Contact Us

N3XUS-AI Global Privacy Policy

Last Updated: 10 September 2025

N3XUS (“N3XUS”, “we”, “our”, “us”) is committed to ensuring the privacy, security, and lawful handling of personal
data across all jurisdictions in which we operate.

This Privacy Policy describes how we collect, use, disclose, store, and protect personal data when individuals interact
with our websites, platforms, applications, or services.

This policy has been designed to comply with global data protection frameworks, including:

  • UK GDPR and EU GDPR
  • California Consumer Privacy Act (CCPA/CPRA)
  • UAE Federal Decree-Law No. 45 of 2021 (PDPL)
  • KSA Personal Data Protection Law (PDPL)
  • Australia Privacy Act & APPs
  • Singapore PDPA
  • India Digital Personal Data Protection Act (DPDP Act)
  • Relevant U.S. state privacy laws (Colorado, Virginia, Connecticut, Utah)
  • OECD Privacy Principles, APEC CBPR, ISO/IEC 27701

By using N3XUS platforms, you consent to the practices described in this policy.

1. Definitions

Personal Data
Any information that identifies or can be used to identify an individual.

Processing
Any operation performed on personal data (collection, storage, analysis, transfer, deletion).

Controller / Processor
Depending on circumstances, N3XUS may act as a data controller or data processor.

2. Information We Collect

We collect personal data across several categories:

2.1 Information You Provide

  • Name, email, phone number, address
  • Organisation, title, and affiliation
  • Account credentials
  • Enquiry details, support requests
  • Information uploaded through forms, applications, or integrations

2.2 Automatically Collected Information

  • IP address, device identifiers, OS details
  • Browser information, access times, referring URLs
  • Usage metrics, click-paths, session analytics
  • Cookies, pixels, tags, SDKs

2.3 Information From Third Parties

  • Business partners and integrators
  • Publicly available registers and datasets
  • Identity verification providers
  • Marketing and analytics partners

N3XUS does not knowingly collect information from children under 16 unless legally permitted.

3. Lawful Bases for Processing

We process personal data under one or more of the following bases:

  • Consent
  • Performance of a contract
  • Compliance with legal or regulatory obligations
  • Legitimate interests (e.g., security, platform improvement, fraud prevention)
  • Public interest or vital interest, where applicable under local law

Where required by law, we obtain explicit consent.

4. How We Use Personal Data

We use personal data to:

  • Operate, manage, and secure our platforms
  • Provide services, onboarding, and account administration
  • Respond to enquiries and support requests
  • Deliver analytics, reporting, and insights
  • Improve functionality, performance, and user experience
  • Enforce platform terms, prevent misuse, and detect fraud
  • Comply with legal, regulatory, and audit requirements
  • Conduct research, testing, and product development

No automated decision-making is performed with legal or significant effects unless required by contract and subject to
proper safeguards.

5. How We Share Personal Data

We do not sell personal data.

We may share personal data with:

5.1 Service Providers

  • Cloud hosting providers
  • Analytics and security providers
  • Communication platforms
  • Payment processors
  • Technical integrators

5.2 N3XUS Group Companies

Cross-border business operations may involve shared infrastructure, support, and analytics.

5.3 Legal & Regulatory Disclosures

Where required by law, court order, or government request.

5.4 Business Transactions

In mergers, acquisitions, fundraising, restructuring, or asset transfers, data may be transferred under confidential and
lawful conditions.

All recipients must comply with contractual confidentiality and data protection obligations.

6. International Data Transfers

N3XUS operates globally. Personal data may be transferred to regions outside the user’s jurisdiction.

We use legally recognised safeguards, including:

  • Standard Contractual Clauses (SCCs)
  • UK International Data Transfer Addendum
  • UAE/KSA foreign transfer controls under PDPL
  • APP 8 compliance for Australia
  • PDPA transfer controls for Singapore
  • Contractual and organisational safeguards

Where laws require equivalent protection, N3XUS ensures it.

7. Data Security

We implement multi-layered security controls, including:

  • Encryption (AES-256, TLS 1.2+)
  • Zero-trust access controls
  • Audit logs and monitoring
  • Network segmentation
  • Vulnerability testing
  • Data minimisation and retention governance
  • Incident response and breach protocols

In the event of a data breach, N3XUS will notify affected parties and regulators in accordance with applicable law.

8. Data Retention

Personal data is retained only for:

  • The period necessary to fulfil the purposes stated
  • Compliance with law, tax, and audit obligations
  • Defence of legal claims
  • Contractual requirements

Retention periods may vary by jurisdiction and data category.

9. Cookies, Pixels & Tracking Technologies

We use:

  • Essential cookies
  • Performance and analytics cookies
  • Security and fraud-prevention tools
  • Optional marketing cookies (consent-based in GDPR regions)

A full Cookie Policy is available separately and can be integrated.

Users may adjust preferences at any time.

10. Your Rights

Depending on jurisdiction, individuals may exercise the following rights:

Europe & UK (GDPR)

  • Access, rectification, erasure
  • Restriction of processing
  • Data portability
  • Objection to processing
  • Withdrawal of consent
  • Right to lodge a complaint

United States (CCPA/CPRA & state laws)

  • Right to know categories of information collected
  • Right to access specific information
  • Right to delete personal information
  • Right to correct information
  • Right to opt out of certain sharing
  • Right to limit use of sensitive information

UAE & KSA PDPL

  • Access, correction, erasure
  • Restriction of processing
  • Objection to automated processing

Asia-Pacific (APPs, PDPA, DPDP)

  • Access and correction
  • Withdrawal of consent
  • Data transfer rights

To exercise rights, contact us using the details below.

11. Automated Decision-Making & Profiling

N3XUS may use analytics or machine learning tools for:

  • System optimisation
  • Risk scoring
  • Operational insights

We do not use automated systems to make decisions that produce legal or significant effects on individuals unless
required by contract and subject to explicit safeguards.

12. Third-Party Links

Our platforms may contain links to external services.

We are not responsible for the privacy practices of those third parties.

13. Changes to This Policy

We may update this policy periodically to reflect regulatory requirements, operational changes, or platform
enhancements.

The updated version will be published with a revised effective date.

14. Contact Information

For privacy-related enquiries, rights requests, or complaints:

N3XUS Data Protection
Email: info@n3xus.com
UK Office: 33-35 Cathedral Road ,Cardiff,
US Office: One World Trade Center, Floor 85, New York, USA
UAE Office: 516 Fairmont Sheik Zayed Road,Dubai, UAE

For EU and UK residents, you may also contact your local supervisory authority.

15. Additional Documentation Available

Upon request, N3XUS can provide:

  • Data Protection Impact Assessments (DPIAs)
  • Records of Processing Activities (RoPA)
  • Sub-processor lists
  • Information security policy summaries
  • Data Processing Agreements (DPAs