PRIVACY POLICY

LNXchange Platform

Last updated: 14 February 2026

ABOUT US

The LNXchange Platform ("Platform") is part of the Lex Nova ecosystem, which operates through three distinct but interconnected Australian entities:

(a) Lex Nova Guild Ltd (ACN 693 788 760) ("the Guild") — a not-for-profit company limited by guarantee and registered charity that serves as the professional standards body for Guild members. The Guild governs membership eligibility, quality frameworks, professional conduct, and ethical standards.

(b) Libris Pty Ltd (ACN 643 327 146) ("Libris", "we", "us" or "our") — the proprietary company that manages the day-to-day operations of the Guild and operates the Platform under licence from LNXchange Pty Ltd. Libris manages platform access, oversees member vetting, facilitates payments between practices, handles administrative functions, and manages dispute resolution logistics.

(c) LNXchange Pty Ltd (ACN 692 844 938) ("LNXchange") — the proprietary company that owns, develops, and licences the software which powers the Platform.

In this policy, references to "we", "us" or "our" refer to Libris Pty Ltd as the operator of the Platform. References to "Lex Nova Entities" means the Guild, Libris, and LNXchange collectively.

This privacy policy sets out how we handle your personal information when you access or use the Platform, consistent with the Australian Privacy Principles within the Privacy Act 1988 (Cth).

For the purposes of this policy, personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether it is recorded in a material form or not.

We review this policy periodically to ensure it is kept relevant and up to date and we may make changes at any time by publishing the amended version on the Platform.

1. INFORMATION WE COLLECT

In the process of operating the Platform and providing services to Guild members, we may collect the following categories of personal information:

(a) Identity and contact information: your name, business name, contact number, email address, business address, and the names and contact details of Legal Practitioners associated with your practice.

(b) Professional information: practising certificate numbers and jurisdictions, areas of legal expertise, professional qualifications, years of experience, professional indemnity insurance details, and membership category.

(c) Eligibility and vetting information: information provided during the membership application and vetting process, including references, disciplinary history, financial stability information, and statutory declarations.

(d) Platform usage information: your profile information, capacity status, job posts, proposals, matter summaries, engagement records, time records, invoices, communications with other members through the Platform, and ratings or feedback.

(e) Financial information: bank account details, payment information, invoicing records, and transaction history processed through the Platform clearing house.

(f) Device and technical information: IP address, browser type, device type, operating system, date and time of access, pages viewed, and your use of features or applications on the Platform (collectively, "Usage Data").

If you do not provide us with the personal information we request, we may be unable to provide you with access to the Platform or the full range of our services and, depending on the information withheld, you may be ineligible for Guild membership or Platform access.

Sensitive information

We will only collect sensitive information about you with your consent, unless we are otherwise allowed or required by law to collect that information. We do not generally require sensitive information to operate the Platform. If you provide us with sensitive information, we will treat it with the highest confidence and only use or disclose it for the purpose for which it was collected or as otherwise authorised by you or required by law.

2. HOW WE COLLECT INFORMATION

Information collected from you

Most of the personal information we collect will be collected directly from you. This may occur when you:

  • apply for Guild membership
  • create or update your profile on the Platform
  • post a job, respond to a job, or enter into an Engagement through the Platform
  • submit invoices, time records, or other billing information through the Platform
  • communicate with other members or with us through the Platform
  • participate in surveys, professional development events, or other Guild activities
  • contact or interact with us by email, phone, or other forms of communication
  • visit the Platform or any associated website

Information collected from third parties

We may collect your personal information from third parties, including:

  • the Guild, in connection with your membership application, vetting, ongoing eligibility monitoring, or disciplinary processes
  • LNXchange, in connection with the technical operation and maintenance of the Platform
  • other Guild members, where they provide information about you in connection with an Engagement, dispute, or feedback process
  • law societies, regulatory bodies, or professional standards organisations, in connection with verification of practising certificates, disciplinary history, or professional standing
  • referees nominated by you during the membership application process
  • payment processors and financial institutions, in connection with the processing of payments through the Platform clearing house
  • publicly available sources, including court records, regulatory registers, and professional directories

Information collected automatically

When you access or use the Platform, we and our third-party service providers may use cookies, web beacons, and similar technologies to automatically collect Usage Data. Usage Data helps us maintain, improve, and secure the Platform. Usage Data is usually non-identifying, but if it can be used to identify you, we will treat it as personal information.

We may use cookies to keep track of your preferences and compile aggregate data about Platform traffic and usage. You may configure your device to disable or reject cookies, however this may affect your ability to use certain features of the Platform.

3. PURPOSE OF COLLECTION, USE AND DISCLOSURE

We collect, use and disclose your personal information for the following purposes:

(a) Operating the Platform: to provide you with access to the Platform, facilitate Engagements between Guild members, process payments through the clearing house, generate Matter Summaries, and provide related Platform services.

(b) Guild membership administration: to process and assess membership applications, conduct vetting and eligibility checks, monitor ongoing eligibility, administer membership fees, and maintain the register of members.

(c) Quality assurance and professional standards: to monitor and enforce professional standards, quality frameworks, and compliance with the Member Code of Conduct and Ethics Policy.

(d) Dispute resolution: to facilitate the resolution of disputes between members, including disputes arising under the Standard Engagement Terms for Legal Services, and to support disciplinary processes under the Guild Constitution.

(e) Communication: to send you notices, updates, and information relating to the Platform, your membership, your Engagements, and Guild activities.

(f) Security and fraud prevention: to protect the security of the Platform and its users, detect and prevent fraud, and enforce our terms of service.

(g) Improvement and analytics: to analyse Platform usage, improve our services, develop new features, and conduct research and reporting on Platform activity using de-identified or aggregated data where possible.

(h) Payment processing: to process payments, issue invoices, calculate and deduct Transaction Fees, and manage financial records associated with the clearing house.

(i) Legal compliance: to comply with applicable laws, regulations, court orders, and lawful requests from regulatory or law enforcement authorities.

(j) Professional development: to provide and facilitate professional development, training, and networking activities for Guild members.

(k) Marketing: to send you information about Guild services, events, and initiatives (subject to your right to opt out at any time).

4. DISCLOSURE OF PERSONAL INFORMATION

Disclosure within the Lex Nova Entities

You acknowledge and consent that your personal information may be disclosed to, shared between, and used by any of the three Lex Nova Entities (the Guild, Libris, and LNXchange) to the extent reasonably necessary for:

  • operating the Platform and providing Platform services
  • administering Guild membership, including vetting, eligibility monitoring, and disciplinary processes
  • processing payments and administering the clearing house
  • maintaining, developing, and improving the Platform software and services
  • enforcing professional standards, the Member Code of Conduct, and Guild policies
  • facilitating dispute resolution processes
  • complying with legal and regulatory obligations
  • any other purpose described in section 3 of this policy

Each Lex Nova Entity that receives your personal information is bound to handle it in accordance with the Australian Privacy Principles and this policy.

Disclosure to other Guild members

Where you participate in Engagements through the Platform, certain personal information (including your name, practice name, areas of expertise, capacity status, experience, and professional qualifications) will be visible to other Guild members through your Platform profile. When you enter into an Engagement, additional information (including your contact details and information contained in the Matter Summary) will be shared with the other party to that Engagement as necessary for the performance of services.

Disclosure to other third parties

We may also disclose your personal information to:

  • payment processors, banks, and financial institutions, for the purpose of processing payments through the clearing house
  • law societies, regulatory bodies, and professional standards organisations, where required for verification of eligibility, practising certificates, or in connection with professional conduct matters
  • professional advisors, including lawyers, accountants, and auditors engaged by any Lex Nova Entity
  • information technology service providers, including hosting providers, cloud storage providers, and software developers engaged by any Lex Nova Entity
  • mediators and dispute resolution practitioners appointed in connection with disputes under the Guild Constitution or the Standard Engagement Terms
  • insurers, in connection with professional indemnity insurance matters
  • any person to whom disclosure is required or authorised by or under law, including in response to a court order or lawful request from a regulatory or law enforcement authority
  • any person with your consent

We will not sell or provide your personal information to any third party for the purposes of direct marketing without your informed consent.

5. DIRECT MARKETING

We may send you direct marketing materials relating to Guild services, events, professional development opportunities, and Platform features. We will only do so where you would reasonably expect to receive such communications or where you have consented.

You may opt out of receiving direct marketing communications at any time by:

  • using the unsubscribe facility in any marketing email
  • updating your communication preferences on the Platform
  • contacting us using the details provided in section 11 below

6. CROSS-BORDER DISCLOSURE

Our preference is to use service providers based in Australia. However, some of our technology service providers (including cloud hosting and data storage providers) may store or process personal information outside Australia.

Before disclosing personal information to an overseas recipient, we will take reasonable steps to ensure that the overseas recipient handles your personal information in a manner consistent with the Australian Privacy Principles, or that you have otherwise consented to the disclosure.

We will update this section if we become aware that personal information is being stored or processed in specific overseas jurisdictions.

7. DATA SECURITY

The security of your personal information is important to us. We take reasonable steps to protect your personal information from unauthorised access, use, modification, disclosure, or other misuse, including:

  • using encryption (including SSL/TLS) to protect personal information transmitted through the Platform
  • hosting the Platform on servers located in secure data centres with industry-standard physical and technical security controls
  • implementing access controls so that personal information is only accessible to authorised personnel on a need-to-know basis
  • requiring all personnel and contractors engaged by us to comply with this privacy policy and any additional confidentiality obligations
  • reviewing the security practices of third-party service providers who process or store personal information on our behalf
  • conducting regular security assessments and updates

While we take all reasonable steps to protect your personal information, no method of electronic transmission or storage is completely secure. You access and use the Platform at your own risk. We cannot accept responsibility for misuse or loss of, or unauthorised access to, personal information where the security of the information is not within our control.

Notifiable Data Breaches

If a data breach occurs that is likely to result in serious harm to you, we will notify you and the Office of the Australian Information Commissioner as soon as practicable, in accordance with Part IIIC of the Privacy Act 1988 (Cth).

In addition to the measures we take to protect your personal information, you should:

  • keep your Platform login credentials confidential
  • enable any multi-factor authentication features we provide
  • log out of the Platform at the end of each session
  • notify us immediately if you become aware of any unauthorised access to your account

8. DATA RETENTION AND DESTRUCTION

We will retain your personal information for as long as it is needed for the purposes for which it was collected, or as required by law. Specific retention periods include:

  • Platform account and profile data: retained for the duration of your Guild membership and for 7 years after cessation of membership (consistent with the Guild's obligation to maintain records of former members under the Constitution).
  • Engagement records (including Matter Summaries, invoices, and payment records): retained for 7 years after the completion or termination of the relevant Engagement, to comply with taxation, financial reporting, and professional record-keeping obligations.
  • Usage Data: retained in identifiable form for up to 2 years, after which it is de-identified or deleted.
  • Membership application records for unsuccessful applicants: retained for 12 months after the decision, then destroyed.

When we no longer need your personal information for a permitted purpose and we are not required to retain it by law, we will take reasonable steps to destroy it or ensure that it is de-identified.

9. ACCESS AND CORRECTION

If you are a user of the Platform, you can view and update certain personal information at any time via your account on the Platform.

You may also request access to or correction of your personal information held by us by contacting us using the details in section 11 below. We will respond to your request within 30 days.

We will provide you with access to your personal information unless there is a legitimate reason at law not to do so (for example, where providing access would unreasonably impact the privacy of other individuals, or where the information relates to existing or anticipated legal proceedings).

If we are satisfied that your personal information is inaccurate, out-of-date, incomplete, irrelevant, or misleading, we will take reasonable steps to correct it. We will also notify any Lex Nova Entity or third party to whom we have previously disclosed the information, unless it is impracticable or unlawful to do so.

10. RESOLVING CONCERNS

If you have a concern or complaint about how we have handled your personal information, please contact us in writing using the details in section 11 below, outlining the nature of your complaint.

We will endeavour to respond to your complaint within 30 days of receipt.

If your complaint is not satisfactorily resolved, you may contact the Office of the Australian Information Commissioner:

  • Website: www.oaic.gov.au
  • Phone: 1300 363 992
  • Email: enquiries@oaic.gov.au

11. CONTACT US

If you have questions, concerns, or requests regarding this privacy policy or our handling of your personal information, please contact us at:

Libris Pty Ltd (ACN 643 327 146)
Platform Operator – LNXchange Platform

Email: info@lexnova.com.au

Mailing address:
360 Bell Street
Preston, VIC 3072
Australia

You may also direct privacy-related enquiries to us related to Lex Nova Guild Ltd (ACN 693 788 760) and we will process them on behalf of the Lex Nova Guild.

12. UPDATING THIS POLICY

We may update this privacy policy from time to time to reflect changes in our practices, the Platform, or applicable laws. We will publish the amended version on the Platform and, where the changes are material, we will notify you through the Platform or by email.

The current version of this policy will always be available on the Platform.

We may do things in addition to what is stated in this privacy policy to comply with the Australian Privacy Principles, and nothing in this policy shall be taken to deem us to have not complied with the Australian Privacy Principles.