This Privacy Policy helps you understand what information we collect and when; how we use, share and secure your personal information; what your rights are according to General Data Protection Regulation and other acts or legislations.
Nexius, Inc. (“Nexius”, “Company” or “We”) respect your privacy and are committed to protecting it through our compliance with this Policy. Nexius allows users, within the same team space to collaborate and share internal information more productively. This Privacy Policy describes how and when user information is collected, used, shared and secured by Nexius when you use Nexius Services. The provisions of this Policy apply to all Nexius Services provided across the Nexius websites and apps (web, desktop and mobile).
This Privacy Policy has been compiled to better serve those who are concerned with how their personal information is used online. Please read this Policy carefully to understand our policies and practices regarding your information and how we handle it.
By using Nexius Services provided across the Nexius websites or downloading the apps (desktop or mobile), you agree to this Privacy Policy. You agree to our information practices, including the collection, use, processing, and sharing of your information as described in this Privacy Policy, as well as the transfer and processing of your information to the United States and other countries globally where we have or use facilities, service providers, or partners, regardless of where you use our Services. You acknowledge that the laws, regulations, and standards of the country in which your information is stored or processed may be different from those of your own country.
If you do not agree with this Policy, do not download, sign up, or use the Nexius, Inc. Services.
What information do we collect from users visiting our website or using our Services?
We may collect the following kinds of information from and about you:
- contact information, such as full name, email address and any contact information that you choose to provide when you sign up for the Services;
- the information you provide when you use our Services while communicating with other members on Nexius, such as the date a file was uploaded;
- the content of all communications on or through the Services: user communications, feedback, suggestions and ideas sent to us or any other information that you provide to us when you contact or engage us for support regarding the Services;
- any other information you choose to upload, share with other users or provide to us directly through the Services;
- information about how you use our Services, such as the types of content you view or engage with or the frequency and duration of your activities.
Nexius may receive information about you from other services you choose to use, such as integrations, according to their terms and policies. We may use information received for the purposes, described in ‘How we use the information we collect’ section of this Policy.
Device information and location
We may collect information from or about the computers, phones or other devices where you install or access our Services, including but not limited to device locations, such as through GPS, Bluetooth, or Wi-Fi signals. We may associate the information we collect from your different devices, to help us provide the Services consistently across your devices.
Log and cookie data
We automatically collect information provided by your browser or operating system through the Services, such as your Internet protocol (IP) address and other browser or device identifiers, browser type, operating system, crash data, pages that you visit before using the Services, the date and time of your visit, information about your activities and actions (the links you follow or pages you view) within the Services and other standard server log information.
Cookie data are small pieces of text used to store information on web browsers. Cookies are used to store and receive identifiers and other information on computers, phones and other devices. Other technologies, including data stored on your web browser or device, identifiers associated with your device and other software, are used for similar purposes. In this Policy, Nexius, Inc. refers to all of these technologies as “cookies”. We use cookies if you have an account (team space) on Nexius. This Policy explains why we use cookies and the choices you have.
Why do we use cookies?
We use cookies to help us provide, protect and improve the Services (which includes the Nexius websites and apps), by personalizing content and providing a safer experience. We may set or log data stored in cookies or local storage objects to automatically collect this information. Your web browser or device offer settings to manage cookie data.
What if you choose to disable cookies in your browser?
Access to some features or Services will be disabled or may function improperly.
Do we intentionally collect data from children under the age of 16?
Nexius Services are not intended for children under 16 years of age, and we do not knowingly collect personal information from children under 16. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information immediately. If you believe we might have any information from or about a child under 16, please contact us at: [email protected].
When do we collect personal information?
Browsing Nexius web pages is possible without indication of personal data. However, if a person wants to use Nexius Services via our website or apps, processing of personal data is necessary for the proper delivery of the Services. The user signs up for a team space account on the Nexius website with the indication of personal data. The personal data we receive is determined by the form used during the signup process. By signing up on the Nexius website, the IP address, date and time (timestamp) of the registration are also stored.
The storage of this data is the only way to prevent the misuse of our Services, and, if necessary, to make it possible to investigate committed offenses. Moreover, the storage of this data is necessary to secure Nexius as a data controller. This data is not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution.
How do we use the information we collect?
We use the collected information to provide and improve the Services delivered by Nexius, Inc. Company. Examples of such use include:
- communicating with you regarding the use of our Services;
- enhancing and promoting the security, integrity and safety of the Services for you and other users;
- operating, maintaining and improving the systems and infrastructure that provide the Services to you;
- personalizing and customizing your experiences as part of our provision of the Services;
- letting you know about updates to our policies and terms;
- while responding to you when you contact us;
- conducting data and system analytics, including research to improve the Services we provide.
In addition to the uses identified in this Privacy Policy, we may use your Personal Information to:
- send information or Nexius content to you, which we think may be of interest to you by email, or other means and send you marketing communications relating to our business, e.g. when you download our ebooks or other marketing content;
- promote use of our Services to you and share promotional and information content with you in accordance with your communication preferences;
- meet legal requirements.
Nexius uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time.
Customer testimonials and comments
We post customer testimonials and comments on our Websites, which may contain Personal Information. We obtain each customer's consent via email prior to posting the customer's name and testimonial.
Use of credit card information
If you give us credit card information, we use it solely to check your financial qualifications and collect payment from you. We use a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use information you provide except for the sole purpose of credit card processing on our behalf.
What information do we collect and use from our newsletter subscribers?
On the Nexius websites, users have an opportunity to subscribe to our newsletter. Nexius informs its customers and business partners regularly by means of a newsletter about product updates and marketing insights. Nexius newsletter is sent to users if: the user has an existing email address and gives consent to subscribe to the newsletter.
During the subscription to the newsletter, we also store the IP address, date and time of the subscription. The collection of this data is necessary to understand the possible misuse of the email address of the user at a later date, and it serves as the legal protection of the Nexius, Inc. company.
The personal data collected as part of a subscription for the newsletter will only be used to send our newsletter. In addition, subscribers to the newsletter may be informed by email in case of modifications to the newsletter delivery, or during the change in technical circumstances. We do not transfer any personal data collected by the newsletter service to third parties.
The subscription to our newsletter may be terminated by the data subject at any time. The consent to the storage of personal data, the data subject has given, may be withdrawn at any time. To withdraw the consent, simply follow the "Unsubscribe" link in the footer of any newsletter email. It is also possible to unsubscribe from the newsletter at any time by getting in touch with our team at Nexius using the ‘Contact information’ section of this Privacy Policy.
Data retention, account deactivation and deletion
We store data until it is no longer necessary to provide our Services or until your account is deleted – whichever comes first. This is a case-by-case determination that depends on the nature of the data, why it is collected and processed, and relevant legal or operational retention needs.
It is your right to request deleting a team space, and we reserve the right to process your request up to 30 business days.
Once the team space is deleted, the team space URL of a deleted team cannot be reused. You can create a new team space any time by choosing any team space URL available.
We do not interfere with the flow of your team space and do not process deleting team space members that can be done by team space owner or admins.
Team space owner can only be suspended or deleted by team space admins.
We can transfer the team space role to any active team space member, upon request from the team space owner themself.
Safety and security
The information that we have is used to help us verify accounts and to promote safety and security on and off our Services: investigating suspicious activity or violations of our terms or policies. Protection of your team space data is a top priority for our teams of engineers, using automated systems and advanced technology such as encryption and machine learning. For example, we use automated technologies to detect suspicious activity, that may harm you, other users or our Services.
How is the information shared?
We may share the information we collect in the following circumstances:
- to third-party service providers who may assist in providing integration services or part of the Services;
- to third-party apps or services that you can connect to through the Services;
- in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Nexius, Inc’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Nexius, Inc. about our users may be transferred to the new owner;
- to help verify accounts and activity, and to promote safety and security on and off our Services, such as by investigating suspicious activity or violations of our terms or policies;
- in response to a legal request if we have evidence that the law requires us to do so, affects users in that jurisdiction, and is consistent with internationally recognized standards;
- as otherwise directed or authorized by you.
Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies. We may also retain information from accounts disabled for violations of our terms for at least a year to prevent repeat abuse or other violations of our terms and policies.
What is our legal basis for processing data?
We collect, process and share the data to:
- provide our Services;
- comply with our legal obligations;
- fulfill our legitimate interests, including our interests in providing personalized, safe and profitable Service to our users and partners, unless those interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data.
What are your rights under the General Data Protection Regulation?
Under the General Data Protection Regulation (GDPR), you have the right to access, rectify, export and erase your data, as well as the right to restrict and object to certain processing of your data including:
- withdraw consent to our processing of your data for direct marketing purposes by using the "Unsubscribe" link in all our marketing communications;
- object to our processing of your data as a part of our legitimate interests or those of a third party by requesting us to delete your account at any time.
How do you access and modify the information we hold about you?
Currently, while Nexius is at the early access stage, you can request us to modify or export the personal identifiable information in Nexius web or desktop apps or by contacting [email protected].
Please note that the processing of data export is done semi-automatic and may take 90 days or more, depending on the amount of data. By the time of public release, we will deliver all the necessary tools for managing, accessing and exporting your data in your Nexius team space settings. Once your request is processed you will see the changes immediately in your team space on Nexius, but the data will be retained by Nexius in the backup copy for a commercially reasonable amount of time.
How do we secure the information we store?
Nexius, Inc. have implemented measures designed to secure your personal information from accidental loss, unauthorized access, use, alteration and disclosure. All information you provide to us is stored on secure servers behind firewalls.
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. Nexius network is quarterly tested on penetration to prevent any potentially vulnerable spots. We use audit policies, file system encryption for database files, data transfer encryption and password encryption on the application layer.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. File system and file storage are encrypted together with isolated storages for each team on Nexius.
In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. Any billing transactions will be encrypted, processed through a gateway provider and not stored or processed on our servers.
We implement a variety of security measures when a user places an order, enters, submits, or accesses their information to maintain the safety of your personal information. Your files and personal information are stored using a GDPR ready third-party provider AWS in a controlled environment with limited access.
High level of privacy is maintained by the access to your team space data by invitation only. While signing in to Nexius you can't guess that the team space exists or find out the team space creator. Sign in to Nexius is implemented with one-time codes, which are more secure and harder to exploit (unlike using a password for a sign in).
Our company also got extensive internal policies and perform regular data protection trainings for our team members. Moreover, our facilities are protected with alarm systems and all confidential documents are locked and appropriately destroyed if no longer needed.
However, safety and security of your information also depend on you. Where we have given you (or where you have chosen) one-time code or password for access to Nexius Services, you are responsible for keeping the code or password confidential. We ask you not to share your code or password with anyone. We urge you to be careful about giving out information in public areas of the Nexius apps. The information you share in public areas may be viewed by any user of the Nexius app.
Unfortunately, the transmission of information via the internet and mobile platforms is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the absolute security of your personal information transmitted through our Nexius apps. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures we provide.
Do we transfer data internationally?
The Services we provide to you together with using the service providers, you understand and agree that information may be stored or processed by us in different locations worldwide. For example, information collected from the European Economic Area (EEA) may be transferred to countries outside of the EEA for the purposes described in this Policy. We maintain standard contract clauses approved by the European Commission, and rely on the Commission decisions on certain countries, dealing with data transfer from the EEA to the United States and other countries. For most recipients of your personal data, this involves only your email address and profile details you provide. This information is vital for us to deliver the Services to you. We have audited our service providers and they have all publicly expressed that they are GDPR compliant.
California Online Privacy Protection Act
CalOPPA is the first state law in the nation to require commercial websites and online services to post a Privacy Policy. The law's reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous Privacy Policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. - See more at: https://consumercal.org/california-online-privacy-protection-act-caloppa/
According to CalOPPA, we agree to the following:
- users can visit our site anonymously;
- once this Privacy Policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website;
- our Privacy Policy link includes the word 'Privacy' and can easily be found on the page specified above;
- you will be notified of any Privacy Policy changes via email, and you can change your personal information by logging in to your account.
How does our site handle Do Not Track signals?
We don't honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. We don't honor them because: DNT is active for guest users.
Does our site allow third-party behavioral tracking?
It's also important to note that we do not allow third-party behavioral tracking.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
- we will notify you via email within 7 business days;
- we also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- send information, respond to inquiries, and/or other requests or questions;
- process orders and to send information and updates pertaining to orders.
To be in accordance with CANSPAM, we agree to the following:
- not use false or misleading subjects or email addresses;
- identify the message as an advertisement in some reasonable way;
- include the physical address of our business or site headquarters;
- monitor third-party email marketing services for compliance, if one is used;
- honor opt-out/unsubscribe requests quickly;
- allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us at [email protected] and we will promptly remove you from ALL correspondence.
How will we notify you of changes to this Policy?
We update this Privacy Policy in a reasonable time and inform all our users with a timely newsletter notice. The date the Privacy Policy was last revised is identified at the top of the page. You are responsible for periodically visiting this Privacy Policy to check for any changes.
Contact information
To ask questions about this Privacy Policy, request execution of GDPR rights or learn more about Nexius Services, please contact us at: [email protected] or by post:
Nexius Inc.
1732 1st Avenue
New York, NY 10128
USA