Privacy Policy

www.nextquestion.ai

Type of website: Platform for fund manager due diligence.
Last updated: 6th day of April, 2025

www.nextquestion.ai (the "Site") is owned and operated by Nextquestion Pty Ltd. Nextquestion Pty Ltd can be contacted at: mail@nextquestion.ai

Purpose

The purpose of this privacy policy (this "Privacy Policy") is to inform users of our Site of the following:

  • The personal data we will collect;
  • Use of collected data;
  • Who has access to the data collected;
  • The rights of Site users; and
  • The Site's cookie policy.

This Privacy Policy applies in addition to the terms and conditions of our Site.

Consent

By using our Site users agree that they consent to:

  • The conditions set out in this Privacy Policy; and
  • The collection, use, and retention of the data listed in this Privacy Policy.

Additional Terms for Account Holders and Due Diligence Application Users

Users who create an account on our platform or use our underlying application for fund manager due diligence are subject to additional privacy terms and measures as stipulated in separate agreements. These additional terms may include:

  • More extensive data protection measures;
  • Additional confidentiality requirements;
  • Specific terms regarding the handling of sensitive financial information;
  • Industry-specific compliance requirements; and
  • Client-specific data handling procedures.

These separate agreements will be presented to you during the account creation process or before accessing the due diligence application features. The terms in those agreements supplement this Privacy Policy and may contain more specific provisions related to your use of those services.

Personal Data We Collect

We only collect data that helps us achieve the purpose set out in this Privacy Policy. We will not collect any additional data beyond the data listed below without notifying you first.

Data Collected Automatically

When you visit and use our Site, we may automatically collect and store the following information:

  • IP address;
  • Location;
  • Clicked links; and
  • Content viewed.

Data Collected in a Non-Automatic Way

We may also collect the following data when you perform certain functions on our Site:

  • First and last name;
  • Email address;
  • Phone number;
  • Company details;
  • Address; and
  • Auto fill data.

This data may be collected using the following methods:

  • By creating an account; and
  • By populating forms including contact and newsletter subscriptions.

How We Use Personal Data

Data collected on our Site will only be used for the purposes specified in this Privacy Policy or indicated on the relevant pages of our Site. We will not use your data beyond what we disclose in this Privacy Policy.

The data we collect automatically is used for the following purposes:

  • For statistics and to provide content suited to user attributes;
  • To improve our product and services;
  • To better understand how users interact with our platform;
  • To detect, prevent, and address misuse, fraud, or abuse of our site, product, or company.

The data we collect when the user performs certain functions may be used for the following purposes:

  • For communications with your consent;
  • To provide tailored content & features to users;
  • To better service information about our product or offering;
  • To improve our product features and functionality based on user needs and preferences;
  • To verify identity and prevent unauthorized access or misuse of our services.

Who We Share Personal Data With

Employees
We may disclose user data to any member of our organisation who reasonably needs access to user data to achieve the purposes set out in this Privacy Policy.

Third Parties
We may share user data with the following third parties:

  • Airtable;
  • Slack;
  • Amazon Web Services;
  • Stripe;
  • Google Cloud Platform;
  • Google Analytics;
  • Google Tag Manager;
  • Google Ads;
  • Google Optimize;

We may share the following user data with third parties:

  • User information.

We may share user data with third parties for the following purposes:

  • Targeted advertising; and
  • Features & content suited to user attributes;
  • Security monitoring, fraud prevention, and threat detection;
  • Audit, compliance, and regulatory requirements (under strict confidentiality agreements).

Third parties will not be able to access user data beyond what is reasonably necessary to achieve the given purpose.

Other Disclosures

We will not sell or share your data with other third parties, except in the following cases:

  • If the law requires it;
  • If it is required for any legal proceeding;
  • To prove or protect our legal rights; and
  • To buyers or potential buyers of this company in the event that we seek to sell the company.

If you follow hyperlinks from our Site to another Site, please note that we are not responsible for and have no control over their privacy policies and practices.

How Long We Store Personal Data

User data will be stored until the purpose the data was collected for has been achieved. You will be notified if your data is kept for longer than this period.

Specific retention periods for different types of data include:

  • Account information: Retained for the duration of your account and for up to 12 months after account closure;
  • Transaction data: Retained for up to 7 years as required by tax and financial regulations;
  • Communications data: Retained for up to 3 years after your last interaction with us;
  • Usage data: Retained in an anonymized form for up to 2 years for analytical purposes.

How We Protect Your Personal Data

All data is only accessible to our employees, officers or agents of the company. Employees, agents and officers are bound by strict confidentiality agreements and a breach of this agreement would result in material breach of contract.

Data Storage Methods
We store your personal information using industry-standard security measures including:

  • Secure servers with encryption;
  • Password protection and access control systems;
  • Regular security updates and patches.

While we take all reasonable precautions to ensure that user data is secure and that users are protected, there always remains the risk of harm. The Internet as a whole can be insecure at times and therefore we are unable to guarantee the security of user data beyond what is reasonably practical.

International Data Transfers

We disclose user personal data to the following countries:

  • United States of America.
  • Australia.

When we transfer user personal data we will protect that data as described in this Privacy Policy and comply with applicable legal requirements for transferring personal data internationally.

Children

We do not knowingly collect or use personal data from children under 16 years of age. If we learn that we have collected personal data from a child under 16 years of age, the personal data will be deleted as soon as possible. If a child under 16 years of age has provided us with personal data their parent or guardian may contact our privacy officer.

How to Access, Modify, Delete, or Challenge the Data Collected

If you would like to know if we have collected your personal data, how we have used your personal data, if we have disclosed your personal data and to who we disclosed your personal data, or if you would like your data to be deleted or modified in any way, please contact our privacy officer here: mail@nextquestion.ai

Correction of Personal Information

If you believe that any personal information we hold about you is incorrect, incomplete, or inaccurate, you may request that we correct it. To request a correction:

  1. Contact our privacy officer at mail@nextquestion.ai
  2. Specify the information you believe is inaccurate and provide the correct information
  3. We will respond to your request within 30 days
  4. If we decline to correct the information, we will provide reasons and information about how you can complain about our decision

Complaints Process for Privacy Breaches

If you believe that your privacy has been breached or that we have not adhered to this Privacy Policy or the Australian Privacy Principles, you can make a complaint by:

  1. Contacting our privacy officer at mail@nextquestion.ai
  2. Providing details of the incident or complaint
  3. Including your contact information

How Complaints Will Be Handled

When we receive a complaint, we will:

  1. Acknowledge receipt of your complaint within 5 business days
  2. Investigate the complaint and consult relevant staff as needed
  3. Notify you of the outcome of our investigation within 30 days
  4. Take appropriate measures to address the issue and prevent recurrence
  5. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au

Data Breach Procedures

In the event of a data breach that could result in serious harm to individuals whose personal information is involved, we will:

  1. Contain the breach and take immediate remedial action
  2. Assess the risks associated with the breach
  3. Notify affected individuals and the OAIC if required under the Notifiable Data Breaches scheme
  4. Review the incident and take steps to prevent future breaches

Collection Notices

In addition to this Privacy Policy, we provide specific collection notices at the time of collecting personal information that detail:

  • The purpose for which we are collecting the information
  • The types of third parties to whom we may disclose the information
  • Whether the information will be disclosed overseas and to which countries
  • How you can access and correct your information
  • How you can complain about a privacy breach

These collection notices supplement this Privacy Policy and are provided when you create an account, subscribe to our newsletter, or engage with our other services.

Cookie Policy

A cookie is a small file, stored on a user's hard drive by a website. Its purpose is to collect data relating to the user's browsing habits. You can choose to be notified each time a cookie is transmitted. You can also choose to disable cookies entirely in your internet browser, but this may decrease the quality of your user experience.

We use the following types of cookies on our Site:

  • Analytical cookies
    Analytical cookies allow us to improve the design and functionality of our Site by collecting data on how you access our Site, for example data on the content you access, how long you stay on our Site, etc;
  • Targeting cookies
    Targeting cookies collect data on how you use the Site and your preferences. This allows us to personalise the information you see on our Site for you; and
  • Third-Party Cookies
    Third-party cookies are created by a website other than ours. We may use third-party cookies to achieve the following purposes:
  • Monitor user preferences to tailor advertisements around their interests.

Modifications

This Privacy Policy may be amended from time to time in order to maintain compliance with the law and to reflect any changes to our data collection process. When we amend this Privacy Policy we will update the "Effective Date" at the top of this Privacy Policy. We recommend that our users periodically review our Privacy Policy to ensure that they are notified of any updates. If necessary, we may notify users by email of changes to this Privacy Policy.

Additional Policy Information

Physical Copies: A physical copy of this Privacy Policy is available upon request by contacting our privacy officer.

Staff Training: Our staff are regularly trained on privacy procedures and obligations to ensure compliance with the Australian Privacy Principles.

Privacy Audits: We conduct regular privacy audits to ensure ongoing compliance with this Privacy Policy and applicable privacy laws.

Contact Information

If you have any questions, concerns or complaints, you can contact our privacy officer at: mail@nextquestion.ai