restructuring, financing, or sale of all or part of our business, subject to appropriate confidentiality arrangements.

We do not store full credit card details on XGY systems unless specifically stated otherwise in a separate payment process or agreement.

5. Overseas Disclosure and International Processing

We may store or process personal information in Australia and in other countries where our service providers or business partners operate.

Where we disclose personal information to overseas recipients, we take reasonable steps to ensure that it is handled in a manner consistent with applicable privacy laws. Where required, this may include contractual safeguards or other legally recognised transfer mechanisms.

6. Data Retention

We retain personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide products and services, maintain business records, resolve disputes, enforce agreements, and comply with legal, tax, accounting, and regulatory obligations.

Retention periods may vary depending on the nature of the information and applicable legal requirements. For example, certain tax, accounting, transaction and business records may be retained for at least 5 years, or longer where required or permitted by applicable law.

When personal information is no longer reasonably required, we will take reasonable steps to destroy it or de-identify it, unless we are required or permitted by law to retain it.

7. Data Security

We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure.

These steps may include technical, administrative, and physical safeguards such as access controls, secure hosting environments, encryption in transit where appropriate, staff access limitations, and internal security procedures.

No method of transmission over the internet or electronic storage is completely secure. However, we seek to use commercially reasonable measures to protect personal information.

If we become aware of a data breach, we will investigate it promptly and, where required under the Notifiable Data Breaches (NDB) scheme or other applicable law, notify affected individuals and relevant regulators, including the OAIC.

8. Your Rights and Choices

Subject to applicable law, you may have the right to:

• request access to the personal information we hold about you;
• request correction of inaccurate, incomplete, or outdated personal information;
• request deletion of personal information in certain circumstances;
• request restriction of processing in certain circumstances;
• object to certain types of processing;
• request portability of certain personal information, where applicable; and
• withdraw consent where we rely on consent, without affecting the lawfulness of processing carried out before withdrawal.

You may also opt out of marketing communications by using the unsubscribe link in our emails or by contacting us directly. Even if you opt out of marketing, we may still send you non-promotional communications relating to orders, accounts, support, security, licensing, or service updates.

Where available, certain products or services may allow you to adjust diagnostic or telemetry settings. Disabling those settings may affect functionality, support, licensing, security features, or update delivery.

9. Access, Correction, and Complaints

If you would like to request access to or correction of your personal information, or if you wish to make a privacy complaint, please contact us using the details below.

We will review your request or complaint and respond within a reasonable period. If you are not satisfied with our response, you may have the right to contact the Office of the Australian Information Commissioner (OAIC). Further information about privacy complaints is available on the OAIC website or, where applicable, from another relevant data protection regulator.

10. Automated Decision-Making

We do not use automated decision-making, including profiling, that produces legal or similarly significant effects on individuals.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business, technology, legal obligations, or privacy practices.

Any updated version will be posted on our website with a revised “Last updated” date. Where appropriate, we may also provide additional notice of material changes.

12. Contact Us

If you have any questions about this Privacy Policy, would like to exercise your privacy rights, or wish to make a privacy complaint, please contact us at: