Privacy Policy

Online Safety Exchange Network (OSXN)

Effective Date: September 1, 2025 | Last Updated: September 1, 2025

1. Introduction

The Online Safety Exchange Network (OSXN) is committed to protecting your personal data and respecting your privacy rights. This Privacy Policy explains how we collect, use, process, and protect your information when you use our professional networking platform designed for online safety practitioners.

Data Controller: Online Safety Exchange Limited
Email: privacy@onlinesafetyexchange.org

2. Information We Collect

2.1 Personal Information You Provide

Account Registration Data:

  • Name and professional title
  • Email address
  • Password (encrypted)
  • Professional sector and role type
  • Experience level and geographic scope
  • Practice focus areas
  • Organization affiliations and roles

Profile Information:

  • Professional bio and summary
  • Profile picture/avatar
  • Contact preferences
  • Language preferences
  • Professional certifications and qualifications

Communication Data:

  • Messages sent through our platform (encrypted)
  • Chat room participation and messages
  • File attachments shared in conversations

Professional Content:

  • News posts and articles created
  • Event listings and announcements
  • Resource library contributions
  • Project collaboration data
  • Organization information and management

2.2 Information Automatically Collected

Technical Data:

  • IP address and location data
  • Device and browser information
  • Session data and cookies
  • Usage analytics and platform interactions
  • Login timestamps and security logs

Platform Activity:

  • Feature usage patterns
  • Navigation and interaction data
  • Error logs and performance metrics
  • Search queries and filter preferences

3. Legal Basis for Processing

We process your personal data based on the following legal grounds:

Contractual Necessity

  • • Account creation and authentication
  • • Platform service delivery
  • • Subscription management and billing
  • • Core messaging and networking features

Legitimate Interest

  • • Platform security and fraud prevention
  • • Service improvement and analytics
  • • Professional networking facilitation
  • • Technical support and troubleshooting

Consent

  • • Marketing communications
  • • Optional profile enhancements
  • • Third-party integrations
  • • Analytics cookies (non-essential)

Legal Obligation

  • • Compliance with data protection laws
  • • Response to legal requests
  • • Regulatory reporting requirements
  • • Child safety reporting obligations

4. How We Use Your Information

4.1 Core Platform Services

  • User Authentication: Secure account access and identity verification
  • Professional Networking: Member discovery and connection facilitation
  • Communication Services: Encrypted messaging, file sharing, and chat rooms
  • Collaboration Tools: Project management, organization coordination, and team formation
  • Content Management: News, events, resources, and knowledge sharing

4.2 Service Enhancement

  • Personalization: Tailored content recommendations and member suggestions
  • Analytics: Usage patterns to improve platform functionality
  • Security: Fraud detection, abuse prevention, and platform protection
  • Support: Technical assistance and user guidance

4.3 Communications

  • Service Updates: Platform announcements and feature updates
  • Security Notifications: Account security and suspicious activity alerts
  • Professional Updates: Relevant industry news and opportunities (with consent)
  • Administrative: Billing, account changes, and policy updates

5. Data Sharing and Disclosure

5.1 Within the Platform

  • Public profile information (name, professional role, organization as you configure)
  • Member directory information for networking (based on privacy settings)
  • Relevant information when joining organizations
  • Information shared with project collaborators

5.2 Service Providers (Data Processors)

We may share data with trusted service providers who assist us in operating the platform:

  • Cloud hosting for secure data storage and platform infrastructure
  • Payment processing for subscription billing and management
  • Email services for transactional and notification emails
  • Analytics providers for platform usage analysis and improvement
  • Security services for fraud detection and platform protection

5.3 Legal Requirements

We may disclose information when required by law:

  • Legal process including court orders, subpoenas, and regulatory requests
  • Child safety mandatory reporting of child abuse material or exploitation
  • Public safety credible threats to public safety or national security
  • Platform protection defending against legal claims or policy violations

6. Your Data Protection Rights

As a data subject, you have the following rights:

Right of Access

Request a copy of the personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data when no longer necessary.

Right to Data Portability

Request your data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests.

Right to Withdraw Consent

Withdraw consent at any time where processing is based on consent.

7. Data Security Measures

We implement comprehensive security measures to protect your personal data:

Technical Safeguards

  • • All messages and sensitive data encrypted at rest and in transit
  • • Role-based access with multi-factor authentication
  • • Firewalls, intrusion detection, and secure protocols
  • • Regular security patches and vulnerability management

Organizational Measures

  • • Regular data protection and security training
  • • Principle of least privilege for data access
  • • Procedures for security breach detection and response
  • • Due diligence and contractual protections for service providers

8. Children's Privacy

OSXN is designed for professional use by individuals 18 years or older. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will delete it promptly and may terminate the associated account.

9. Professional Use Context

Given OSXN's focus on online safety practitioners:

  • Sensitive Content: We recognize that platform discussions may involve sensitive topics related to online safety, child protection, and digital threats. All communications are encrypted and access-controlled.
  • Professional Obligations: Users may have professional obligations regarding data protection, mandated reporting, or confidentiality. This policy operates alongside, not in place of, such professional requirements.
  • Organization Responsibilities: When using OSXN through organizational accounts, users may be subject to additional policies and obligations from their institutions.

Complete Privacy Policy

This page displays the key sections of our Privacy Policy. The complete policy includes additional details on data retention, cookies, updates, and international transfers.

By using OSXN, you acknowledge that you have read and understood our comprehensive approach to privacy and data protection.

Contact Information

Privacy Questions

Email: privacy@onlinesafetyexchange.org

Subject Line: "Privacy Policy Inquiry"

Response Time: 5 business days

Data Subject Requests

Email: privacy@onlinesafetyexchange.org

Subject Line: "Data Subject Request - [Request Type]"

Response Time: 30 days

Document Version: 1.0 | Approved By: Martin Cocker, CEO, Online Safety Exchange

Our approach to privacy is designed to be transparent, comprehensive, and compliant with New Zealand privacy law requirements and GDPR.