Nexus Academyโ† Home
Last updated: 21 June 2026

Privacy Policy

This Privacy Policy explains how Raymond Naylor, sole trader, Australia (ABN 87 716 389 234), trading as Nexus Systems ("we", "us"), collects, uses, discloses, and protects personal information in connection with Nexus Academy (the "Service"). We are the data controller for personal information collected through the Service.

1. Information We Collect

  • Account information: email address, password (stored hashed), and the date you accepted these terms.
  • Subscription information: trial start, subscription status, billing period, and payment-provider IDs (we do not store card numbers).
  • Student profile: the student name, chosen house, pet, and avatar appearance you create. This is stored locally on the device by default.
  • Usage data: learning progress, completed activities, points earned, pages visited.
  • Technical data: IP address, browser type, device identifiers, log data, and approximate location derived from IP.
  • Communications: any messages you send to support.

2. How We Use Your Information

  • To create and operate your account and provide the Service.
  • To process payments and manage subscriptions (via our payment provider).
  • For security, abuse prevention, and fraud detection.
  • To improve the Service, fix bugs, and develop new features.
  • To respond to customer support enquiries.
  • To comply with legal obligations.

3. Legal Basis

We process personal information on the basis of contract performance (to provide the Service you have signed up for), our legitimate interests (security, improvement, and analytics), your consent (where required), and our legal obligations.

4. Sharing Your Information

  • Payment provider (Paddle): Paddle.com Market Limited is our Merchant of Record and processes payments, manages subscriptions, calculates and remits sales tax, and issues invoices.
  • Hosting & infrastructure providers: cloud hosting, database, and edge function providers that store and process data on our behalf under contractual confidentiality and security obligations.
  • Authentication provider: Supabase Inc. (via Lovable Cloud) for account and session management.
  • Professional advisers: legal, accounting, or tax advisers under duties of confidentiality.
  • Authorities: where we are required by law, by court order, or to protect rights and safety.

We do not sell your personal information, and we do not use it for third-party advertising.

5. Australian Privacy Principles

We handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). You may make a complaint about our handling of your personal information by emailing us first; if you are not satisfied with our response, you may complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

6. Your Rights

  • Access the personal information we hold about you.
  • Correct inaccurate or incomplete information.
  • Request deletion of your account and associated personal information.
  • Object to or restrict certain processing.
  • Withdraw consent (where processing is based on consent).
  • Lodge a complaint with a supervisory authority.

To exercise these rights, email nexus.systems.au@gmail.com. We respond within a reasonable time and at most within 30 days.

7. Cookies & Local Storage

The Service uses your browser's localStorage and a small number of essential cookies to keep you signed in, remember your preferences, and store your student's progress on your device. We do not use third-party advertising or marketing cookies. You can clear local storage and cookies at any time using your browser settings; doing so will sign you out and clear locally-stored progress.

8. International Transfers

We are based in Australia. Some of our service providers (including hosting, database, and payment partners) may process personal information in the United States, the European Union, or other countries. By using the Service, you consent to such transfers. Where required, we use contractual safeguards such as Standard Contractual Clauses or rely on adequacy decisions.

9. Security

We use appropriate technical and organisational measures to protect personal information, including encryption in transit (HTTPS/TLS), encryption at rest where supported, access controls, role-based permissions, and routine security reviews. No system is perfectly secure; we cannot guarantee absolute security.

10. Retention

We retain personal information for as long as your account is active and for a reasonable period afterwards to comply with legal obligations, resolve disputes, and enforce our agreements. We delete or anonymise data once it is no longer required.

11. Children

The Service is intended for use by parents or guardians on behalf of children. Accounts must be created by an adult (18+). The Service is not directed at children under 13 to create accounts directly, and we do not knowingly collect personal information from children outside the supervised student-profile context. If you believe a child has created an account or that we have inadvertently collected a child's personal information, contact us and we will promptly remove it.

12. Changes to this Policy

We may update this Policy from time to time. Material changes will update the "Last updated" date above. Continued use of the Service after changes take effect constitutes acceptance of the updated Policy.

13. Contact

For privacy questions or requests, email nexus.systems.au@gmail.com.