Facebook-f X-twitter Instagram Youtube Linkedin
  • marketing@nexaei.com
  • +91 98742 72440
Ask for a Demo
Ask for a Demo

nexaei

Privacy Policy :

Version: 0.4  

Last Updated: April 16, 2025..


Welcome to NexAEI Colab (a product of NEXAEI CORP PRIVATE LIMITED) (hereinafter referred to as “Service Provider”).

Our Privacy Policy governs your use of the NexAEI Colab application and explains how we collect, safeguard, and disclose information that results from your use of our Service.

NexAEI Colab Services will be provided through the NexAEI Colab software based on the user subscription agreement.

By using Services, you hereby give specific, informed, unconditional, and unambiguous consent to the collection and use of information/data by the Service Provider in accordance with the applicable law in force as enumerated in this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.

Our Terms and Conditions (“Terms”) govern all use of our Service and together with the Privacy Policy constitute your agreement with us (“Agreement”).

NexAEI is strongly committed to protecting your privacy and complying with your choices. Both personal and non-personal information collected is safeguarded according to the highest privacy and data protection standards adopted worldwide – the General Data Protection Regulation (GDPR) and/or in accordance with the provisions of The Digital Personal Data Protection Act, 2023(“The Act”). We have maintained a robust and effective data protection program in place which complies with existing law and abides by the data protection principles and is updated from time to time.

Our Commitment –

  • Your information will not be shared, rented, or sold to any third-party service provider/for any other business and marketing purpose other than the agreed service terms and conditions.
  • We use state-of-the-art data security measures to protect your information from unauthorized users.


Applicability:

This Policy should be read in conjunction with Nexval’s other information security-related policies, procedures, guidelines, and plans.

This Policy applies to all employees (whether permanent, fixed term or temporary), consultants, contractors, of Nexval. (“Individuals working for Client / Individual Employee/s/ Individual/s”). This policy also applies where personal data is shared/transferred with third parties regarding the processing personal data where Organization can act as data fiduciary or significant data fiduciary hereinafter referred to as Data Collector), or data processor. Data Principal (hereinafter referred to as Data Subject) include:

  • Third party Employees
  • Employees
  • Customers
  • Contractors
 
Specifically, this Privacy Policy describes our practices regarding –
 
1. Data Collection
2. Data Usage
3. Data Sharing
4. Data Location and Retention
5. Cookies and Tracking Technologies
6. Communications
7. Data Security
8. Data Subject Rights
9. Data Controller/Processor
10. Additional Notices
 
1. Data Collection: 
 
We use your data to provide and improve Service and only when it is necessary to fulfill the objectives of our services to you. By using the Service, you agree to the collection and use of information, which is done fairly, lawfully, in accordance with the applicable law in force, without any coercion or intimidation from the data subject, and under the strict supervision of the managerial control through the appropriate officer in charge. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions. 
 
While providing NexAEI Colab Services, NexAEI collects the following information from the customers depending upon the service level subscription agreement –
 
  • Name, address, telephone number, email address, and business details when you/your employer creates an account.
  • Interactions with third-party service providers.
  • Location-based data (GPS coordinates) through our geolocation feature if the employer has requested users to log in with their GPS location.
  • Collection of time entry and employee attendance/availability data when you use the App. Location information. Biometric information.
  • Your/employee’s Internet Protocol (IP) address (if using a browser), operating system, browser type, the address of a referring site, and any device identifier including any unique ID (if using a mobile device or tablet) and other devise diagnostic data.
  • Employee collaboration data like messages, files, folders, and images. The lawful basis for collecting your data is by way of –Consent and by accepting our Privacy Policy along with the Terms & Conditions by your employer and/or you.
  • Processing your data in the way explained above for us to provide NexAEI Colab service to your employees and/or you is necessary.
  • Data is processed for the purposes of our legitimate interests in relation to the service provided and shall be deleted as soon as the legitimate purpose or interest in the collection of the data is fulfilled, in accordance with the applicable law. NexAEI will correct, amend, update, and/or append personal including forwarding requests to third parties’ information based on information provided by the customers in accordance with the necessity of the service agreements. These activities will be done in consonance with the objective of NexAEI Colab services.
 
2. Data Usage: 
 
This captured data is collected to improve and secure our Services; for analytics, marketing, and sales purposes e.g. Communication with the employee users for comments, suggestions, requests, feedback, ratings, etc. for information about our products and services and/or any other correspondence or phone calls.
 
  1. marketing partners, and affiliate interactions
  2. For marketing purposes, we take note of the marketing channels and campaigns that drew you to NexAEI Colab.
  3. For providing employee analytics as may be demanded by the employer for internal operational purposes uses.
  4. For R & D and consequent improvement in our services including and not limited to the following –
  • To gain a better understanding of how Users evaluate, use, and interact with our Services.
  • To improve user experience and continually improve our products, offerings, and the overall performance of our services.
  • Developing a new line of products/services based on user feedback and experience.
  • To facilitate, sponsor, and offer certain events, contests, and promotions.
 
NexAEI as a Service Provider through the NexAEI Colab application acts by default as a data processor and uses employment data within the scope of its data collection under the Services hitherto provided, to provide analytics and reporting services to the employer as per operational business requirements, to support our legitimate interests of the employer user/employee end-user, in accordance with the provisions of the applicable law or the Act. Personal information is the data captured in the process of use of the NexAEI Colab application entered by the Customer’s end-users/employees in the process of using the service of NexAEI. The customer is responsible for determining the purpose and means for the processing of personal information for its end-users. Therefore, the customer shall be regarded as the controller of personal data. NexAEI shall be regarded as the processor as per the request received from the customer. 

Cross-referencing your information with what is received from our partners in order to provide a more enhanced and personalized App experience. 

Using data information by the customer/employer in communication with the employee/end-user e.g. responding to your comments or inquiries, resolving disputes, contacting you regarding any other operational issues with the App or matter involving product or service transactions, to address problems on the App or our Service and to enforce our agreements with you. 

As a data processor, we can provide a data processing agreement to the team owners. If you are a team owner, you must comply with GDPR or the applicable law/the Act. The customer employer is responsible for collecting any necessary consent, providing any notice wherever necessary to their respective end-users, and being compliant with applicable data protection laws. 

Acceptance of our Terms and Conditions and this Privacy Policy will be deemed as the customer’s consent to the processing of data of the end-user/employee on behalf of the customer/organization for all purposes detailed in this document. If you wish to revoke such consent, please get in touch with us by email at support@nexaei.com.
 
It is however noted that collection of data will stop with the cessation of the contract with you and all collected data will be removed and/or deleted following guidelines of the prevailing law or the Act or according to the user agreement abided by the subscription policy.

3. Data Sharing: 

We share your data (& feedback) with your organization as per the Terms agreed upon. 

Legal Compliance: In exceptional circumstances, we may disclose or allow government and law enforcement officials access to your Personal Data, in response to a subpoena, search warrant, or court order (or similar requirement), or in compliance with applicable laws and regulations and/or the Act. Such disclosure or access may occur if we believe in good faith that: (a) we are legally compelled to do so; (b) disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (c) such disclosure is required to protect the security or integrity of our products and services. 

Service Providers: We may engage selected third-party companies and individuals to perform services complementary to our own. Such service providers include providers of Third Party Services (as defined in the Terms), hosting and server co-location services, e-mail distribution and monitoring services, data optimization, resellers, and providers of professional services related to our Service, and our legal, compliance, and financial advisors (collectively, “Service Providers“). 

These Service Providers may have access to a limited amount of your Personal Data, depending on each of their specific roles and purposes in facilitating and enhancing our Service, and may only use it for such limited purposes as determined in our agreements with them. When our Service Providers contact you in order to offer or promote our Service, they may additionally interest you in their services. Should you decide to engage in such activities with NexAEI Colab’s Service Providers, please note that such engagement is beyond the scope of NexAEI Colab’s Terms and Privacy Policy and will therefore be covered by our Service Provider’s terms and privacy policy. 

Our Service Providers shall be deemed as ‘Data Processors’ in circumstances where NexAEI assumes the role of ‘Data Controller’; and where NexAEI acts as the Data Processor for our Customer, the Service Provider shall be deemed our ‘Sub-Processor’. We shall protect your personal data under our control and/or under the control of the data processors, by taking reasonable security safeguards to prevent personal data breaches. 

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). This information may include, but is not limited to:
  • Email address
  • First name and Last name
  • Phone number
  • Address, Country, State, Province, ZIP/Postal code, City
  • Cookies and Usage Data
  • User’s location Global Positioning System (GPS) data (as directed by your employer)
  • Employee collaboration data like messages, files, folders, and images.
  • User official attendance/availability information.
  • Other employee profile data like profile image. (as per the discretion of the user organization and provision provided in the service).

to facilitate the operation of the App and Service and to perform related services. For example, and without limitation, maintenance services, database management, web analytics, and improvement of the Service’s features or to assist us in analyzing how our App and Service are used.

We may share aggregated information that does not include personal information and we may otherwise disclose such information with third parties for industry analysis, demographic and analytical profiling, and other purposes.

Personal information of the customers may be disclosed to third parties for providing added services with the explicit consent of the customers, and such consent is obtained before disclosure to meet NexAEI Colab’s objectives related to privacy. Such disclosure shall be made only with the explicit consent of the customers obtained before such disclosure or due to the requirement of any law or regulation. NexAEI Colab shall create and retain a complete, accurate, and timely record of authorized disclosures of personal information to meet its objectives related to privacy. Such personal information shall be disclosed only to third parties who have agreements with NexAEI to protect personal information in a manner consistent with the relevant aspects of NexAEI’s Colab privacy policy and to provide additional services. NexAEI Colab shall create and maintain records of detected or reported unauthorized disclosures of personal information that are complete, accurate, and timely.

NexAEI Colab shall obtain privacy commitment from vendors and/or other third parties and NexAEI Colab to have access to personal information and shall ensure and control that such access shall not exceed the terms of the agreement, instruction, or requirements. NexAEI Colab shall take remedial action in response to the misuse of personal information by third parties with whom such data has been shared. A process exists for obtaining commitments from vendors and/or other third parties to report to NexAEI Colab on actual or suspected disclosures of personal data. NexAEI Colab has a process for determining whether notification of a privacy breach is required including the method to be used, the timeline, and the identification of recipients of such notifications.

4. Data Location & Retention: 

Data Location 

The data we collect is hosted on Mumbai Zone at Amazon Web Services. This allows us to provide a reliable service and keeps your data available whenever you need it. We have also established a disaster recovery plan as additional support from our end. 

Data Retention 

We generally retain three types of Information account details, personal information, and service transaction data to fulfill the purposes for which we collected it, including to satisfy any legal, accounting, or reporting requirements, to establish or defend legal claims, and/or for fraud prevention purposes.
 
We will retain your data for as long as it is reasonably necessary as per the service agreement, terms of usage, and subscription contract to provide our services and offerings and to comply with our legal and contractual obligations and to protect ourselves from any potential disputes, all in accordance with our data retention policy and/or the applicable law in force. 

If you have any questions or requests for specific discretion about our data retention policy, please contact us by e-mail at support@nexaei.com to satisfy any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention. We determine that the appropriate retention period for transactional data including archived and deleted Information is relevant as per the subscription agreement and account information as is prescribed under various applicable laws in force. Specific discretion could be handled for customized archival of documents and data after consideration of factors such as the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of your information, the purposes for which we process your Information and the applicable legal requirements, or permanent deletion of data. Customers on being properly authenticated shall be given access to view the personal information retained about them on an individual basis on request from customers and screenshots shall be facilitated as proof of such retention within a reasonable time of demand to access such data. In case of denial of access to personal information to the subscriber, it shall be justified with reasons. The entire process of responding to the request of the data subjects shall be governed by the appropriate officer of the company.

We shall, unless retention is necessary for compliance with any law for the time being in force, erase personal data if you withdraw consent as soon as it is reasonable to assume that the specified purpose of such data is no longer necessary. However, if necessary, as per policy we may retain your information for our compliance with a legal, accounting, or reporting obligation or for archiving purposes as per the requirement of any applicable law in force and/or the Act.

All data that is no longer necessary to retain in the system, either on request of the data subject/principal or in accordance with the applicable law in force, shall be deleted /purged from the system either manually or automatically. In case of automatic deletion/purging of the data, a screenshot for configuration will be retained. There is a robust policy to identify all requests for deletion of personal data under the strict managerial supervision of the officer in charge. Screenshots of all such expunged data shall be retained for inspection for a specific period.

The personal information no longer necessary to retain is anonymized, disposed of, or destroyed in a manner that prevents loss, theft, misuse, or unauthorized access.

5. Cookies & Tracking Technologies: 

We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information. 

Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. 

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service. 

Other Data 

While using our Service, we may also collect the following information on behalf of your employer: sex, age, date of birth, place of birth, citizenship, registration at the place of residence and actual address, telephone number (work, mobile), details of documents on education, qualification, professional training, employment agreements, NDA agreements, information on bonuses and compensation, information on marital status, family members, office location and other data.

6. Communications:

We engage in service communications only through e-mail, phone, SMS, and notifications, only if opted for by you or as directed by your owner. 

Service Communications:

We may contact you with important information regarding our Service. For example, we may send you notifications (through any of the means available to us) of changes or updates to our Service, service changes, log-in attempts password reset notices, etc. You can control your communications and notifications settings from your User Profile settings. However, please note that you will not be able to opt out of receiving certain service communications that are integral to your use (like password resets) 

Promotional Communications: 

We may also notify you about new features, additional offerings, events, special opportunities, or any other information we think our Users will find valuable. We may provide such notices through any of the contact means available to us (e.g., phone, mobile, or e-mail), through the Service, or through our marketing campaigns on any other sites or platforms. 

If you do not wish to receive such promotional communications, you may notify NexAEI Colab’s at any time by sending an email to support@nexaei.com, changing your communications preferences in your User Profile settings, or by following the “Unsubscribe”, “stop”, “opt-out” or “change e-mail preferences” instructions contained in the promotional communications you receive.

7. Data Security: 

We take precautions to protect the security of your information. We secure your personal data using industry-standard physical, procedural, and technical measures. In addition, people can commit intentional crimes, make mistakes, or fail to follow policies. 

However, please be aware that in spite of us putting in reasonable efforts to protect your personal information, and regardless of any security measures we use, we cannot and do not guarantee the absolute protection and security of any personal data stored with us.

8. Data Subject Rights: 

We are committed to helping our customers meet the data subject rights requirements of the General Data Protection Regulation (GDPR) and/or any applicable law / the Act.

As mandated by the Act, subject to restrictions mentioned therein, you have the right to obtain from us personally or through your consent manager, in relation to your consent of collection, use, and retention of your data/personal information, to seek a summary of personal data which is being processed by us and the activities undertaken in relation thereto and/or the identities of all other bodies, organizations including and not limited to the data processor with whom such personal data has been shared and/or any other information related to the personal data and its usages.

Following such demand as above, you shall have the right to correction, completion, updating, and erasure of your personal data for the processing of which you had previously given consent, in accordance with the requirement of any applicable laws and/or the Act, in so far as such request shall not come in the way of or hamper providing service by us to you under the contract.

NexAEI has a process to ensure every complaint, grievance of, and/or dispute with customers/data subjects is thoroughly addressed through the concerned officer and there is periodic monitoring of such complaints, grievances, and their effective resolution, corrections, and actions necessary to mitigate the identified deficiencies.

Right to nominate provision ensures that if a data subject is unable to manage their personal data rights due to incapacity or other reasons, their designated nominee can request access, correction, deletion, and data portability on their behalf. To nominate someone, the data subject must submit a written request to our Data Protection Officer, who will verify the nomination. The nominee’s actions will be treated as those of the data subject, ensuring continued protection and management of personal data. 

Article 5 of the GDPR requires that personal data shall be:

  • Processed lawfully, fairly, and in a transparent manner in relation to end users.
  • Collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
  • Adequate, relevant, and limited to what is necessary for relation to the purposes for which they are processed.
  • Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay.
  • Kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed, personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the interest of your employer’s organization.
  • Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.

Data subjects/data principals can submit requests via email (mention Company ID), and this contact information should be published in the privacy notice for external data subjects and communicated internally to internal data subjects. Also, the timeframe to address data subject requests to be established
Please note that once you contact us by e-mail, we may instruct you on how to fulfill your request independently through your User Profile settings; or may require additional information and documents, including certain Personal Data, to authenticate and validate your identity and
to process your request.

9. Data Controller/Fiduciary/Processor: 

We are the Controller/Fiduciary of our Visitors’ and Customers’ Personal Data, and certain types of User Data; we are the Processor of any Personal Data contained in Customer Data, and of User Data processed on behalf of our Customers. 

NexAEI is the “Data Controller/Data Fiduciary” of its Customers’ Personal Data, as well as User Data consisting of profile and contact details, as well as usage, preferences, engagement, and analytics data. With respect to such data, we assume the responsibilities of the Data Controller/Fiduciary (solely to the extent applicable under law), as outlined in this Privacy Policy.

If any of our Users upload or submit Customer Data or other content to our Service which includes Personal Data (e.g., by submitting their own clients’ contact details to one of their Boards), such data will only be processed by NexAEI on behalf of your employer, who is the owner of the respective Account, along with all other User Data processed on your employer’s behalf.

In such instances, your employer shall be deemed the “Data Controller/Fiduciary” of such data, and NexAEI will process such data on the Customer’s behalf, as its “Data Processor”.

10. Additional Notices: 

Updates and Amendments: We may update and amend this Privacy Policy from time to time by posting an amended version on our Service. The amended version will be effective as of the date it is published. When we make material changes to this Privacy Policy, we’ll provide Users with notice as appropriate under the circumstances, e.g., by displaying a prominent notice within the Service or by sending an email. Your continued use of the Service after the changes have been implemented will constitute your acceptance of the changes. 

Questions, Concerns, or Complaints: If you have any comments or questions regarding our Privacy Policy or any concerns regarding your Data held with us, please contact NexAEI Colab support at support@nexaei.com. If you are a GDPR-protected individual, you also have the right to complain with an EU supervisory authority.

11. Grievance Redressal Officer details:

If you have any grievances, concerns, or complaints regarding handling your personal data, you may contact our Grievance Redressal Officer. We are committed to addressing and resolving your concerns promptly and effectively.
Grievance Redressal Officer: Mr. Amitava Niyogi
Email: grievance@nexval.com
Phone: 033-6625-5151
Address: Block 4B, 7th Floor, Unit No.: 704, New Town, Rajarhat, Kolkata – 700160, West Bengal, India