Legal

Privacy Policy

Last updated: January 1, 2026 | Effective date: January 1, 2026

1. Introduction and Overview

Nexoera Limited (“Nexoera,” “we,” “us,” or “our”) operates the website nexoera.io and provides digital business infrastructure consulting and technology advisory services to organizations globally. We are committed to protecting the privacy and security of personal information entrusted to us by clients, prospective clients, website visitors, and other individuals who interact with our platform and services.

This Privacy Policy describes in detail how Nexoera collects, processes, stores, uses, shares, and protects personal information. It also explains the rights available to individuals under applicable data protection legislation, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant frameworks.

By accessing our website, submitting an inquiry, entering into a service agreement, or otherwise engaging with Nexoera, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with the terms of this policy, please refrain from using our services.

2. Definitions

For the purposes of this Privacy Policy, the following terms have the meanings set out below:

  • Personal Information: Any information relating to an identified or identifiable natural person, including but not limited to name, email address, telephone number, company affiliation, IP address, and browser behavior.
  • Processing: Any operation or set of operations performed on personal information, including collection, recording, organization, storage, adaptation, retrieval, consultation, use, disclosure, erasure, or destruction.
  • Controller: Nexoera Limited, which determines the purposes and means of processing personal information.
  • Processor: Any third party who processes personal information on behalf of Nexoera under a data processing agreement.
  • Data Subject: Any natural person whose personal information is processed by Nexoera.
  • Services: The digital infrastructure consulting, technology advisory, workflow optimization, and related services offered by Nexoera.
  • Website: The website located at nexoera.io and all associated subdomains, pages, and digital properties.

3. Information We Collect

3.1 Information You Provide Directly

We collect personal information that you voluntarily provide to us through the following channels:

  • Inquiry Forms: When you complete our contact or consultation request form, we collect your name, company name, email address, telephone number, business size, and the content of your message.
  • Service Agreements: When you engage our services, we collect business registration details, billing information, authorized representative details, and project-specific information necessary to deliver the contracted services.
  • Email Communications: When you correspond with our team via email, we retain the content of those communications and any personal information contained within them.
  • Professional Profiles: Where you share professional background, organization structure, or operational details as part of an engagement scope discussion.

3.2 Information Collected Automatically

When you access and use our website, we automatically collect certain technical information, including:

  • — IP address and general geographic location derived from IP address
  • — Browser type, version, and operating system
  • — Pages visited, time spent on each page, and navigation pathways
  • — Referring website or search query that directed you to our site
  • — Device type and screen resolution
  • — Date and time of visits

This information is collected through cookies, web beacons, and analytics technologies, as further described in our Cookie Policy.

3.3 Information from Third Parties

We may receive personal information about you from third-party sources, including professional networking platforms such as LinkedIn, publicly available business directories, and referral partners. We use such information solely for the purpose of assessing potential service fit and initiating professional contact.

4. How We Use Your Information

Nexoera processes personal information for the following legitimate purposes:

  • Service Delivery: To provide digital infrastructure consulting, technology assessments, workflow optimization, and all contracted services.
  • Client Communication: To respond to inquiries, provide project updates, schedule consultations, and maintain professional correspondence.
  • Contract Management: To manage service agreements, invoicing, and payment processing.
  • Website Improvement: To analyze website usage patterns, improve user experience, and optimize our digital presence.
  • Legal Compliance: To comply with applicable laws, regulations, court orders, and government requests.
  • Security: To detect, prevent, and investigate fraudulent activity, unauthorized access, and other security incidents.
  • Business Development: To inform potential clients about services that may be relevant to their stated needs, where permitted by applicable law.

5. Legal Basis for Processing (GDPR)

For individuals in the European Economic Area (EEA), United Kingdom, and other jurisdictions where the GDPR or equivalent legislation applies, Nexoera processes personal information on the following legal bases:

  • Contractual Necessity: Processing required to fulfill a service agreement or to take steps at your request prior to entering an agreement.
  • Legitimate Interests: Processing necessary for our legitimate business interests, including website analytics, security operations, and professional communications, where such interests are not overridden by your data protection rights.
  • Legal Obligation: Processing required to comply with applicable laws and regulatory requirements.
  • Consent: Where you have expressly provided consent for specific processing activities, such as receiving marketing communications. You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.

6. Sharing and Disclosure of Personal Information

Nexoera does not sell, rent, or trade personal information to third parties for their marketing purposes. We may share personal information in the following limited circumstances:

  • Service Providers: We engage trusted third-party service providers to assist in delivering our services, including email delivery platforms (EmailJS), website hosting providers, analytics tools, and payment processors. These providers are contractually bound to handle personal information only as directed by Nexoera and in accordance with applicable law.
  • Professional Advisors: We may share information with legal counsel, accountants, or auditors in the course of professional advisory services.
  • Legal Requirements: We may disclose personal information where required by law, court order, regulatory authority, or governmental request.
  • Business Transfers: In the event of a merger, acquisition, or sale of all or substantially all of our business assets, personal information may be transferred to the acquiring entity, subject to equivalent privacy protections.
  • Protection of Rights: We may disclose information where necessary to protect the rights, property, or safety of Nexoera, our clients, or third parties.

7. International Data Transfers

Nexoera operates internationally and may transfer personal information across national borders. When transferring personal information from the EEA, UK, or Switzerland to countries that do not provide an equivalent level of data protection, we implement appropriate safeguards including:

  • — Standard Contractual Clauses approved by the European Commission
  • — Binding Corporate Rules where applicable
  • — Adequacy decisions issued by relevant data protection authorities

You may request information about the specific mechanisms we use for international data transfers by contacting us at support@nexoera.io.

8. Data Retention

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods vary based on the nature of the information and the relationship:

  • — Client engagement records: 7 years from the end of the engagement
  • — Inquiry and pre-engagement correspondence: 2 years
  • — Website analytics data: 26 months
  • — Financial records: As required by applicable tax and accounting law

When personal information is no longer required, we securely delete or anonymize it in accordance with our data destruction procedures.

9. Your Rights

Subject to applicable law, you have the following rights regarding your personal information:

  • Right of Access: To obtain confirmation of whether we process your personal information and to receive a copy of that information.
  • Right to Rectification: To have inaccurate or incomplete personal information corrected without undue delay.
  • Right to Erasure: To request deletion of your personal information where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent.
  • Right to Restriction: To request that we restrict processing of your personal information in certain circumstances.
  • Right to Data Portability: To receive your personal information in a structured, commonly used, and machine-readable format.
  • Right to Object: To object to processing based on legitimate interests, including profiling, and to object to direct marketing at any time.
  • Rights Related to Automated Decision-Making: We do not engage in automated decision-making that produces significant effects on individuals.

To exercise any of these rights, please contact us at support@nexoera.io. We will respond to verified requests within 30 days. We may require proof of identity before processing requests.

10. Security

Nexoera implements appropriate technical and organizational measures to protect personal information against unauthorized access, accidental loss, alteration, disclosure, or destruction. These measures include encrypted data transmission (TLS/SSL), access controls, secure authentication protocols, and regular security reviews.

While we maintain rigorous security standards, no method of electronic transmission or storage is completely secure. In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify you and relevant regulatory authorities in accordance with applicable law.

11. Children's Privacy

Our services are directed exclusively to business professionals and organizations. We do not knowingly collect personal information from individuals under the age of 16. If we become aware that we have inadvertently collected personal information from a minor, we will take prompt steps to delete it. If you believe we may have collected information from a minor, please contact us at support@nexoera.io.

12. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we provide. We will indicate the effective date of any revisions at the top of this page. If we make material changes, we will notify affected individuals by email or by prominent notice on our website. We encourage you to review this policy periodically.

13. Contact Information

If you have questions, concerns, or requests relating to this Privacy Policy or our data practices, please contact us:

Nexoera Limited

Data Privacy Team

Email: support@nexoera.io

Website: nexoera.io

If you are located in the European Economic Area, you also have the right to lodge a complaint with your local data protection supervisory authority if you believe we have processed your personal information in violation of applicable law.