Updated on: 21st June 2021
Welcome to Nexval Infotech Pvt. Ltd. (“us”, “we”, or “our”) operates NexAEI (hereinafter referred to as “Service”).
We are strongly committed to protecting your privacy and complying with your choices. Both personal and non-personal information collected is safeguarded according to the highest privacy and data protection standards adopted worldwide – General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We have and maintain a robust and effective data protection program in place which complies with existing law and abides by the data protection principles, and is updated from time-to-time.
- Your information will not be shared, rented, or sold to any third-party service provider/s
- We use state-of-the-art data security measures to protect your information from unauthorized users
- We give you the possibility to control the information that you shared with us (opt-out)
- 1.Data Collection
- 2.Data Usage
- 3.Data Location and Retention
- 4.Data Sharing
- 5.Cookies and Tracking Solutions
- 7.Data Security
- 8.Data Subjects Rights
- 9.Data Controller/Processor
- 10.Additional Notices
2. Data Usage
We use Personal Data to provide, improve and secure our Services; for analytics, marketing, and sales purposes; to comply with application laws; and to support our legitimate interests.
We use personal data as necessary for the performance of our Service; to comply with our legal and contractual obligations; and to support our legitimate interest in maintaining and improving our Service, e.g., in understanding how our services are used and how our campaigns are performing, and gaining insights which help us dedicate our resources and efforts more efficiently; providing customer service and technical support; and protecting and securing our users, customers, visitors, ourselves and our Services.
If you reside or are using the Service in a territory governed by privacy laws which determine that “consent” is the only or most appropriate legal basis for processing Personal Data (in general, or specifically with respect to the types of Personal Data you choose to share via the Service).
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). This information may include, but is not limited to:
- Email address
- First name and Last name
- Phone number
- Address, Country, State, Province, ZIP/Postal code, City
- Cookies and Usage Data
- User’s location Global Positioning System (GPS) data (as directed by your employer)
- Facial Data (only if your employer opts for the feature)
We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may help us to offering you a personalized experience. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or by getting in touch with us on firstname.lastname@example.org, or you may contact your organization’s NexAEI admin.
Specifically, we use Personal Data for the following purposes:
- To facilitate, operate, and provide our Services;
- To authenticate the identity of our Users, and to allow them to access our Services;
- To gain a better understanding on how Users evaluate, use and interact with our Service, and how we could improve their and others’ user experience, and continue improving our products, offerings and the overall performance of our Services;
- Developing new line of product/services
- To facilitate, sponsor and offer certain events, contests and promotions
- When you access our Service with a device, the Usage Data will be stored that may include information such as the type of device you use, your device unique ID, the IP address of your device, your device operating system, the type of Internet browser you use, unique device identifiers and other diagnostic data.
3. Data Location & Retention
The data we collect is hosted on multiple Availability Zones at Google cloud services. This allows us to provide a reliable service and keeps your data available whenever you need it. We have also established a disaster recovery plan as an additional support from our end.
We will retain your personal data for as long as it is reasonably necessary in order to maintain and expand our relationship and provide you with our Service and offerings; in order to comply with our legal and contractual obligations; or to protect ourselves from any potential disputes, all in accordance with our data retention policy.
If you have any questions about our data retention policy, please contact us by e-mail at email@example.com
4. Data Sharing
We share your data (& feedback) with your organization as per the Terms agreed upon.
Legal Compliance: In exceptional circumstances, we may disclose or allow government and law enforcement officials access to your Personal Data, in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur if we believe in good faith that: (a) we are legally compelled to do so; (b) disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (c) such disclosure is required to protect the security or integrity of our products and services.
Service Providers: We may engage selected third-party companies and individuals to perform services complementary to our own. Such service providers include providers of Third Party Services (as defined in the Terms), hosting and server co-location services, e-mail distribution and monitoring services, data optimization, resellers, and providers of professional services related to our Service, and our legal, compliance and financial advisors (collectively, “Service Providers“).
Our Service Providers shall be deemed as ‘Data Processors’ in circumstances where NexAEI assumes the role of ‘Data Controller’; and where NexAEI acts as the Data Processor for our Customer, the Service Provider shall be deemed our ‘Sub-Processor’.
5. Cookies & Tracking Technologies
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
While using our Service, we may also collect the following information on behalf of your employer: sex, age, date of birth, place of birth, citizenship, registration at place of residence and actual address, telephone number (work, mobile), details of documents on education, qualification, professional training, employment agreements, NDA agreements, information on bonuses and compensation, information on marital status, family members, office location and other data.
We engage in service communications only through e-mail, phone, SMS, and notifications, only if opted for by you or as directed by your owner.
We may contact you with important information regarding our Service. For example, we may send you notifications (through any of the means available to us) of changes or updates to our Service, service changes, log-in attempts or password reset notices, etc. You can control your communications and notifications settings from your User Profile settings. However, please note that you will not be able to opt-out of receiving certain service communications which are integral to your use (like password resets)
We may also notify you about new features, additional offerings, events and special opportunities or any other information we think our Users will find valuable. We may provide such notices through any of the contact means available to us (e.g., phone, mobile or e-mail), through the Service, or through our marketing campaigns on any other sites or platforms.
If you do not wish to receive such promotional communications, you may notify NexAEI at any time by sending an email to firstname.lastname@example.org, changing your communications preferences in your User Profile settings, or by following the “Unsubscribe”, “stop”, “opt-out” or “change e-mail preferences” instructions contained in the promotional communications you receive.
7. Data Security
We take precautions to protect the security of your information. We secure your personal data using industry-standard physical, procedural, and technical measures. In addition, people can commit intentional crimes, make mistakes or fail to follow policies.
However, please be aware that in spite of us putting in reasonable efforts to protect your personal information and regardless of any security measures we use, we cannot and do not guarantee the absolute protection and security of any personal data stored with us.
8. Data Subject Rights
We are committed to helping our customers meet the data subject rights requirements of General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA).
Article 5 of the GDPR requires that personal data shall be:
- a. Processed lawfully, fairly and in a transparent manner in relation to end users;
- b. Collected for specified, explicit and legitimate purpose and not further processed in a manner that is incompatible with those purposes;
- c. Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
- d. Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
- e. Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed, personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the interest of your employer’s organization.
- f. Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.
Please note that once you contact us by e-mail, we may instruct you on how to fulfil your request independently through your User Profile settings; or may require additional information and documents, including certain Personal Data, in order to authenticate and validate your identity and to process your request.
9. Data Controller/Processor
We are the Controller of our Visitors’ and Customers’ Personal Data, and certain types of User Data; we are the Processor of any Personal Data contained in Customer Data, and of User Data processed on behalf of our Customer.
If any of our Users upload or submit Customer Data or other content to our Service which includes Personal Data (e.g., by submitting their own clients’ contact details to one of their Boards), such data will only be processed by NexAEI on behalf of your employer, who is the owner of the respective Account, along with all other User Data processed on your employer’s behalf.
In such instances, your employer shall be deemed the “Data Controller” of such data, and NexAEI will process such data on the Customer’s behalf, as its “Data Processor”.
10. Additional Notices