Legal

Privacy Policy

Last updated: March 1, 2024

NexaSource ("we," "our," or "us") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website nexasource.io or use our services.

1. Information We Collect

Personal Information

We may collect the following personal information when you interact with us:

  • Contact Information: Name, email address, phone number, job title, company name
  • Account Information: Login credentials, account preferences, communication preferences
  • Business Information: Company size, industry, security requirements, IT infrastructure details
  • Payment Information: Billing address, payment method details (processed securely through third-party payment processors)

Automatically Collected Information

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, time spent on pages, click patterns, referring URLs
  • Cookies and Tracking: We use cookies and similar technologies for analytics and functionality

2. How We Use Your Information

We use collected information for the following purposes:

  • Providing and improving our cybersecurity services
  • Responding to inquiries and support requests
  • Sending relevant security updates and service communications
  • Processing transactions and managing accounts
  • Analyzing website usage to improve user experience
  • Complying with legal obligations and regulatory requirements
  • Detecting and preventing fraud and security incidents

3. Information Sharing

We do not sell your personal information. We may share information with:

  • Service Providers: Trusted third parties who assist in delivering our services
  • OEM Partners: When necessary for license provisioning and support (Palo Alto Networks, Fortinet, Cisco, Microsoft, CrowdStrike)
  • Legal Compliance: When required by law, regulation, or legal process
  • Business Transfers: In connection with mergers, acquisitions, or asset sales

4. Data Security

We implement enterprise-grade security measures to protect your information:

  • AES-256 encryption for data at rest and TLS 1.3 for data in transit
  • SOC 2 Type II certified security operations
  • Regular penetration testing and vulnerability assessments
  • Role-based access controls and multi-factor authentication
  • 24/7 security monitoring and incident response

5. Cookies & Tracking

We use cookies for essential website functionality, analytics, and improving your experience. You can manage cookie preferences through your browser settings. We use:

  • Essential Cookies: Required for website functionality
  • Analytics Cookies: Help us understand how visitors use our website
  • Preference Cookies: Remember your settings and preferences

6. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access, correct, or delete your personal information
  • Object to or restrict processing of your data
  • Data portability — receive your data in a structured format
  • Withdraw consent for data processing
  • Lodge a complaint with a data protection authority

7. Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce agreements. When data is no longer needed, we securely delete or anonymize it.

8. International Data Transfers

If we transfer your data outside your jurisdiction, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) and compliance with applicable data transfer regulations.

9. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through our website or direct notification. Continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

For questions or concerns about this Privacy Policy or your personal data:

  • Email: privacy@nexasource.io
  • Data Protection Officer: dpo@nexasource.io
  • Address: NexaSource, 100 Cyber Way, Suite 500, San Francisco, CA 94105