Privacy Policy

NETCOMM PRIVACY POLICY

Last updated: 26 May 2025

OUR COMMITMENT TO PRIVACY

NetComm Wireless Pty Ltd, together with our subsidiaries and affiliates (collectively, the Company, our, we or us), respects and takes your privacy seriously. We are committed to managing your personal information in accordance with the relevant local privacy and data protection laws which apply to us such as:

the Australian Privacy Principles (APPs) under the Australian Privacy Act 1988 (Cth) (Privacy Act);
the New Zealand Information Privacy Principles (NZ IPPs) under the New Zealand Privacy Act 2020 (NZ) (NZ Privacy Act);
the California Consumer Privacy Act 2018 (CCPA);
the General Data Protection Regulation (EU) 2016/679 (EU GDPR);
the EU GDPR as incorporated in the UK (UK GDPR) and the UK Data Protection Act 2018;
the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA); and
other local applicable privacy laws,

(together, the Privacy Laws).

This document tells you how we generally manage your personal information (also referred in this Privacy Policy and some Privacy Laws as “personal data”) and is referred to as our Privacy Policy.

This Privacy Policy applies to all personal information collected by us, or submitted to us, whether offline or online, including, without limitation, when you use the NetComm Fixed Broadband Dispatch portal, Help Desk portal, Return Authority portal, a CloudMesh device, our mobile applications, our website http://www.netcomm.com/ (including any subdomains) and any content, functionality and services offered on, by or through it (collectively, our Website and Services) or through our official social media channel pages which we control (such as our LinkedIn page).

This Privacy Policy is designed to help keep you informed of various matters including:

what personal information we collect from and hold about you;
how we collect, hold, use, maintain, protect and disclose your personal information; and
your rights in respect of your personal information.

PLEASE REVIEW THIS PRIVACY POLICY BEFORE USING OUR WEBSITE AND SERVICES OR PROVIDING US WITH YOUR PERSONAL INFORMATION. IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY, DO NOT USE OUR WEBSITE AND SERVICES OR PROVIDE US WITH YOUR PERSONAL INFORMATION. BY ACCESSING OR USING OUR WEBSITE AND SERVICES OR PROVIDING US WITH YOUR PERSONAL INFORMATION, YOU AGREE TO YOUR PERSONAL INFORMATIONAL BEING HANDLED IN ACCORDANCE WITH THE TERMS OF THIS PRIVACY POLICY.

PERSONAL INFORMATION WE COLLECT ABOUT YOU

From our Website and Services

We collect several types of personal information from and about you in connection with your use of or interaction with our Website and Services. We may also collect information that is about you, but individually does not identify you, such as demographic data or information about your Internet connection, the equipment you use to access our Website and Services, and your usage details. Note that personal information does not include aggregated or de-identified information that cannot be used to personally identify you.

We collect this information directly from you when you provide it to us via our Website and Services. We may also automatically collect certain information as you navigate through our Website and Services, such as through your browser or device.

The types of information (including personal information) we collect on or through our Website and Services will vary depending on the circumstances of collection, but will typically include:

Information that you provide at the time you register for use of or access to certain sections of our Website and Services, request products or services, register for newsletters or other communications from us, enter a contest or promotion sponsored by us, or report a problem with our Website and Services such as your name, postal address, telephone and mobile number(s), email address, business contacts, marital status, information about your family and identification numbers and documents.
Information you provide us when you register your product purchase with us. This may include your name, address, telephone and mobile number(s), email address, and company information in addition to your product information.
Your responses to surveys that we might ask you to complete for research or other purposes.
Your search queries on our Website or Services.
Details of your visits to our Website and Services, including traffic data, location data, logs, other communication data, the resources that you access and use on our Website and Services, referring website URLs and other information about your interactions with us.
Information about your computer and Internet connection, including your IP address, operating system, browser type and language, device-related and hardware information, cookie information, system type and whether you have enabling software to access certain features.

From Our Engagement or Transactions with Suppliers, Partners and Customers

When we engage or transact business with our current or prospective suppliers, partners or customers, we generally create a record of the engagement or transaction which may include your personal information. In most cases, we collect personal information directly from you. The type of personal information that we collect will vary depending on the circumstances, but will typically include:

personal details such as name, title, e-mail address, postal address and other business contact details (telephone, mobile and fax numbers) and professional details (such as a LinkedIn profile);
information about your employer or the organisation you represent; and
any additional personal information that you provide to us, or authorise us to collect, as part of your interaction and transaction with us such as credit or debit card information.

From Our Products

We generally sell our products to third-party partners or resellers, such as Internet service providers, telecommunications providers and cable service providers, who resell or distribute them to their end- user customers. Some of our products may transmit or process data (which may include personal information), such as MAC/IP address, serial numbers, WLAN identifiers, account identifiers, client identifiers, logs, database administration information, username, password, Wi-Fi details, voice over IP details, model numbers, device health metrics, radio spectrum parameters and network connection and data throughput statistics.

Where we have access to the products or any personal information collected by such products, we will comply with this Privacy Policy and applicable Privacy Laws in respect of the personal information.

In respect of some of our products, we do not have access to the products or any personal information collected by such products following our sale to the partner or reseller or to that data. Where this is the case, you should consult the privacy policy of the business or person who sold or provided our products to you to understand what data they collect and how they use it.

The business or person who sold or provided our products to you may, in limited circumstances, engage us to operate remote device management platforms for the products, to configure the products on behalf of end users, or to process end user warranty claims. These circumstances may necessitate our access to certain end user personal information. Such access would be under the direction of the business or person who sold or provided our products to you and subject to the terms of their privacy policy.

With respect to certain consumer access devices, we may collect the personal information of end users as part of our warranty registration process and in connection with technical support inquiries for purposes of providing warranty and support services.

If you are using our CloudMesh integrated suite of devices you can find more information about information collected or processed by such devices at https://www.netcomm.com/legal.

From Job Applicants, Employees and Independent Contractors

We collect personal information from job applicants and potential independent contractors during the recruiting process, such as name, title, contact details, qualifications and work history (including information included in your CV or cover letter). Generally, we will collect this information directly from you. We may also collect personal information from third parties that we choose to involve in the recruiting process (e.g., recruiting agencies / head-hunting companies, job sites or references). Before making an offer, in accordance with applicable laws, we may collect additional details necessary to conduct background checks to determine your suitability for certain positions.

In some circumstances, we may collect personal information that may be classified as “sensitive information” or “special categories” of personal data under applicable Privacy Laws, such as health information (including via an employment medical report), psychometric assessment results, ethnic origin, biometric information (namely, fingerprint and facial recognition information for the purpose of recognition in access control systems) and other sensitive or special categories of information you provide to us when you apply for a job or engagement with us or during your time working with us. We only collect sensitive or special categories of information from you to the extent this information is relevant to the job or engagement for which you are applying or your role with us and only in accordance with applicable Privacy Laws.

There may be other relevant privacy terms that relate to you as set out, as applicable, in your offer letter, employment agreement or independent contractors agreement.

If you become an employee or independent contractor of the Company, we may collect additional personal information (e.g., date of birth, address, Government issued ID card number / information, marital status, educational background, next of kin, salary and debit card / bank account information, CCTV footage etc.) from you for the purposes of your employment or engagement, such as for compensation and benefit purposes, for our Diversity and Inclusion reporting and programs or to comply with our legal obligations in respect of our employees and independent contractors.

If you are located in the EU or UK, our GDPR Privacy Notice and Personnel Data Retention Policy will also apply to you. If you are a California resident, our CCPA Employee Privacy Notice will also apply to you.

Other

We may collect personal information based on other interactions we may have with you, including in- person, at industry or trade events, by e-mail, voice-mail, via social media, CCTV (when you attend our premises) and via other forms of correspondence or interaction.

We may also collect personal data from the carrier as part of our “drop ship” service offered in Australia and New Zealand with respect to our RG consumer access devices. We share this information with our delivery partners for shipping purposes.

ANONYMOUS INTERACTIONS

We will provide you with the opportunity to remain anonymous or use a pseudonym in your dealings with us where it is lawful and practicable (e.g., when making a general inquiry). Generally, it is not practicable for us to deal with individuals anonymously or pseudonymously on an ongoing basis. If we do not collect personal information about you, you may be unable to utilise our services or participate in our events, programs or activities.

For users of our CloudMesh-branded devices, it is currently not possible to configure those devices to prevent them from collecting personal data. If you want to remain anonymous, you should not use the CloudMesh-branded devices.

HOW WE USE THE PERSONAL INFORMATION THAT WE COLLECT

We will only process your personal information in accordance with applicable laws, including the Privacy Laws.

Where you are based in:

Canada, that is when you have consented, either expressly or impliedly, to our use of your personal information; or
the EU or UK,

we may process your personal data using the following legal bases:

- performance of a contract: where we need to perform a contract which we are about to enter into or have entered into with you as a party or to take steps at your request before entering into such a contract;
- legal obligation: the processing is necessary for us to comply with our legal obligations;
- legitimate interests: the processing is necessary for our (or a third party’s) legitimate interests, provided that your fundamental rights do not override such interests; or
- consent: you have given your express consent that we may process your information for these specific reasons.

Where you are based in EU or UK and we process special category personal data, we will also ensure we are permitted to do so under applicable Privacy Laws, e.g.:

- we have your explicit consent;
- the processing is necessary for us to comply with our obligations as an employer;
- the processing is necessary for reasons of substantial public interest;
- the processing is necessary to protect your (or someone else’s) vital interests where you are physically or legally incapable of giving consent; or
- the processing is necessary to establish, exercise or defend legal claims.

We use information that we collect about you or that you provide to us, including any personal information, as set out in the following table:

Purpose and/or activity	Legal basis for processing (EU GDPR and UK GDPR)
To present our Website and its contents to you, including storing information about your preferences, speeding up your searches and recognising you when you return to our Website.	Where required by Privacy Laws, on the basis of your consent. Necessary to our legitimate interests: to provide you with an enjoyable customer experience when you visit our Website and improve your browsing experience.
To notify you about changes to our Website.	Necessary to comply with a legal obligation. Necessary to our legitimate interests: to ensure that you have the most up-date terms regarding the use of our Website.
To allow you to participate in interactive features on our Website.	Necessary to our legitimate interests: to provide you with an enjoyable customer experience when you visit our Website and improve your browsing experience.
To manage and protect our business and this Website, including improving data security, troubleshooting data and systems, system maintenance and testing, data hosting and reporting.	Necessary to our legitimate interests: to ensure that our Website is functioning as intended and to see if it can be improved.
To provide you with information you request about the Company or our products.	Necessary to our legitimate interests: to provide you with good customer service and promote our business and its products.
To manage our supplier, partner and customer relationships.	Necessary to our legitimate interests: to maintain and develop further our business relationships with you and our suppliers, partners and customers (as appropriate).
To process orders and provide customers with the products and services they request from us and provide any ongoing support services.	Performance of a contract. Necessary to our legitimate interests: to provide our services to you.
To provide you with notices about your account or your product and service purchases.	Performance of a contract. Necessary to our legitimate interests: to provide our services to you and manage our relationship with you.
For other everyday business purposes such as contract management, IT and website administration and security, fulfillment, analytics, fraud prevention, corporate governance, reporting and legal compliance.	Necessary to our legitimate interests: to ensure the ongoing, efficient and secure running of our Website and our business, including through maintaining information technology services, network and data security and improving. Necessary to comply with a legal obligation to which we are subject.
To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.	Performance of a contract. Necessary to our legitimate interests: to provide our services to you and comply with our obligations under our contract with you.
To provide solutions and other services, such as back-end services and data analytics, to our customers so that they can deliver their products and services to their customers.	Performance of a contract. Necessary to our legitimate interests: to provide our services to you and comply with our obligations under our contract with you.
To research, develop and expand our products and services.	Necessary to our legitimate interests: to increase our knowledge and understanding of, and improve and develop, our products and services and identify ways to grow our business.
To inform you of our activities, products and services.	Necessary to our legitimate interests: to promote our business and our products and services, unless applicable Privacy Laws require consent, in which case, our processing shall be on the basis of your consent.
To develop, promote and administer programs and events which may be of interest to you.	Necessary to our legitimate interests: to develop our relationship with you and improve the reputation and brand of our business, unless applicable Privacy Laws require consent, in which case, our processing shall be on the basis of your consent.
To recruit job applicants and contractors, including processing and assessing applications, conducting psychometric assessments and discharging the Company’s legal obligations.	Performance of a contract. Necessary to comply with a legal obligation. Necessary for legitimate interests: to assess employment candidates.
To manage your employment or engagement, including to process payroll, manage superannuation / pension administration, tax obligations including payment of income tax on behalf of employees and social security and housing provident fund (in certain jurisdictions).	Performance of a contract. Necessary for legitimate interests: to assess employment candidates.
To conduct processes connected to your employment or engagement including in relation to performance, claims, complaints, investigations, psychometric assessments, training and development and/or disciplinary action.	Performance of a contract. Necessary to our legitimate interests to manage your employment and handle any complaints or disciplinary action.
To ensure that the physical condition of employees is sufficient for relevant roles (in certain jurisdictions).	Necessary to comply with a legal obligation.
To ensure the security of our offices and properties and to monitor the attendance of employees (in certain jurisdictions)	Necessary for legitimate interests: to ensure the security of our business, assets, information and attendees at our offices and properties and to monitor employees’ performance of their employee duties.
To respond to inquiries and complaints.	Necessary for legitimate interests: to develop our relationship with you and deal with complaints in a proper and efficient manner. Necessary to comply with a legal obligation.
To notify you of actual or potential defects in our products or services and remedies.	Necessary to comply with a legal obligation.
To perform market research.	Necessary for legitimate interests: to increase our knowledge and understanding of, and improve, our products and services.
To train team members, contractors and other workers.	Necessary to comply with a legal obligation. Performance of a contract.
For warranty registration and support; for shipment of products.	Necessary for legitimate interests: to provide services to our clients.
To configure products on behalf of end users, or to process end user warranty claims.	Necessary for legitimate interests: to provide services to our clients.
To evaluate or conduct a merger, divestiture, restructuring, reorganisation, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.	Necessary for legitimate interests: to manage responsibly the ongoing trading of the business as may be necessary or appropriate in the circumstances.

In addition to the above, we may also use information that we collect about you or that you provide to us, including any personal information:

- - in any other way we may describe when you provide the information;
  - as necessary or appropriate to protect the rights, property, security, and safety of us, our employees, our consumers, our information systems, and the public; and
  - for any other purpose for which you provide it or for which you provide your consent.

Where the EU GDPR or UK GDPR applies to you, we will process your personal data for the purpose for which we collected it and for further purposes only if we deem them compatible with that original purpose.

You are not required to provide any of the above personal data; however, if you choose not to provide certain requested information, you may, for example, be unable to use our Website as you require or we may be unable to provide information or products and services to you as request.

We may also use your personal information to contact you about our own and third parties’ goods and services that may be of interest to you. Where consent to direct marketing communications is required under applicable Privacy Laws, we will ask for your consent separately and clearly. If you do not want to receive direct marketing communications, you can opt-out at any time by:

- - contacting us using the contact information listed below in the Section entitled “Contact Us” below;
  - using the ‘unsubscribe’ link in emails; or
  - if the direct marketing is sent by text, by following the opt out instructions in the text messages you receive.

If you opt-out of receiving marketing material from us, we may still contact you in relation to our ongoing servicing or operational messages necessary for the products or services provided to you.

For more information, see the Section entitled “Choices About How We Use and Disclose Your Information”, below.

Disclosure of Your Personal Information

We may disclose aggregated or de-identified information, and other information that does not identify any individual, without restriction.

We disclose personal information only in accordance with applicable laws, including the Privacy Laws. We may disclose personal information that we collect or you provide as described in this Privacy Policy:

- - To our subsidiaries, other group companies and affiliates, which may be located in foreign jurisdictions. For more information on this, see the International Data Transfers section below.
  - To contractors, service providers and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them. These third parties may also be located in foreign jurisdictions. For more information on this, see the International Data Transfers section below.
  - To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganisation, dissolution, or other sale or transfer of some or all the Company’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by us is among the assets transferred.
  - To third parties to market their products or services to you if you have not opted out of these disclosures or, if required by applicable Privacy Laws, if you have provided your consent. We contractually require these third parties to keep personal information confidential and use it only for the purposes for which we disclose it to them. For more information, see the Section entitled “Choices About How We Use and Disclose Your Information”, below.
  - To third parties in order to respond to subpoenas, defend litigation, conduct an investigation, and to prevent fraud or illegal activity, and protect our interests and legal rights.
  - To banks to pay salaries or other fees or expenses to directors, employees, contractors and workers.
  - To third parties such as Government or official organisations including social security bureau, tax bureau to comply with our legal and contractual obligations in respect of our employees.
  - To fulfill the purpose for which you provide it.
  - For any other purpose disclosed by us when you provide the personal information.
  - With your consent.

We may also disclose your personal information:

- - To comply with any court order, law or legal process, including to respond to any government or regulatory request.
  - To enforce other agreements, including for billing and collection purposes.
  - If we believe disclosure is necessary or appropriate to protect the rights, property or safety of the Company, our customers or others.

If you are an end user of our CloudMesh-branded devices, we may also disclose your personal information we have collected about you to our customers (such as internet service providers) who are providing their products and services to you.

Third parties to whom we have disclosed your personal information may contact you directly to let you know they have collected your personal information and to give you information about their privacy policies.

In no case will we sell or license your data to third parties, except as set forth above or as required or permitted by law.

Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the personal information you provide to us. The following mechanisms provide you with control over your information:

- - Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of our Website may then be inaccessible, restricted or not function properly.

We do not control third parties’ collection or use of your information on our Website to serve interest- based advertising and you should refer to their website privacy policy for additional information. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (NAI) on the NAI’s website.

Links to Third Parties’ Sites and Third-Party Integrations

We may provide links to websites or resources outside of our Website for your informational purposes only. We may also provide links to third party integrations. Third party integrations are websites or platforms that synchronise with our Website to provide you with additional functionality, tools, or services such as maps, sending requested information, etc.

You acknowledge and agree that we are not responsible for the availability of third party sites, resources, or integrations and do not endorse and are not responsible or liable for any content, advertising, goods, services or other materials on, available through, or provided by such sites, resources, or integrations. We are not responsible for the privacy or other practices of such sites and cannot guarantee the security of personal information that you provide, or is collected by, such sites. We encourage you to review the privacy policies and terms and conditions on those linked sites.

DATA SECURITY

We use reasonable organisational, technical, and administrative measures to protect information we collect from you. We do our best to protect your personal information; however, no system for safeguarding personal or other information is 100% secure and although we have taken steps to protect your personal information from being intercepted, accessed, used or disclosed by unauthorised persons, we cannot fully eliminate security risks associated with personal information, including information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on our Website.

Data Retention

Your personal information will be retained for as long as required for the purposes described in this Privacy Policy or insofar as such is necessary for compliance with statutory obligations and for solving any disputes.

To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information; the potential risk of harm from unauthorised use or disclosure of the personal information; the purposes for which we process the personal information and whether we can achieve those purposes through other means; and the applicable legal requirements.

Do Not Track

“Do Not Track” is a privacy preference that you can set in your Internet search browser that sends a signal to a website that you do not want the website operator to track certain browsing information about you. However, because our Website is not configured to detect Do Not Track signals from a user’s computer, we are unable to respond to Do Not Track requests.

We track Website users over time and across third party websites.

ACCESSING AND CORRECTING YOUR PERSONAL INFORMATION

We will take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete and up-to-date. You can help us to do this by letting us know if you notice errors or discrepancies in information we hold about you and letting us know if your personal details change. You may contact us (see the Section entitled “Contact Us” below) to request access to any personal information that you have provided to us, or to request that we correct any such personal information. A summary of your legal rights is set out below:

- - Request access to your personal information (commonly known as a data subject access request). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  - Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, although we may need to verify the accuracy of the new data you provide to us.

We may decline your request to access or correct your personal information in certain circumstances in accordance with local laws and regulations, for example, and without limitation, the Australian Privacy Principles. If we do refuse your request, we will provide you with a reason for our decision.

If you are entitled to any additional legal rights under applicable Privacy Laws (and please see the sections below in respect of rights for individuals located in California, EEA and UK), you may exercise such rights by contacting us (see the Section entitled “Contact Us” below) to submit such request to us.

CHILDREN UNDER THE AGE OF 16

Our Website is not intended for children under 16 years of age. No one under the age of 16 should provide any personal information to or on our Website. We do not knowingly collect personal information from children under 16. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us (see the Section “Contact Us” below).

CALIFORNIA PRIVACY RIGHTS

If you reside in the State of California, this section applies to you in accordance with the California Consumer Privacy Act of 2018 (the CCPA) and other California privacy laws. This California section (CA section) supplements and amends the information contained in the Website Policy with respect to California residents. Any terms defined in the CCPA have the same meaning when used in this section. The other provisions of the Privacy Policy continue to apply except as modified in this CA section.

This section does not apply to the personal information reflecting a written or verbal business-to-business communication (B2B personal information) to the extent that complying with certain requirements of the CCPA is temporarily exempted for such personal information. If you are a California-based resident working for one of our business partners and would like to make a request regarding your rights under CCPA, please send an e-mail to us (see below). This section does not apply to personal information we collect about you as a job applicant to, an employee of, owner of, director of, officer of, or contractor of the Company. This section also does not apply to personal information we collect about you as an employee, owner, director, officer, or contractor of a company, partnership, sole proprietorship, non-profit, or government agency when your communications or transactions with the Company occur solely within the context of the Company conducting due diligence regarding, or providing or receiving a product or service to or from, such company, partnership, sole proprietorship, non-profit, or government agency.

HR Related Personal Information

This subsection only applies to human resources related personal information collected from California-based employees, job applicants, contractors or similar individuals (HR Related Personal Information).

Information We Collect

To carry out our activities and obligations as an employer, we may collect, store and process the following categories of personal data, which we require for the purpose of establishing and/or administering the employment relationship with you, or managing you as our independent contractor:

Identifiers.
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
Protected classification characteristics under California or federal law.
Professional or employment-related information.
Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

We will collect the majority of the personal information that we process directly from you. In very limited circumstances, third parties may provide your personal information to us, such as your former employers when we are conducting a background check with your consent.

Use of Personal Information

We only process your personal information where applicable law permits or requires it, including where the processing is necessary for the performance of an employment contract with you, where the processing is necessary to comply with a legal obligation that applies to us as your employer, for our legitimate interests or the legitimate interests of third parties, to protect your vital interests, or with your consent if applicable law requires consent. We may process your personal data for the following legitimate business purposes and for the purposes of performing the employment contract with you:

- - - Employee administration (including payroll and benefits administration, record retention requirements, communicating with employees and/or employees’ emergency contacts and plan beneficiaries).
    - Business management and planning.
    - Tax related administration (including tax withholding).
    - Processing employee work-related claims (for example, insurance claims).
    - Accounting and auditing.
    - Conducting performance reviews and determining performance requirements.
    - Assessing qualifications for a particular job or task.
    - Gathering evidence for disciplinary action or termination.
    - Preventing unauthorised access to, use, or disclosure/removal of the Company’s property, including the Company’s information systems, electronic devices, network.
    - Complying with applicable law.
    - Designing, implementing, and promoting the Company’s diversity and inclusion programs.
    - Education, training, and development requirements.
    - Health administration services.
    - Complying with health and safety obligations.
    - Customer engagement and other legitimate business purposes.

We will only process your personal information for the purposes we collected it for or for compatible purposes. If we need to process your personal information for an incompatible purpose, we will provide notice to you and, if required by law, seek your consent. We may process your personal information without your knowledge or consent only where required by applicable law or regulation.

Individual End-user Personal Information

This section applies to end users of our products and services who are California residents. We may collect several types of information from and about you in connection with your request for sales support and/or technical support while you are purchasing or after your purchase our products and services.

Information We Collect

As described below, we may collect or have collected in the preceding 12 months the following categories of personal information (“PI” or “personal information”). We may add to the categories of PI we collect and the purpose we use PI. In that case, we will inform you by posting an updated version of this CA Addendum on the Website.

Identifiers. Examples include real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, or other similar identifiers.
Other elements. Examples include name, signature, characteristics or description, address, telephone number, education, employment, employment history, bank account number, credit card number.
Characteristics of protected classifications under California or federal law. Examples include race, religion, and age.
Commercial information. This includes services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Education information. This includes information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, Sec. 1232g; 34 C.F.R. Part 99).
Internet or other electronic network activity. Examples include browsing history, search history, a consumer’s interaction with an internet website, application, or advertisement.
Geolocation data. This might include location information while using one of our apps.
Audio, electronic, visual, thermal, olfactory, or similar information. Examples of this category including identifiable information obtained about you while speaking with our customer service representatives on the telephone.

Professional or employment-related information.

Consumer profile. This includes inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, and behaviours.

PI does not include:

Publicly available information from government records.
Deidentified or aggregated consumer information.
Information excluded from the CCPA’s scope, such as certain health or medical information and other categories of information protected by different laws.

We have collected the following categories of personal information from our end users within the last twelve (12) months:

N/A

Use of Personal Information

We have collected your PI for the following business or commercial purposes. We may change or add to the purposes we collect PI. In that case, we will inform you and obtain your consent when required by law.

To provide you with information, products or services that you request from us.
To fulfill or meet the reason for which the information is provided. For example, if you place an order with us, we will collect your address for delivery/shipping purposes or to fulfill our tax collection and reporting obligations.
To contact you and/or provide you with email alerts and other notices concerning our products or services, or events or news, that may be of interest to you.
To engage in marketing activities, including to help design products and services appropriate for our clients.
To communicate with you in social media concerning our products and services.
To carry out our obligations and enforce our rights including those arising from any contracts entered into between you and us, including for billing, payment, and collections.
To review, improve, and monitor our website, applications, online services, and overall client experience, including to provide customisation to meet the specific needs, ensure a consistent experience, and to assess trends, interests, and the demands of clients.
To provide customer service and engage in quality control activities concerning our products and services.
For testing, research, analysis and product and service development.
To respond to law enforcement requests and as required by applicable law, court order, governmental regulations, or other lawful processes.
As described to you when collecting your personal information or as otherwise set forth in the CCPA.
To process applications for employment, as well as to evaluate and improve our recruiting efforts.
As necessary or appropriate to protect the rights, property, security, and safety of us, our employees, our consumers, our information systems, and the public.
To evaluate or conduct a merger, divestiture, restructuring, reorganisation, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.

We may use or disclose the personal information we collect to provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated or incompatible purposes without providing you notice.

Sharing Personal Information

We may disclose your personal information to our subsidiaries and/or affiliates to fulfill the purpose for which you provide it. In the preceding twelve (12) months, we have disclosed the following categories of personal information to our subsidiaries and/or affiliates.

Categories of Personal Information Disclosed	Categories of Third Parties to Whom Disclosed
Identifiers Other elements Characteristics of protected classifications under California or federal law. Commercial information. Education information. Internet or other electronic network activity. Geolocation data. Audio, electronic, visual, thermal, olfactory, or similar information. Biometric Information. Professional or employment- related information. Consumer profile.	Third parties as directed by you. We will share your PI with those third parties to whom you direct. Our business partners. For example, we might share your PI with one of our business partners for purposes of collaborating on providing services to you, or to invite you to an event we are organising. These business partners should also have their own privacy statements that set out the manner in which they will collect, use, and disclose PI. Where applicable, we encourage you to review each such business partner's privacy statement before signing on with them. Third parties who perform services on our behalf. For example, we share information with certain service providers, including marketing companies, professional service providers, debt collectors, information technology providers, and data storage companies. We might also authorise our service providers to collect PI on our behalf. Governmental entities, legal service providers. We may share your PI in order to comply with the law and in the course of providing our products and services. We may also disclose information if a government agency or investigatory body submits a request. Successors to all or portions of our business. If all or part of our business is sold, we may disclose PI in preparation for or as part of that transaction.

Categories of Personal

Information Disclosed

Categories of Third Parties to Whom Disclosed

Identifiers Other elements

Characteristics of protected classifications under California or federal law.
Commercial information.
Education information.
Internet or other electronic network activity.
Geolocation data. Audio, electronic, visual, thermal, olfactory, or similar information.
Biometric Information.
Professional or employment- related information.
Consumer profile.

Third parties as directed by you. We will share your PI with those third parties to whom you direct.
Our business partners. For example, we might share your PI with one of our business partners for purposes of collaborating on providing services to you, or to invite you to an event we are organising. These business partners should also have their own privacy statements that set out the manner in which they will collect, use, and disclose PI. Where applicable, we encourage you to review each such business partner's privacy statement before signing on with them.
Third parties who perform services on our behalf. For example, we share information with certain service providers, including marketing companies, professional service providers, debt collectors, information technology providers, and data storage companies. We might also authorise our service providers to collect PI on our behalf.
Governmental entities, legal service providers. We may share your PI in order to comply with the law and in the course of providing our products and services. We may also disclose information if a government agency or investigatory body submits a request.
Successors to all or portions of our business. If all or part of our business is sold, we may disclose PI in preparation for or as part of that transaction.

Sources of Personal Information

- You. We may collect personal information from you when you contact us, place an order, schedule an event, register, participate in a contest, promotion, or survey, or apply or inquire about employment; or through web technologies such as browser cookies set when you visit the website or mobile app.

News outlets

- Social media and related services
- Third Parties. We may collect information about you from third parties such as from your employer, through your social media services consistent with your settings on such services, or from other third-party sources that are lawfully entitled to share your data with us.

Do Not Sell

We do not sell your Personal Information as that term is defined under the CCPA.

We do not have actual knowledge that we have sold Personal Information of minors under the age of 16 years.

Your Rights and Choices

Under the CCPA, you have certain rights regarding your data, including:

The right to know the categories of personal information we have collected and the categories of sources from which we obtained the information (see “Information We Collect” above).
The right to know the business or commercial purposes for collecting or selling personal information (see “Use of Personal Information” above).
The right to know the categories of personal information we disclosed or sold for a business purpose.
The right to know the categories of third parties with whom we have shared personal information or sold for a business purpose (see “Sharing Personal Information” above).
The right to access the specific pieces of personal information we have collected and the right to delete your information.
The right to not be discriminated against if you choose to exercise your privacy rights.

Access to Specific Information

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will make the disclosure to you.

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete your personal information from our records, unless an exception applies.

Exercising Access and Deletion Rights

To exercise the access and deletion rights described above, please submit a verifiable consumer request to us (see the Section entitled “Contact Us” below). We seek to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing (which may include email).

A verifiable Consumer request is one made by:

the Consumer who is the subject of the request;
a Consumer on behalf of the Consumer’s minor child; or
a natural person or person registered with the Secretary of State authorised to act on behalf of a consumer.

If we request, you must provide us with sufficient information to verify your identity and/or authority to act on behalf of a Consumer. In general, we may ask you to provide identifying information that we already maintain about you or we may use a third-party verification service. In either event, we will try to avoid asking you for sensitive personal information to verify your identity. We may not be able to respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. However, making a verifiable Consumer request does not require you to create an account with us.

Additionally, you will need to describe your request with sufficient detail to allow us to review, understand, assess, and respond. We will not use the personal information we collect from an individual to determine a verifiable request for any other purpose, except as required by law.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Authorised Agents

You may authorise a natural person, or a business registered with the California Secretary of State to act on your behalf with respect to your rights. When you submit a Request to Know or a Request to Delete, unless you have provided the Authorised Agent with a qualifying power of attorney, you must provide your Authorised Agent written permission (signed by you) to act on your behalf and verify the Authorised Agent’s identity with us. We reserve the right to deny requests from persons or businesses claiming to be Authorised Agents that do not submit sufficient proof of their authorisation.

Other California Privacy Rights

If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your personal information by the Company to third parties for the third parties’ direct marketing purposes. Requests may be made one time per calendar year. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g., requests made in 2018 will receive information regarding 2017 sharing activities). You may submit your request using the contact information in the Section entitled “Contact Us” at the end of this Privacy Policy.

EU GDPR and UK GDPR PRIVACY RIGHTS

If you are located in the European Economic Area (EEA) or the UK, you have the following additional and specific rights in relation to your personal data (where applicable). If you are a job applicant or employee located in the EU or UK, our GDPR Privacy Notice and Personnel Data Retention Policy will also apply to you.

This section incorporates the general provisions of the Website Policy, where applicable. If any provision in the Policy is inconsistent with this EEA/UK section (GDPR section), the terms of this GDPR section shall apply to the processing of personal data subject to the EU GDPR or UK GDPR. Terms used in this GDPR section shall have the meaning ascribed to them by the applicable data protection law, namely, the EU GDPR or UK GDPR, including the definition of personal data.

For purposes of the EU GDPR and UK GDPR, we are the data controller of the personal data we collect about you, including through our Website. As data controller, we process your personal data in accordance with this GDPR section. If you have any questions, you may contact (see the Section entitled “Contact Us” below).

We make every attempt to process your personal data in accordance with applicable law. In addition to the information provided above, individuals located in the EEA and UK have the following rights:

Access: You have the right to request a copy of any personal data we hold about you. We request that your request for access to or a copy of your personal data be in writing and we will endeavour to respond within a reasonable period and in any event within one month.
Rectification: You have the right to request the rectification of your personal data if you believe that it is inaccurate.
Deletion (also known as the right to be forgotten): You have the right to request that we delete the personal data that we process about you in certain circumstances. The right to deletion does not apply in some circumstances (for example, if we need to retain such personal data in order to comply with a legal obligation or to establish, exercise or defend legal claims).
Restriction: You have the right to require us to restrict your personal data in certain circumstances (for example, if you contest the accuracy of your personal data and we are verifying the accuracy of it).
Portability: You have the right to ask us to transfer a copy of your personal data to you in a structured, commonly used and machine-readable format or transmit the personal data to another service provider or third party in certain circumstances.
Objection: You have the right to object to the processing of your personal data in certain circumstances (for example, to your personal data being used for direct marketing purposes or if the processing is for our legitimate interests).
Complaint: If you are unhappy with our treatment of your personal data, and you have contacted us as set out below, you have the right to lodge a complaint with the local data protection authority.
Automated individual decision-making: You have the right not to be subject to automated decisions where the decision produces a legal effect concerning you or similarly significantly affects you.

You also have the right to withdraw, at any time, any consent that you have previously given to us for use of your personal data. In certain circumstances, even if you withdraw your consent, we may still be able to process your personal data if required or permitted by law or for the purpose of exercising or defending our legal rights or meeting our legal and regulatory obligations.

To make a request to exercise any of these rights (where applicable) in relation to your personal data, please contact us (see the Section entitled “Contact Us” below).

INTERNATIONAL DATA TRANSFERS

We are a global organisation. We generally collect personal information or data about you in the United States, Australia or the jurisdiction in which our affiliate with which you are dealing is located. It is likely that your personal information will be transferred outside of the jurisdiction it was collected including:

to one or more of our affiliates, offices or other companies within our group located outside of the jurisdiction in which the personal information was collected for recruitment of staff such as name, title, contact details, qualifications and work history (including information included in your CV or cover letter);
to service providers who may handle, process or store your personal information on our behalf where they are located outside of the jurisdiction in which the personal information was collected; or
where there is an international dimension to the products or services we are providing to you.

The recipients of such personal information may be located in various countries including United States, Australia, UK, and countries in the EEA.

If you are located in the EEA or the UK, we will only make such transfers in compliance with applicable data protection laws. Under EU GDPR and UK GDPR, we can only transfer your personal data to a country or international organisation outside the UK/EEA where:

the UK government or, where the EU GDPR applies, the European Commission has decided the particular country or international organisation ensures an adequate level of protection of personal data (known as an ‘adequacy decision’);
there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for data subjects; or
a specific exception applies under data protection law.

If there is no adequacy decision in place between the EEA or UK and the third country, we generally transfer your personal data to another country using legally-approved transfer mechanisms including, where relevant, by entering into EU or UK standard contractual clauses (or equivalent measures) with the party outside the European Economic Area or UK. The EU standard contractual clauses are available here. To obtain additional information on how we transfer your personal data, please contact us at (see the Section entitled “Contact Us” below).

We may disclose your personal information or data outside the jurisdiction it was collected in accordance with applicable Privacy Laws.

While your personal information is in another jurisdiction, the courts, law enforcement agencies or regulatory bodies may be able to access your personal information in accordance with the laws of that jurisdiction.

COMPLAINTS ABOUT THE HANDLING OF YOUR PERSONAL INFORMATION OR DATA

You may contact us (see the Section entitled “Contact Us” below) at any time if you have any questions or concerns about this Privacy Policy or about the way in which your personal information or data has been handled. You may make a complaint to us at the contact details set out below. We will first consider your complaint to determine whether there are simple or immediate steps which can be taken to resolve the complaint. We will generally respond to your complaint within a week. If your complaint requires more detailed consideration or investigation, we will acknowledge receipt of your complaint within a week and endeavour to complete our investigation into your complaint promptly. We may ask you to provide further information about your complaint and the outcome you are seeking. We will then typically gather relevant facts, locate and review relevant documents, and speak with individuals involved.

In most cases, we will investigate and respond to a complaint within 30 days of receipt of the complaint. If the matter is more complex or our investigation may take longer, we will let you know.

If you are not satisfied with our response to your complaint, or you believe that we have breached applicable laws and regulations with regards to the handling of your personal information, you may be able to file a complaint with a regulator.

If you are located in Australia, you may make a complaint to the Office of the Australian Information Commissioner by telephone at 1300 363 992 or by using the contact details on the website www.oaic.gov.au.

If you are outside of Australia, you may wish to take your complaint up with the local data protection authority in your jurisdiction. As referred to above, if you are located in EEA or UK, the EU GDPR and the UK GDPR give you the right to lodge a complaint with the supervisory authority. In particular, in the EU (or EEA) member state in which you are located. If you are in the UK, the supervisory authority is the Information Commissioner’s Office who may be contacted at https://ico.org.uk/concerns/.

Please contact us (see the Section entitled “Contact Us” below) at if you have any questions about how you can contact your local data protection authority.

CHANGES TO OUR PRIVACY POLICY

We reserve the right to modify this Privacy Policy from time to time in our sole discretion. In the event we make material changes to the Privacy Policy, we will post the modifications on our Website. We will also provide a notice of modifications on the homepage of our Website. We recommend that you visit our Website regularly to keep up to date with any changes.

The date this Privacy Policy was last revised is identified at the top of the page. If you continue to use of our Website or provide further personal information to us following the revision of this Privacy Policy, you will be deemed to have accepted the revised Privacy Policy.

CONTACT US

NetComm Wireless Pty Ltd Level 1, 18-20 Orion Road

Lane Cove, NSW 2066, Australia Attention: Privacy Officer Email: [email protected] Phone: +61 2 9424 2000