From whom do we process personal data and how do we get this data?
We process the personal data from anyone who has had direct or indirect contact with Nexio Projects Group such as customers, partners, employees or any other stakeholders.
We get the data directly from you, when you visit our website, create an account and fill in some data or when you contact us. In some cases, we receive your data from third parties but only when you authorise those parties to share certain information with us.
How we use your personal data
General categories of personal data that we may process:
Usage data: We may process data about your use of our website and services. These data may include your IP address, geographical location, browser type and version, operating system, length of visit, page views and website navigation paths but also information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. We process these data for the purpose of analysing the use of the website and services.
Data to process your order: If you order something, we need certain information from you to be able to deliver your order/ project and keep you informed about the delivery/ deadline. Also, for any returns we need this information from you. To do this we collect your name, email address, delivery address(es), payment details and your phone number. These data are needed to close the agreement that you made with us (or one of our partners).
Service data: We may process your personal data that you provide to us in the course of the use of our services. The source of this data is you or your employee. This applies to our customers and all other stakeholders to which we provide services.
Enquiry data: We may process information contained in any enquiry you submit to us regarding our products and services.
Customer relationship data and customer service: We may process information related to our customer relationship including customer contact information. You can contact us 24/7. You can call or email us or send us a message via social media. We will help you in the shortest time possible. The notes about the customer contact will be kept as long as you are an active customer. We have a legitimate reason to retain this data such as improving our services. When you send us a private message via social media, your message will be shared with the third-party through which you send us the message (e.g. Facebook, LinkedIn). To ensure your data stays safe, always protect your accounts with strong passwords and keep these safe. We cannot prevent a data leak which happens due to your indiscretion. Customer relation data may also be collected for the purpose of managing our relationships with our customers, communication with the customers, keeping records of the communication between us and our customers and promoting our products and services.
Transaction data: We may process data related to transactions, including purchase of goods and services that you acquired personally with us. The transaction data may include your name, card details and transaction details. We may share this data with third-parties (providers of transaction services which are our partners).
Information for marketing: We have arranged listings, special promotions and news that we want to share with you. We share that through email. If you have an account with us or you placed one or more orders, we will email you suggestions, information about our products and services. If you agree, we will email you offers, personal recommendations and information. If you prefer to not receive this type of information you can opt out of newsletters immediately. At the bottom of each email we send, we give you an option to opt out. Please use this option if you wish to not receive emails from us anymore.
Correspondence data: We might send you promotional information by post sometimes. If you wish to not receive this information, please indicate this to our customer service and they will remove you from the list.
Data from customer surveys: We are always working on improving our services and better match our customer’s requests. Therefore, we will need your data (customer ID, email address, and/ or telephone number) to invite you in customer or market research. Participation is entirely voluntary. You decide yourself if you want to join the investigation. The length of the time we keep the data varies per research. We delete all information that can identify you as soon as the investigation is completed.
Data to prevent fraud: To avoid security incidents and fraud we use your data. The data we use are IP address, search and buying behaviour. This enables us to prevent unauthorised access and to prevent, counter and investigate fraud.
Social media: When you use social media, such as Facebook, YouTube, Instagram, Twitter and LinkedIn you can like and share our products or services. We cannot gain access to your social media account. We recommend you review the privacy policy of the social media platform where you have an account, so you know how your information is used and how you can customise your settings.
In addition to the specific purposes for which we may process your personal data set out in this section, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Providing your personal data to others
We also work with other external service providers. Sometimes, they need your personal data. We share only the information necessarily for the command that the external service provider will fulfil. With all the external service providers we enter agreements in which we agree on what they are allowed to do with your data.
Government: Sometimes we need to transfer personal data to the Government. This can occur if government agencies require this information to carry out their tasks. This could be for example the tax authorities. The police or justice might need certain data in the case of fraud or abuse.
In addition to the specific disclosures of personal data set out in this Section, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your personal data where such disclosure is necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
Where we store the data
We store your data within the European Economic Area. However, it may happen that certain information we collect are transmitted to destinations outside the EEA, for example, because one of our external service providers is established there. When this is the case, we make sure that this happens in a safe and lawful manner.
How do we secure your data?
We take a lot of measures to ensure your personal data is secure at both organisational as well and technical level. Out IT department ensures that our systems are secure and not vulnerable to threats. Through rigorous access controls, we ensure that your personal data are only accessible to employees that are authorised to use the data. If we give your information to other external service providers, then we ensure, through contracts, that they deal with your data as serious as we do.
Information from children
Our services are not directly intended to children. This means that the use of our website by customers under 18 years old is permitted only with the permission of a parent or legal guardian.
Amendments
We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes to this policy.
We will notify you of significant changes to this policy by email or through the private messaging system on our website.
Your rights
Your principal rights under data protection law are:
The right to information: You have the right to confirmation as to whether we process your personal data and, where we do, access to the personal data;
The right to inspect: You have the right to inspect at any time. We will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee;.
The right to correct: You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.
The right to object to: You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
The right to data portability: You have the right to transfer the information that you have given to us in the framework of the agreement that you have entered into with us. You have the right to receive a machine-readable format, so you can save this data in a database of yours or another party. This includes your name, address and residence information. To obtain this information, please send an email to our customer service.
The right to restrict processing: In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful, but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defence of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
The right to be forgotten/request for account delete: In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims. You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.
The right to complain to a supervisory authority: If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement. When you have a complaint, please contact us. You also have the right to complain directly to our data protection officer. You can do this by emailing: info@nexioprojects.com. Finally, you have the right to file your complaint to the authorities. We process requests within 7 days.
Questions?
If you have any questions about the way in which Nexio Projects handles your personal data, please contact our customer service at info@nexioprojects.com.