Copyright © 2022 NEXSYS-ONE - All rights reserved
This Privacy Statement is updated September 01, 2023. Kindly note that this will be updated regularly to accommodate changes in our personal data handling or applicable laws (for example, GDPR, ePrivacy Directive, California Consumer Policy, The APEC Privacy Framework, and others).
NEXSYS-ONE DMCC (hereafter, “NEXSYS-ONE,” “we,” “our,” or “us”) wishes to state its policies regarding the collection, use, share, and disclosure of “personal information” of users of our websites, services, communication channels, and applications (web and mobile) that we develop for our customers, and other data processing activities, wherever we are the data controller.
At NEXSYS-ONE, we place a high value on your privacy and are committed to responsibly protecting and processing your personal information.
This Privacy Statement describes how NEXSYS-ONE collects, uses, and shares your information. The statement applies to NEXSYS-ONE and all its subsidiaries, except where a branch presents its statement without mentioning NEXSYS-ONE.
Whenever we provide products, services, or applications as a business-to-business (B2B) provider to a client (or customer), the client is responsible for collecting and using personal information while using these products, services, or applications.
We can provide additional data privacy information by using a Supplementary Privacy Notice.
Personal Data: Any data or combination of information related to an identifiable person is “personal data or information.” Generally, it includes name, address, telephone number, email address, photograph, or any similar information that, individually or jointly, makes a person identifiable
Special Category Data: Anything that describes a person’s race, ethnic origin, religion, politics, genetics, biometrics, health, or sexual orientation
In this section, we describe the several types of information we collect and how we use it.
It includes information on NEXSYS-ONE Applications, Cloud and Online Services, NEXSYS-ONE Websites, Marketing, Contractual Relationships, Support Services, Similar Technologies, NEXSYS-ONE Office Locations, Staffing and Former Employees, Business Operations, Cookies, etc.
The information we collect and use may include your account information, web page interactions, marketing preferences, examination of malicious activities, recordings or transcripts of your work-related conversations, data to improve our business activities, and more.
A unique identity or identification (such as NEXSYS-ONE ID or other alias) will be associated with every user account created in the NEXSYS-ONE system. It helps us record your name, email address, and country or region of residence. We may need it to give you access to certain services, such as using NEXSYS-ONE Applications, modules, Cloud, and Online Services.
NEXSYS-ONE may also store details from the contact information you provide or collect from your organization, partners, suppliers to access our services.
NEXSYS-ONE uniquely identifies you with the ID when you access our websites, request, order, or use a product or service. If you log into our websites with a NEXSYS-ONE ID, we may link the information we collect with your account. NEXSYS-ONE Applications, Cloud, and Online Services are accessible through the ID, and you can manage your contract and billing history. The email address associated with your NEXSYS-ONE ID can be used to contact you about any support services you subscribe to.
The typical way to obtain business contact information, such as name and contact details, is through a business card. We will use this information to contact you about business issues. We will confirm that the information was shared as per the local law if we receive business contact information from a third party, such as a NEXSYS-ONE partner or supplier.
We may combine your business contact information with other relevant information, such as your work skills or work experience. This information may be used to tailor our interactions with you to improve your NEXSYS-ONE’s usage experience.
In the work flow management system, we assign appropriate work orders according to skill sets to process activities.
Our websites offer ways to communicate with you about our products, services, support, help desks and documentation access. To provide site access, enhance user experience, and personalize user access, we gather information on NEXSYS-ONE’s websites. If you visit our websites without an account, we may still collect information related to your website visit.
We may collect the following information about your use of our websites:
The information helps us improve and personalize your experience with our websites, supplying the right content you may be interested in, creating marketing insights, and improving our websites, online services, and related technologies.
NEXSYS-ONE’s cloud and online services comprise “as-a-service “desktop and mobile applications. We collect information about the use of these services, such as pages you view or your interactions on that page, to improve and develop our services.. We may also require a NEXSYS-ONE ID to give you access to our software and online services.
We collect the following information on your use of our software and online services:
The information is used to improve and personalize your experience with our software, supplying the content you may be interested in, creating insights, and improving our software, websites, online services, and related technologies.
Details about the information collected by the app, like geolocation information or the unique User ID of a device, can be included in mobile app privacy notices. The use of the device across apps is connected by unique User IDs that connect to servers. Your privacy settings can be adjusted using the settings menu or your user profile, depending on the app’s functions.
We are not responsible for third-party websites or applications’ content or privacy practices.
We use the information we collect to communicate with you about relevant products, services, and offerings based on your requests.
We collect and use the following information for sales support purposes.
When you buy a trial, a product, or a service from us, a contractual relationship begins. We are primarily focused on providing our products and services to businesses, but individuals may also agree to work with us as clients.
The requester’s business contact information, a NEXSYS-ONE ID, and order details may be collected in a contractual relationship. Information necessary for shipping, paying, implementing services, or accessing the product or service may also be collected.
This information may be collected for several purposes, depending on the nature of the products or services, such as compliance and contractual management, support, enhancement of our products and services, customer surveys, and technical and business insights. Refer to NEXSYS-ONE Applications, Cloud, and Online Services for more information.
The information collected under contract associations is not used for marketing or advertising.
When you contact us to request support, including through LiveChat, we collect your contact information, problem description, and possible resolutions. We record the information that is provided to handle the support query, for administrative purposes, to foster our relationship with you, for staff training, and for quality assurance purposes.
The information that we collect may include any information exchanged during our phone conversations or provided during Live Chat support sessions on our websites. This may include a recording or transcript of your conversations with us. We may use this information to inform you of products or services that are related to your support request. This can include product updates or fixes, and we may combine the information that is collected through other interactions with you or your organization to provide more valuable suggestions in relation to product support, such as any available training regarding the issue.
Protecting you and NEXSYS ONE
We may collect and use information to protect you and NEXSYS ONE from IT security threats and to secure the information that we hold from unauthorized access, disclosure, alteration, or destruction. This includes information from our IT access authorization systems, such as log-in information.
The security solutions we use to protect your information, our infrastructure, and our networks may collect information such as IP addresses and log files. This is necessary for the functionality and utility of security programs to enable the investigation of any potential security incidents and generate insights on security threats.
We may use specialized tooling and other technical means to collect information at access points to, and in, IT systems and networks to detect unauthorized access, viruses, and indications of malicious activities. The information we collect may be used to conduct investigations when unauthorized access, malware or malicious activities are suspected, and to remove or isolate malicious code or content.
While you visit a NEXSYS-ONE location, we collect your name or business contact information and information from a government-issued ID, in some cases. This information is collected to manage access and protect the safety of our sites and employees. You will be issued a badge to access our office locations based on the information we collect. Additionally, we may authenticate the identity of visitors where legally permissible. Camera surveillance and access management protect our locations, employees, and assets.
We keep searching for new talent and gather information about applicants or prospective candidates from various sources to hire qualified and skilled professionals. The following are applied to the process of collecting the personal data of candidates:
The information may be accessed by and shared with NEXSYS-ONE recruiters, hiring managers of the organization, relevant NEXSYS-ONE subsidiaries, and external recruitment consultants, who are involved in the recruitment process on a need-to-know basis.
NEXSYS-ONE subsidiaries can advertise job openings on a website that is not affiliated with NEXSYS-ONE or their website. In some cases, NEXSYS-ONE will share your personal information with third parties, as required or permitted by law.
When an employee leaves NEXSYS-ONE, we continue to process their information for commercial, contractual, employment, legal, and financial purposes. After completing the process, we retain basic information about their employment at NEXSYS-ONE.
We may seek out potential candidates through recruitment agencies or consultants as part of the recruitment process. We also check out publicly available information on social media platforms or career portals to identify prospective candidates for a specific function.
We process information about the retiree after an employee retires to fulfill their pension obligations. The local organization that handles pensions can provide information about processing pension information or other retirement programs.
We collect information to boost our business operations, systems, and processes. For example, information can be used to lead, maintain, audit, and optimize our operations, safeguard our assets and employees, develop products, and defend our rights.
Information related to our business operations would help us make informed decisions about the organization and the business and report on performance, audits, and trends. For example, the information is used to analyze the costs and quality of our operations.
The information we collect using business systems may include personal information, and they would:
We may use this information to increase efficiency, decrease costs, or (and) improve our services. We may automate these processes using business intelligence or sophisticated software tools.
When a user visits our websites, cloud and online services, or software products, we collect information regarding your internet connection and activities using web cookies. Subject to understanding user behavior and giving improved user experience, we collect minimal personal information of users through our websites and web applications. Name, email ID, cookies, and IP are identifiable and unidentifiable personal data categories.
These are significant for us to operate the website or service, improve performance, help us understand how our online services are used, or understand the interests of our users. We use advertising partners to provide and assist in using such technologies on NEXSYS-ONE and other sites.
A website can send cookies to your browser, which can be stored on your computer and used to identify your computer. You can review or modify your preferences regarding the information we collect about you on our websites. Tracking technologies (such as email pixels) are not covered by the NEXSYS-ONE Cookie Manager. The settings can be managed using the options on your mobile device when using mobile apps.
NEXSYS-ONE Cloud services that require signing in may not function if you block, disable, or reject NEXSYS-ONE cookies. The deactivation of cookies does not deactivate other online tracking technologies but prevents other technologies from accessing the details stored in cookies.
None of our websites, products, and services are intended to be used by children under 16, and we do not collect or allow users to store any information about children on its platforms.
For NEXSYS-ONE’s legitimate business purposes, we may share your personal information with suppliers, advisors, or business partners, but only on a relevant basis. The following section describes how we share information.
By implementing appropriate checks and controls, we ensure that personal information is shared in accordance with applicable law. It may be necessary to disclose personal information to prospective or actual business buyers when conducting or reorganizing businesses in certain countries.
Our current use of personal information is for business purposes: to improve efficiency, cost savings, and foster internal collaboration between our subsidiaries. For instance, we can share personal information to manage our relationship with you and other external parties, compliance programs, or security of systems and networks.
Internally, access to personal information is controlled and granted only on a purpose basis. Before sharing this information, we follow the appropriate intracompany arrangements, policies, and security standards. For more information, check out Legal Basis.
Externally, our suppliers may collect, use, analyze, or process users’ personal information on our behalf.
We collaborate with independent business partners to market, sell, and provide NEXSYS-ONE products and services. We share business contact information with a few partners (in business) when it’s necessary for an order to be fulfilled.
We can provide personal information to professional advisors, such as lawyers, auditors, and insurance companies, to receive their services.
The contractual relationship information is shared with others, such as our partners, financial institutions, shipping companies, postal authorities, or government authorities, who are involved in fulfillment.
Some of our third-party service providers, such as advertising technology partners, data analytics providers, and social networking sites, access the personal information as and when NEXSYS-ONE engages them to deliver targeted advertisements on their platforms, aggregate information for analysis, and track engagement with those advertisements.
Personal information may be disclosed to government agencies in accordance with judicial proceedings, court orders, or legal processes in certain circumstances. When NEXSYS-ONE believes such rights may be affected, we may share personal information to safeguard NEXSYS-ONE’s rights – for example, fraud prevention.
NEXSYS-ONE complies with local and international laws on sharing personal information between countries to protect your personal information, wherever it may be.
NEXSYS-ONE operates through its subsidiaries worldwide. The laws of privacy in some countries consider a “Controller” to be the legal entity (or natural person) that defines the purposes for processing personal information and how that information is processed. Parties involved in processing operations on behalf of a Controller may be designated as “Processors.” The jurisdiction determines the designations and associated obligations.
Where this is relevant for the privacy laws in your country, the Controller of your personal information is NEXSYS-ONE’s principal subsidiary in your country or region, or another NEXSYS-ONE subsidiary identifies itself as the Controller for a specific interaction with you.
NEXSYS-ONE’s website publishes the contact details of our head office and subsidiaries in various countries and regions, and they are the following:
3501, JBC 2 Tower
Cluster V, JLT
Dubai, United Arab Emirates
Nexsys-One USA INC
1400 Preston Road, Suite 400
Plano, Texas 75093
NexsysOne UK Limited
Bristol BS1 2NT
9-2, Mayang Plaza
Jalan SS26/4 Taman Mayang Jaya
47301 Petaling Jaya
Selangor Darul Ehsan
We implement reasonable physical, administrative, and technical safeguards to protect your personal information from unauthorized access, use, and disclosure. Role-based access controls and encryption are part of these safeguards to keep personal information private while in transit. We require our Business Partners, suppliers, and third parties to implement appropriate safeguards, such as contract terms and access restrictions, to protect information from unauthorized access, use, and disclosure.
Personal information is only kept as long as it is necessary to fulfill the purposes for which it is processed or to meet legal and regulatory retention requirements. Legal and regulatory retention requirements may require the retention of information for:
We preserve all information relating to the contractual relationship for administrative, legal, and regulatory purposes, to defend the rights of NEXSYS-ONE, and to manage the relationship between NEXSYS-ONE and you.
When personal information is no longer required, we have processes to securely delete it, such as deleting electronic files and shredding physical documents.
When it comes to handling personal information, as users, suppliers, partners, and associates of NEXSYS-ONE, you have the following rights:
When you apply for data rights (DR), you provide us with personal information, including your name and contact information, that we use to respond to your request. Under certain circumstances, to verify your identity and make sure we disclose the personal information to the right person. We can request a copy of your photo ID, which will be deleted immediately after verifying your identity.
Upon your DR application, your personal information is processed for processing and processing your DR application in accordance with NEXSYS-ONE’s legal obligations and commitments related to DR.
The data related to your DR request will be kept for at least three years from the date of your last DR-related communication with NEXSYS-ONE. It is subject to being addressed if you have any requests and for NEXSYS-ONE’s compliance and recording purposes.
For more information, please go through the part of Personal Information We Collect and Use in this Privacy Statement.
Your rights may be subject to limitations and exemptions as a result of applicable laws. If we disclose information about others, we may be unable to share it with you in certain situations. You can file a complaint with the competent supervisory authorities or consult them.
In some jurisdictions, a legal basis is required for legally handling personal information. The legal bases we rely on to handle your personal information lawfully differ depending on the purpose and applicable law.
We may use the following different legal bases:
Necessary for the performance of a contract with you
Our dependence on this legal basis concerns the need to process certain personal information, such as your contact, payment, and shipment details, to fulfill our obligations or manage our contractual relationship with you.
Necessary for NEXSYS-ONE’s or a third party’s legitimate interest
Conducting and organizing business is a legitimate interest, and it involves marketing our offerings, protecting our legal interests, securing our IT environment, and meeting client requirements.
Here are some examples:
The legal obligations require us to process certain personal information in these cases:
We may be obliged to ask for a government-issued ID for particular transactions, such as financing
NEXSYS-ONE often revises the Privacy Statement, considering the growth and expansion of our business to new industries and verticals. If there is a significant change to this Privacy Statement, the effective date will be altered, and a notice will be posted on the updated Privacy Statement for 30 days.
The following are the topics we changed or updated in the recent release:
If you have any questions about this Privacy Statement, don’t hesitate to contact us at email@example.com.