Privacy Notice & Policy

Introduction

Nexus Alpha Limited (“we”, “us”, or “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data, and your rights in relation to that data.

This Privacy Policy should be read alongside our Terms of Use and any other applicable agreements.

  • Data controller: Nexus Alpha Limited, registered in England and Wales (company number 02941132), with its registered office at Streathbourne House, 75 Redehall Road, Smallfield, Surrey, RH6 9QA.

  • Contact email: info@nexusalpha.com

  • ICO registration number: Z7507934

This Policy may be updated from time to time. Where we make material changes, we will take reasonable steps to notify you. The most current version will always be available on our website.

For the purposes of this Policy, “Data Protection Legislation” means all applicable data protection and privacy legislation in force from time to time in the United Kingdom, including the UK General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018, and any other applicable laws relating to the processing of personal data.

Information We May Collect from You

We may collect and process the following personal data about you, depending on how you interact with our Site:

  • Information you provide when completing forms on our Site (www.nexusalpha.com), including your name, telephone number, email address, and any messages you submit.

  • Your contributions to any interactive services we provide, such as forums, messaging features, or other communication tools we may make available from time to time.

  • Details of your visits to our Site, including IP address, browser type, operating system, pages viewed, and usage data such as time spent on pages and navigation paths. This information may be collected using analytics tools and cookies, where consent is required.

  • Information you provide when reporting a problem with our Site or when contacting us, including records of correspondence.

We may also collect information through cookies and similar technologies, subject to your consent where required. For more information, please see our Cookie Policy.

IP Addresses and Cookies

We use analytics tools (including Google Analytics or equivalent services) to understand how our website is used and to improve its performance. These tools do not directly identify you.

We may collect information about your device, including your IP address, operating system, and browser type, for system administration, security purposes, and to help us understand how our Site is used. This information may constitute personal data under applicable data protection law.

We use analytics cookies (including Google Analytics cookies) to understand how users interact with our website and to improve site performance and usability.

We use device and security-related data on the basis of legitimate interests to ensure the security and proper functioning of our Site. Analytics processing is carried out only with consent.

We collect information about your use of our Site through cookies, including analytics cookies where you have provided valid consent. Cookies are small text files stored on your device that allow us to recognise your browser and improve your experience on our Site.

Cookies are used for essential website functionality without requiring consent. Where we use non-essential cookies (including analytics or performance cookies), we will only do so where you have provided consent in accordance with applicable law.

Where required under applicable law, including the Privacy and Electronic Communications Regulations, we will request your consent before placing or accessing non-essential cookies on your device.

You can control or disable cookies through your browser settings. However, if you disable cookies, some parts of our Site may not function properly. Unless you adjust your browser settings to refuse cookies, cookies may be used when you visit our Site.

For more information about how we use cookies, please see our Cookie Policy.

Analytics cookies and related processing are used only where you have provided consent in accordance with applicable law (including PECR and UK GDPR). You can withdraw your consent to analytics cookies at any time via our cookie banner or browser settings.

Legal Basis for Processing Your Information

We will rely on the following legal bases under UK GDPR and the Data Protection Act 2018 when processing your personal data:

Performance of a contract

We process personal data where it is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract. This includes providing our services, managing your access to our systems, and delivering support in relation to those services.

Legal obligation

We process personal data where it is necessary to comply with a legal or regulatory obligation to which we are subject.

 Legitimate interests

We process personal data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This includes operating and maintaining our services, improving functionality and user experience, ensuring the security of our systems, managing client relationships, and supporting internal administrative and governance processes.

Special category data

Where we process special category personal data, we will only do so where a condition under Article 9 of the UK GDPR applies. This may include where processing is necessary for the establishment, exercise or defence of legal claims, or where you have provided your explicit consent. We do not routinely collect special category data.

Consent

In limited circumstances, we may rely on your consent to process personal data, for example where required for certain optional features or marketing communications. Where we rely on consent, you may withdraw it at any time, and we will explain how to do so at the point consent is requested.

Where We Store Your Personal Data

The personal data we collect from you may be transferred to, and stored in, countries outside the United Kingdom and, where applicable, the European Economic Area (EEA). It may also be processed by staff or suppliers operating outside these jurisdictions who provide services to us.

Where we transfer your personal data internationally, we will ensure that appropriate safeguards are in place in accordance with UK data protection legislation, including UK GDPR and the Data Protection Act 2018. These safeguards will be implemented where required and may include adequacy regulations, the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or other approved transfer mechanisms under applicable law.

We take appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage, and to ensure it is treated securely and in accordance with this Privacy Policy and applicable data protection laws.

Storage and retention of your personal data

We apply appropriate technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration or destruction. These measures include the use of secure systems and firewalls where appropriate. All personal data submitted through our website is stored within secure environments designed to restrict unauthorised access.

While we take appropriate steps to protect your personal data, the transmission of information over the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of data transmitted to our Site.

We will retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including to provide services to you, comply with legal and regulatory obligations, and in accordance with our internal data retention policies.

We may retain personal data for longer where required for legal, regulatory or technical reasons, or where necessary for the establishment, exercise or defence of legal claims. Where data is retained for these purposes, we will ensure it is subject to appropriate safeguards and is only used for those purposes.

Where we use customer relationship management systems, contact details may be removed from active mailing lists if there is no engagement (such as email opens or link clicks) for a defined period, after which the data may be archived and subsequently deleted in accordance with our retention policies.

Third parties who process personal data on our behalf will retain such data only for as long as is necessary to provide their services to us, in accordance with their contractual obligations.

We will not retain your personal data for longer than is necessary for the purposes for which it is processed or as required by applicable law.

Disclosure of Your Information

We may disclose your personal data to any member of our group, which includes our subsidiaries, our ultimate holding company, and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. Where we do so, such sharing will be subject to appropriate intra-group data protection arrangements in accordance with applicable data protection law.

We may share your personal data with carefully selected third-party service providers, vendors, and other organisations that process data on our behalf or provide services to us, such as hosting providers, fulfilment and logistics providers, customer support providers, data management services, and marketing service providers. Where such third parties process personal data on our behalf, they do so in accordance with our instructions and are required to protect your personal data.

We may also disclose your personal data to third parties:

  1. If we sell, buy, merge, or otherwise reorganise any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets, subject to appropriate safeguards.

  2. If Nexus Alpha Limited or substantially all of its assets are acquired by a third party, in which case personal data held by us will be one of the transferred assets, subject to appropriate safeguards; and

  3. Where we are required to disclose your personal data in order to comply with a legal obligation, or where disclosure is necessary for the establishment, exercise, or defence of legal claims, or to protect the rights, property, or safety of Nexus Alpha Limited, our customers, or others.

International Transfers of Your Personal Data

Where we transfer your personal data outside the United Kingdom or, where applicable, the European Economic Area (EEA), we will ensure that such transfers are carried out in accordance with applicable data protection law, including UK GDPR and the Data Protection Act 2018.

We will only transfer personal data internationally where an adequate level of protection is ensured. This may include transfers to countries that have been deemed adequate by the UK Government or, where applicable, the use of appropriate safeguards such as the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or other approved transfer mechanisms recognised under applicable law.

Where we engage third-party service providers located outside the United Kingdom or, where applicable, the EEA, we ensure appropriate safeguards are in place to protect your personal data in accordance with applicable data protection law.

Where our personnel access personal data remotely from outside the United Kingdom or EEA, such access is permitted only where necessary for business purposes and is subject to appropriate security measures and internal policies designed to ensure that personal data is handled securely and lawfully.

If your personal data is transferred internationally, you may contact us to request further information about the safeguards applied to such transfers and, where applicable, obtain a copy of relevant documentation.

Withdrawal of consent

Where we rely on your consent as the lawful basis for processing your personal data, you may withdraw that consent at any time by contacting us at info@nexusalpha.com.

Withdrawal of consent will not affect the lawfulness of any processing carried out before your consent was withdrawn.

In some cases, we may continue to process your personal data where we have another lawful basis for doing so under applicable data protection law, including UK GDPR and the Data Protection Act 2018. Where this applies, we will inform you of the relevant lawful basis.

Your Rights

You have the right to ask us not to process your personal data for marketing purposes. We will inform you before collecting your data if we intend to use it for marketing purposes or disclose your personal data to third parties for such purposes. You can exercise this right at any time by contacting us at info@nexusalpha.com or by using any relevant opt-out mechanism we provide.

Our Site may, from time to time, contain links to and from the websites of partner networks, advertisers, and affiliates. If you follow a link to any of these websites, please note that these websites operate independently and have their own privacy policies. We do not accept responsibility or liability for their privacy practices, and we encourage you to review their policies before submitting any personal data.

Under UK GDPR and the Data Protection Act 2018, you have the following rights in relation to your personal data:

  • the right of access to your personal data.

  • the right to rectification of inaccurate or incomplete data.

  • the right to erasure of your personal data in certain circumstances.

  • the right to restrict processing of your personal data.

  • the right to object to processing, including where we rely on legitimate interests.

  • the right to data portability, where applicable.

We may require you to provide proof of identity before responding to your request to ensure that your personal data is not disclosed to unauthorised persons.

Requests to exercise your rights are generally free of charge. However, we may charge a reasonable fee or refuse to comply with requests that are manifestly unfounded or excessive, in accordance with UK GDPR.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you are concerned about how we process your personal data.

Changes to This Privacy Policy

Any changes we may make to this Privacy Policy in the future will be posted on this page. Where we make material changes, we will take reasonable steps to notify you, which may include notification by email where appropriate.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.

Complaints

If you have concerns about how we process your personal data, please contact us first at info@nexusalpha.com so that we can address your concerns.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you are not satisfied with our response.

Contact

Questions, comments, and requests regarding this Privacy Policy or the way we process your personal data are welcomed and should be sent to us at info@nexusalpha.com.

You may use this contact details to exercise any of your rights under UK GDPR and the Data Protection Act 2018, including access, rectification, erasure, restriction, or objection to processing.