Privacy Policy

Privacy Statement

This Privacy Statement is updated September 01, 2023. Kindly note that this will be updated regularly to accommodate changes in our personal data handling or applicable laws (for example, GDPR, ePrivacy Directive, California Consumer Policy, The APEC Privacy Framework, and others).

Introduction

NEXSYS-ONE DMCC (hereafter, “NEXSYS-ONE,” “we,” “our,” or “us”) wishes to state its policies regarding the collection, use, share, and disclosure of “personal information” of users of our websites, services, communication channels, and applications (web and mobile) that we develop for our customers, and other data processing activities, wherever we are the data controller.

At NEXSYS-ONE, we place a high value on your privacy and are committed to responsibly protecting and processing your personal information.

This Privacy Statement describes how NEXSYS-ONE collects, uses, and shares your information. The statement applies to NEXSYS-ONE and all its subsidiaries, except where a branch presents its statement without mentioning NEXSYS-ONE.

Whenever we provide products, services, or applications as a business-to-business (B2B) provider to a client (or customer), the client is responsible for collecting and using personal information while using these products, services, or applications.

We may be allowed by a client to request and gather information about authorized users of the products, services (that we delivered), or contracts based on an agreement. This Privacy Statement, or a Supplementary Privacy Policy, comes into force in this case. The client’s Privacy Policy justifies collecting and using this information if not specified.

We can provide additional data privacy information by using a Supplementary Privacy Notice. 

Definitions

Personal Data: Any data or combination of information related to an identifiable person is “personal data or information.” Generally, it includes name, address, telephone number, email address, photograph, or any similar information that, individually or jointly, makes a person identifiable

Special Category Data: Anything that describes a person’s race, ethnic origin, religion, politics, genetics, biometrics, health, or sexual orientation 

Personal Information We Collect and Use

In this section, we describe the several types of information we collect and how we use it.

It includes information on NEXSYS-ONE Applications, Cloud and Online Services, NEXSYS-ONE Websites, Marketing, Contractual Relationships, Support Services, Similar Technologies, NEXSYS-ONE Office Locations, Staffing and Former Employees, Business Operations, Cookies, etc.

The information we collect and use may include your account information, web page interactions, marketing preferences, examination of malicious activities, recordings or transcripts of your work-related conversations, data to improve our business activities, and more. 

Your Account and Profile

A unique identity or identification (such as NEXSYS-ONE ID or other alias) will be associated with every user account created in the NEXSYS-ONE system. It helps us record your name, email address, and country or region of residence. We may need it to give you access to certain services, such as using NEXSYS-ONE Applications, modules, Cloud, and Online Services.

NEXSYS-ONE may also store details from the contact information you provide or collect from your organization, partners, suppliers to access our services.

NEXSYS-ONE uniquely identifies you with the ID when you access our websites, request, order, or use a product or service. If you log into our websites with a NEXSYS-ONE ID, we may link the information we collect with your account. NEXSYS-ONE Applications, Cloud, and Online Services are accessible through the ID, and you can manage your contract and billing history. The email address associated with your NEXSYS-ONE ID can be used to contact you about any support services you subscribe to.

The typical way to obtain business contact information, such as name and contact details, is through a business card. We will use this information to contact you about business issues. We will confirm that the information was shared as per the local law if we receive business contact information from a third party, such as a NEXSYS-ONE partner or supplier.

We may combine your business contact information with other relevant information, such as your work skills or work experience. This information may be used to tailor our interactions with you to improve your NEXSYS-ONE’s usage experience.

For example,

In the work flow management system, we assign appropriate work orders according to skill sets to process activities. 

NEXSYS-ONE Websites

Our websites offer ways to communicate with you about our products, services, support, help desks and documentation access. To provide site access, enhance user experience, and personalize user access, we gather information on NEXSYS-ONE’s websites. If you visit our websites without an account, we may still collect information related to your website visit.

We may collect the following information about your use of our websites:

  • web pages you visit,
  • amount of time you spend on pages,
  • the external URL that referred you to our pages,
  • geographic information derived from the IP address, and
  • hyperlinks you select

The information helps us improve and personalize your experience with our websites, supplying the right content you may be interested in, creating marketing insights, and improving our websites, online services, and related technologies. 

NEXSYS-ONE Applications, Cloud and Online Services

NEXSYS-ONE’s cloud and online services comprise “as-a-service “desktop and mobile applications. We collect information about the use of these services, such as pages you view or your interactions on that page, to improve and develop our services.. We may also require a NEXSYS-ONE ID to give you access to our software and online services.

We collect the following information on your use of our software and online services:

  • NEXSYS-ONE ID information (if signed in),
  • and passwords,
  • the pages you visit,
  • settings within the services,
  • browser type and IP address,
  • operating system, device type, and version information, and
  • crash logs

The information is used to improve and personalize your experience with our software, supplying the content you may be interested in, creating insights, and improving our software, websites, online services, and related technologies.

Details about the information collected by the app, like geolocation information or the unique User ID of a device, can be included in mobile app privacy notices. The use of the device across apps is connected by unique User IDs that connect to servers. Your privacy settings can be adjusted using the settings menu or your user profile, depending on the app’s functions.

We are not responsible for third-party websites or applications’ content or privacy practices. 

Web Site Sales Support

We use the information we collect to communicate with you about relevant products, services, and offerings based on your requests.  

We collect and use the following information for sales support purposes.

  • Gathered directly from you online form submissions through your engagements with the NEXSYS-ONE web site
  • Gathered on our websites or from your engagements or interactions with NEXSYS-ONE emails and content, including content on third-party sites
  • Subject to your preferences, we may use this information to market to you regarding NEXSYS-ONE products, services, and offerings

For example,

  • Reach out to you via phone or email to support your request
  • Assist with NEXSYS-ONE products and services you request via our Sales Support portals
  • Deliver targeted NEXSYS-ONE information and contacts of customer support staff 

Contractual Relationships

When you buy a trial, a product, or a service from us, a contractual relationship begins. We are primarily focused on providing our products and services to businesses, but individuals may also agree to work with us as clients.

The requester’s business contact information, a NEXSYS-ONE ID, and order details may be collected in a contractual relationship. Information necessary for shipping, paying, implementing services, or accessing the product or service may also be collected.

This information may be collected for several purposes, depending on the nature of the products or services, such as compliance and contractual management, support, enhancement of our products and services, customer surveys, and technical and business insights. Refer to NEXSYS-ONE Applications, Cloud, and Online Services for more information.

The information collected under contract associations is not used for marketing or advertising. 

Support Services

When you contact us to request support, including through LiveChat, we collect your contact information, problem description, and possible resolutions. We record the information that is provided to handle the support query, for administrative purposes, to foster our relationship with you, for staff training, and for quality assurance purposes.

The information that we collect may include any information exchanged during our phone conversations or provided during Live Chat support sessions on our websites. This may include a recording or transcript of your conversations with us. We may use this information to inform you of products or services that are related to your support request. This can include product updates or fixes, and we may combine the information that is collected through other interactions with you or your organization to provide more valuable suggestions in relation to product support, such as any available training regarding the issue.

While we handle the support case, we may have incidental access to information that you have provided or information that is on your system. This information may contain information about you, your organization’s employees, customers, or other relevant parties. The conditions regarding the handling and processing of this information is covered by the applicable Terms of Use or other agreements between your organization and NEXSYS ONE, such as the Terms of Use for Exchanging Diagnostic Data.

Protecting you and NEXSYS ONE

We may collect and use information to protect you and NEXSYS ONE from IT security threats and to secure the information that we hold from unauthorized access, disclosure, alteration, or destruction. This includes information from our IT access authorization systems, such as log-in information.

The security solutions we use to protect your information, our infrastructure, and our networks may collect information such as IP addresses and log files. This is necessary for the functionality and utility of security programs to enable the investigation of any potential security incidents and generate insights on security threats.

We may use specialized tooling and other technical means to collect information at access points to, and in, IT systems and networks to detect unauthorized access, viruses, and indications of malicious activities. The information we collect may be used to conduct investigations when unauthorized access, malware or malicious activities are suspected, and to remove or isolate malicious code or content. 

NEXSYS-ONE Offices

While you visit a NEXSYS-ONE location, we collect your name or business contact information and information from a government-issued ID, in some cases. This information is collected to manage access and protect the safety of our sites and employees. You will be issued a badge to access our office locations based on the information we collect. Additionally, we may authenticate the identity of visitors where legally permissible. Camera surveillance and access management protect our locations, employees, and assets. 

Recruitment and Ex-Employees

We keep searching for new talent and gather information about applicants or prospective candidates from various sources to hire qualified and skilled professionals. The following are applied to the process of collecting the personal data of candidates:

The information may be accessed by and shared with NEXSYS-ONE recruiters, hiring managers of the organization, relevant NEXSYS-ONE subsidiaries, and external recruitment consultants, who are involved in the recruitment process on a need-to-know basis.

NEXSYS-ONE subsidiaries can advertise job openings on a website that is not affiliated with NEXSYS-ONE or their website. In some cases, NEXSYS-ONE will share your personal information with third parties, as required or permitted by law.

When an employee leaves NEXSYS-ONE, we continue to process their information for commercial, contractual, employment, legal, and financial purposes. After completing the process, we retain basic information about their employment at NEXSYS-ONE.

We may seek out potential candidates through recruitment agencies or consultants as part of the recruitment process. We also check out publicly available information on social media platforms or career portals to identify prospective candidates for a specific function.

We process information about the retiree after an employee retires to fulfill their pension obligations. The local organization that handles pensions can provide information about processing pension information or other retirement programs. 

Conducting Business Operations

We collect information to boost our business operations, systems, and processes. For example, information can be used to lead, maintain, audit, and optimize our operations, safeguard our assets and employees, develop products, and defend our rights.

Information related to our business operations would help us make informed decisions about the organization and the business and report on performance, audits, and trends. For example, the information is used to analyze the costs and quality of our operations.

The information we collect using business systems may include personal information, and they would:

  • protect or enforce our rights, including to detect fraud or other criminal activities
  • comply with legal obligations in the countries where our business is active
  • handle and resolve disputes, and
  • answer complaints and defend NEXSYS-ONE in legal proceedings

We may use this information to increase efficiency, decrease costs, or (and) improve our services. We may automate these processes using business intelligence or sophisticated software tools.

Website Cookies

When a user visits our websites, cloud and online services, or software products, we collect information regarding your internet connection and activities using web cookies. Subject to understanding user behavior and giving improved user experience, we collect minimal personal information of users through our websites and web applications. Name, email ID, cookies, and IP are identifiable and unidentifiable personal data categories.

These are significant for us to operate the website or service, improve performance, help us understand how our online services are used, or understand the interests of our users. We use advertising partners to provide and assist in using such technologies on NEXSYS-ONE and other sites.

A website can send cookies to your browser, which can be stored on your computer and used to identify your computer. You can review or modify your preferences regarding the information we collect about you on our websites. Tracking technologies (such as email pixels) are not covered by the NEXSYS-ONE Cookie Manager. The settings can be managed using the options on your mobile device when using mobile apps.

NEXSYS-ONE Cloud services that require signing in may not function if you block, disable, or reject NEXSYS-ONE cookies. The deactivation of cookies does not deactivate other online tracking technologies but prevents other technologies from accessing the details stored in cookies. 

Children

None of our websites, products, and services are intended to be used by children under 16, and we do not collect or allow users to store any information about children on its platforms. 

Sharing Personal Information

For NEXSYS-ONE’s legitimate business purposes, we may share your personal information with suppliers, advisors, or business partners, but only on a relevant basis. The following section describes how we share information. 

How is Your Personal Information Shared?

By implementing appropriate checks and controls, we ensure that personal information is shared in accordance with applicable law. It may be necessary to disclose personal information to prospective or actual business buyers when conducting or reorganizing businesses in certain countries.

Our current use of personal information is for business purposes: to improve efficiency, cost savings, and foster internal collaboration between our subsidiaries. For instance, we can share personal information to manage our relationship with you and other external parties, compliance programs, or security of systems and networks.

Internally, access to personal information is controlled and granted only on a purpose basis. Before sharing this information, we follow the appropriate intracompany arrangements, policies, and security standards. For more information, check out Legal Basis.

Externally, our suppliers may collect, use, analyze, or process users’ personal information on our behalf.

We collaborate with independent business partners to market, sell, and provide NEXSYS-ONE products and services. We share business contact information with a few partners (in business) when it’s necessary for an order to be fulfilled.

We can provide personal information to professional advisors, such as lawyers, auditors, and insurance companies, to receive their services.

The contractual relationship information is shared with others, such as our partners, financial institutions, shipping companies, postal authorities, or government authorities, who are involved in fulfillment.

Some of our third-party service providers, such as advertising technology partners, data analytics providers, and social networking sites, access the personal information as and when NEXSYS-ONE engages them to deliver targeted advertisements on their platforms, aggregate information for analysis, and track engagement with those advertisements.

Personal information may be disclosed to government agencies in accordance with judicial proceedings, court orders, or legal processes in certain circumstances. When NEXSYS-ONE believes such rights may be affected, we may share personal information to safeguard NEXSYS-ONE’s rights – for example, fraud prevention. 

International Transfers of Data

NEXSYS-ONE complies with local and international laws on sharing personal information between countries to protect your personal information, wherever it may be.

Safeguards, including:

  1. NEXSYS-ONE’s privacy practices, described in this Privacy Policy, comply with the General Data Protection Regulation (GDPR), a European Union regulation on Information privacy in the European Union and the European Economic Area, and APEC Cross Border Privacy Rules Framework. The APEC Cross Border Privacy Rules (CBPR) system protects personal information transferred among participating APEC economies
  2. As the EU-US and Swiss-US Privacy Shield Framework can no longer be relied upon for transferring personal information, we continue to comply with all obligations of the EU-US Privacy Shield and Swiss-US Privacy Shield Framework 

Controller and Representative Information

NEXSYS-ONE operates through its subsidiaries worldwide. The laws of privacy in some countries consider a “Controller” to be the legal entity (or natural person) that defines the purposes for processing personal information and how that information is processed. Parties involved in processing operations on behalf of a Controller may be designated as “Processors.” The jurisdiction determines the designations and associated obligations.

Where this is relevant for the privacy laws in your country, the Controller of your personal information is NEXSYS-ONE’s principal subsidiary in your country or region, or another NEXSYS-ONE subsidiary identifies itself as the Controller for a specific interaction with you.

NEXSYS-ONE’s website publishes the contact details of our head office and subsidiaries in various countries and regions, and they are the following:

HEAD OFFICE

NEXSYS-ONE DMCC

3501, JBC 2 Tower

Cluster V, JLT

Dubai, United Arab Emirates

US OFFICE

Nexsys-One USA INC

1400 Preston Road, Suite 400

Plano, Texas 75093

United State

UK OFFICE

NexsysOne UK Limited

Whitefriars

Lewins Mead

Bristol BS1 2NT

United Kingdom

MALAYSIA OFFICE

9-2, Mayang Plaza

Jalan SS26/4 Taman Mayang Jaya

47301 Petaling Jaya

Selangor Darul Ehsan

 

Information Security

We implement reasonable physical, administrative, and technical safeguards to protect your personal information from unauthorized access, use, and disclosure. Role-based access controls and encryption are part of these safeguards to keep personal information private while in transit. We require our Business Partners, suppliers, and third parties to implement appropriate safeguards, such as contract terms and access restrictions, to protect information from unauthorized access, use, and disclosure.

Personal information is only kept as long as it is necessary to fulfill the purposes for which it is processed or to meet legal and regulatory retention requirements. Legal and regulatory retention requirements may require the retention of information for:

  • audit and accounting,
  • statutory retention terms,
  • the handling of disputes, and
  • establishing, exercising, or defense of legal claims in our business countries

We preserve all information relating to the contractual relationship for administrative, legal, and regulatory purposes, to defend the rights of NEXSYS-ONE, and to manage the relationship between NEXSYS-ONE and you.

When personal information is no longer required, we have processes to securely delete it, such as deleting electronic files and shredding physical documents.

Your Rights

When it comes to handling personal information, as users, suppliers, partners, and associates of NEXSYS-ONE, you have the following rights:

  • Ask for access to your personal information or have it updated or corrected. You may have additional rights concerning your personal information, depending on the applicable law
  • Request to get your personal information in a usable format and send it to another party (also known as the right to data portability)
  • Request to delete the personal information we store about you
  • Choose to avoid specific types of personal information processing, like targeted advertising
  • Ask questions related to this Privacy Statement and Practices at NEXSYS-ONE. NEXSYS-ONE’s Data Privacy Team, including the responsible Data Protection Officers, will receive and respond to your message
  • File a complaint with NEXSYS-ONE if you are dissatisfied with the way NEXSYS-ONE handles your personal information
  • Contact NEXSYS ONE via support@nexsysone.com 

Data Rights Requests Details

When you apply for data rights (DR), you provide us with personal information, including your name and contact information, that we use to respond to your request. Under certain circumstances, to verify your identity and make sure we disclose the personal information to the right person. We can request a copy of your photo ID, which will be deleted immediately after verifying your identity.

Upon your DR application, your personal information is processed for processing and processing your DR application in accordance with NEXSYS-ONE’s legal obligations and commitments related to DR.

The data related to your DR request will be kept for at least three years from the date of your last DR-related communication with NEXSYS-ONE. It is subject to being addressed if you have any requests and for NEXSYS-ONE’s compliance and recording purposes.

For more information, please go through the part of Personal Information We Collect and Use in this Privacy Statement.

Your rights may be subject to limitations and exemptions as a result of applicable laws. If we disclose information about others, we may be unable to share it with you in certain situations. You can file a complaint with the competent supervisory authorities or consult them. 

Legal Basis

In some jurisdictions, a legal basis is required for legally handling personal information. The legal bases we rely on to handle your personal information lawfully differ depending on the purpose and applicable law.

We may use the following different legal bases:

Necessary for the performance of a contract with you

Our dependence on this legal basis concerns the need to process certain personal information, such as your contact, payment, and shipment details, to fulfill our obligations or manage our contractual relationship with you.

For example,

  • When completing a contract, you may be required to receive support services, for which we will collect your contact information.
  • Personal information is required to evaluate job applicants or manage pension entitlements for retirees

Necessary for NEXSYS-ONE’s or a third party’s legitimate interest

Conducting and organizing business is a legitimate interest, and it involves marketing our offerings, protecting our legal interests, securing our IT environment, and meeting client requirements.

Here are some examples:

  • We record your usage and interaction with our websites to make them better
  • We process your NEXSYS-ONE ID (see Your Account) to handle access authorization of our services
  • We have a legitimate interest in processing your personal information to manage a contractual relationship with your organization
  • To tailor our interactions with you and promote our products and services, we process your business contact information (see Your Account) and other relevant information. Also, for developing marketing and business intelligence, we can combine your contact information with details from a NEXSYS-ONE event you attended
  • We process the personal information of applicants based on our legitimate interest in sourcing suitable talent
  • We need to keep our general business operations running smoothly. For security and safety purposes, we may process login information for our IT systems and networks or CCTV footage at NEXSYS-ONE office locations
  • We can also process personal information to defend our rights in judicial, administrative or arbitration proceedings. In countries where they are not a separate legal basis, this also falls under the legal basis of legitimate interest 

Consent

The processing of personal information is based on your consent, which we request, such as the optional use of Cookies or email marketing materials.

Legal Obligation

The legal obligations require us to process certain personal information in these cases:

We may be obliged to ask for a government-issued ID for particular transactions, such as financing 

Privacy Statement Updates

NEXSYS-ONE often revises the Privacy Statement, considering the growth and expansion of our business to new industries and verticals. If there is a significant change to this Privacy Statement, the effective date will be altered, and a notice will be posted on the updated Privacy Statement for 30 days.

The following are the topics we changed or updated in the recent release:

  • Introduction
  • Collection and Use of Personal Information
  • Your Account and Profile
  • NEXSYS-ONE Websites
  • NEXSYS-ONE Applications, Cloud and Online Services
  • Marketing
  • Contractual Relationships
  • Internal Data Collection
  • Conducting Business Operations
  • Website Cookies
  • Sharing Personal Information
  • International Transfers of Data
  • Controller and Representative Information
  • Information Security
  • Your Rights
  • Data Rights Requests Details

If you have any questions about this Privacy Statement, don’t hesitate to contact us at support@nexsysone.com