Nexus Grid Data Protection Policy | GDPR Compliance

The Nexus Grid Data Protection Policy explains how we protect, manage, and secure personal data in line with GDPR and global data protection standards.

Data Protection Policy

This Nexus Grid Data Protection Policy outlines our commitment to protecting personal data and maintaining high standards of privacy, security, and compliance. We follow applicable data protection laws, including the UK GDPR, EU GDPR, and other international regulations relevant to our operations.

────────────────────────────────────────────────────────────────────────

1. Our Commitment to Data Protection

Nexus Grid takes data protection seriously. We ensure that all personal data is:

• Processed lawfully, fairly, and transparently
• Collected for specific, explicit purposes
• Limited to what is necessary
• Accurate and kept up to date
• Stored securely
• Retained only for as long as necessary

Our goal is to maintain trust, protect individuals, and support strong security practices throughout our services.

────────────────────────────────────────────────────────────────────────

2. Scope of This Policy

This policy applies to:

• All Nexus Grid employees
• Contractors and service partners
• Any individual processing data on our behalf
• All systems, services, and operations where personal data is handled

It includes data processed through our website, services, platforms, and customer engagements.

────────────────────────────────────────────────────────────────────────

3. Types of Data We Process

Nexus Grid may process the following types of personal data:

• Contact details (name, email, phone)
• Company information
• Job titles and roles
• Technical data (IP address, device data, logs)
• Information submitted in service enquiries
• Data required for cybersecurity operations
• Training and event participation information

Sensitive data is processed only when necessary and with appropriate safeguards.

────────────────────────────────────────────────────────────────────────

4. Lawful Basis for Processing Personal Data

We process data under one or more legal bases:

Consent provided by the individual
Contractual necessity when delivering services
Legal obligations requiring processing
Legitimate interests, including security, operations, and service improvement

────────────────────────────────────────────────────────────────────────

5. How We Protect Your Data

Nexus Grid implements strong technical and organisational measures to safeguard data. These include:

• Encryption of data at rest and in transit
• Access control and authentication policies
• Network and endpoint security
• Monitoring and incident response procedures
• Staff training on security and privacy
• Regular audits and risk assessments

Our cybersecurity foundations ensure that data is protected throughout its lifecycle.

────────────────────────────────────────────────────────────────────────

6. Data Minimisation and Retention

We collect only the data necessary to fulfil our services. Personal data is retained:

• Only for as long as required
• In line with legal or regulatory obligations
• Based on contractual requirements

Once data is no longer needed, it is securely deleted or anonymised.

────────────────────────────────────────────────────────────────────────

7. Sharing and Transferring Data

Nexus Grid does not sell personal data. We may share data with:

• Trusted service providers
• Security specialists assisting with service delivery
• Cloud hosting or platform partners
• Legal or regulatory authorities when required

Data transferred outside the UK/EU is protected using:

• Standard Contractual Clauses (SCCs)
• Adequate safeguards
• Equivalent data protection frameworks

────────────────────────────────────────────────────────────────────────

8. Individual Data Rights

Under GDPR and other data protection laws, individuals have rights such as:

• Accessing their data
• Requesting corrections
• Requesting deletions
• Restricting processing
• Objecting to processing
• Portability of personal data
• Withdrawing consent at any time

To exercise these rights, please reach out through our Contact Us page.

────────────────────────────────────────────────────────────────────────

9. Data Breach Management

If a data breach occurs:

• We will assess the incident promptly
• We will notify affected customers as required
• We will take steps to contain and resolve the issue
• We will support investigations and regulatory obligations

Our incident response follows best-practice cybersecurity standards.

────────────────────────────────────────────────────────────────────────

10. Responsibilities and Accountability

Nexus Grid ensures:

• Staff understand their data protection duties
• Privacy by design is applied to services and systems
• Documentation and records are maintained
• Vendors and partners meet security expectations

────────────────────────────────────────────────────────────────────────

11. Changes to This Policy

We may update this Data Protection Policy to reflect:

• Legal changes
• Service improvements
• Updated internal practices

Updates will be published on this page with the revision date.

────────────────────────────────────────────────────────────────────────

12. Contact Us

If you have questions about the Nexus Grid Data Protection Policy or need to exercise your rights, please contact our team through the Contact Us page.