Skip to content
Nexacore Systems – Zur Startseite

Privacy Policy

Definitions

Personal data means any information relating to an identified or identifiable natural person.

Processing means any operation performed on personal data, such as collection, storage, use, disclosure, or deletion.

Sale and sharing follow the definitions in CCPA/CPRA: sale is the exchange of data for monetary value, sharing is cross-context behavioral advertising.

1. Scope and Applicable Law

This Privacy Policy applies to all personal information collected by NexaCore Systems LLC (“NexaCore,” “we,” “us,” or “our”) when you use nexacore-systems.com and related services.

Where EU/EEA/UK residents are concerned, the EU General Data Protection Regulation (GDPR) or UK GDPR applies.

2. Data Controller

NexaCore Systems LLC
7901 4th St. N, Suite 300
St. Petersburg, FL 33702, USA
Email: tobias.geier@nexacore-systems.com

3. Categories and Purposes of Processing

We process personal data for specific, legitimate purposes:

  • Identifiers (name, email, phone, billing/shipping address)
  • To manage inquiries, quotes, contracts, and customer support
  • Project and billing information (requested services, quotes, invoices, uploaded files)
  • To deliver and document our services
  • Technical and usage data (IP address, cookie IDs, pages visited, clicks, referrer, approximate location)
  • To operate, secure, and improve our website and services
  • Professional data (company, job title, licensing details)
  • To fulfill contractual obligations and provide tailored advice
  • Precise location or access codes (only if you voluntarily provide them)
  • To coordinate on-site work

4. Legal Bases for Processing

We rely on the following legal grounds under GDPR:

  • Performance of a contract or pre-contractual measures (Art. 6(1)(b))
  • Compliance with legal obligations (Art. 6(1)(c))
  • Legitimate interests (Art. 6(1)(f)), e.g. security, fraud prevention, service enhancement
  • Consent (Art. 6(1)(a)) for marketing communications and non-essential cookies

California residents also hold rights under CCPA/CPRA regarding sale, sharing, and sensitive data use.

5. Recipients and International Transfers

We share personal information with:

  • Service providers (hosting, analytics, payment processors, support)
  • Delivery and logistics partners
  • Authorities when required by law
  • Successors in case of merger or sale

All transfers to the United States or other third countries are protected by Standard Contractual Clauses or equivalent measures.

6. Data Retention

We retain personal data only as long as necessary or legally required:

  • Customer accounts and invoices: 7 years
  • Analytics data: up to 24 months (or shorter if configured)
  • Consent records: at least 12 months

7. Data Subject Rights

You may exercise the following rights under GDPR and CCPA/CPRA:

  • Access, rectification, erasure, restriction, objection, data portability
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

California residents additionally may opt out of sale/sharing and limit the use of sensitive data.

8. Data Breach Notification

In the event of a personal data breach, we will notify affected individuals and relevant authorities without undue delay.

Notifications to EU supervisory authorities will occur within 72 hours, and California residents will be informed no later than 45 days after discovery.

9. Supervisory Authorities

EU/EEA residents may lodge complaints with their local data protection authority.

A list of EU/EEA supervisory authorities is available at https://edpb.europa.eu/about-edpb/board/members_en.

10. Automated Decision-Making

We do not engage in automated decision-making or profiling that produces legal effects concerning individuals.

If this changes, you will be informed and granted the right to human intervention and to contest decisions.

11. Children’s Data

Our Services are not directed at children under the age of 16 for EU/EEA or under 13 for U.S. jurisdictions.

We do not knowingly collect personal data from minors without parental consent, as required by GDPR Article 8 and CCPA minors’ provisions.

12. Data Protection Officer

We have appointed a Data Protection Officer (DPO) responsible for monitoring compliance with this policy.

You may contact the DPO at tobias.geier@nexacore-systems.com.

13. Opt-Out and Global Privacy Control

For targeted advertising or data sharing, we offer:

  • A “Do Not Sell or Share My Personal Information” link
  • Support for Global Privacy Control (GPC) browser signals
  • Opt-out options on our “Your Privacy Choices” page

14. Security Measures

We implement appropriate technical and organizational safeguards such as TLS encryption, access controls, and regular updates.

Absolute security cannot be guaranteed.

15. Changes to This Policy

We may update this Privacy Policy. The latest version, with its “Effective Date,” will always be available on our website.

16. Contact

Questions or requests regarding privacy: tobias.geier@nexacore-systems.co

Select Language