This Privacy Policy explains how Nexora Systems Group SIA (“Nexora”, “we”, “us”) collects, uses and protects your personal data when you visit this website or contact us. We process personal data in accordance with Regulation (EU) 2016/679 (the General Data Protection Regulation, “GDPR”), the UK GDPR and the Data Protection Act 2018 (for visitors from the United Kingdom), and applicable Latvian data protection law.
1. Data controller
The controller of your personal data is:
Nexora Systems Group SIA
Registration No. 40203760424
Registered office: Ādama iela 13–5, Rīga, LV-1016, Latvia
E-mail: partnership@nexora-sg.com
Phone: +372 5619 3695
We have not appointed a Data Protection Officer, as we are not required to do so; for any privacy matter you can contact us directly using the details above.
2. What personal data we collect
We collect only the data we actually need:
- Contact form data — your name, e-mail address, company name (optional), subject and the content of your message, when you submit our contact form or e-mail us.
- Technical data — IP address, browser type, operating system, date and time of access, and pages visited. This data is processed in server logs by our hosting provider for security and reliability purposes.
- Cookie data — see our Cookie Policy for details of the cookies used on this website and how you can control them.
We do not knowingly collect data from children under 16, and this website is not directed at children. We do not use automated decision-making or profiling.
3. Purposes and legal bases of processing
| Purpose | Data | Legal basis |
|---|---|---|
| Responding to your enquiries and preparing proposals | Contact form data | Art. 6(1)(b) GDPR — steps prior to entering into a contract; Art. 6(1)(f) GDPR — our legitimate interest in responding to enquiries |
| Website security, error prevention and abuse detection | Technical data (server logs) | Art. 6(1)(f) GDPR — our legitimate interest in a secure, reliable website |
| Storing your cookie preferences | Consent cookie | Art. 6(1)(f) GDPR; consent for any non-essential cookies (Art. 6(1)(a) GDPR) |
| Compliance with legal obligations (e.g. accounting, responding to lawful requests) | Correspondence, contract data | Art. 6(1)(c) GDPR |
4. Recipients of personal data
We do not sell or rent your personal data. We share it only with service providers who help us operate this website and our business (such as web hosting and e-mail providers), acting as processors under Art. 28 GDPR on the basis of data processing agreements, and with public authorities where we are legally obliged to do so.
5. International transfers
Your personal data is stored and processed within the European Economic Area (EEA). If a transfer outside the EEA or the United Kingdom ever becomes necessary, we will ensure an adequate level of protection — for example through an adequacy decision of the European Commission or the UK Government, or the European Commission’s Standard Contractual Clauses (and the UK International Data Transfer Addendum, where applicable).
6. Retention
- Contact enquiries: up to 24 months after our last exchange, unless a contract follows or a longer period is required by law.
- Server logs: typically up to 30 days, unless needed longer for security investigations.
- Cookie consent records: see the Cookie Policy.
- Accounting and contractual documents: for the periods required by Latvian law.
7. Your rights
Under the GDPR and, for UK residents, the UK GDPR, you have the right to:
- access the personal data we hold about you (Art. 15);
- rectification of inaccurate or incomplete data (Art. 16);
- erasure (“right to be forgotten”) (Art. 17);
- restriction of processing (Art. 18);
- data portability (Art. 20);
- object to processing based on legitimate interests (Art. 21);
- withdraw consent at any time, where processing is based on consent, without affecting the lawfulness of processing before withdrawal (Art. 7(3)).
To exercise any of these rights, e-mail us at partnership@nexora-sg.com. We will respond within one month, as required by law. We may need to verify your identity before acting on your request.
8. Complaints
If you believe we process your personal data unlawfully, please contact us first — we will do our best to resolve the issue. You also have the right to lodge a complaint with a supervisory authority:
- In Latvia: Datu valsts inspekcija (Data State Inspectorate), Elijas iela 17, Rīga, LV-1050, www.dvi.gov.lv;
- In the United Kingdom: the Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, ico.org.uk;
- or with the supervisory authority of your EU member state of residence or place of work.
9. Security
We apply appropriate technical and organisational measures to protect your personal data, including encrypted connections (HTTPS), access controls, software updates and data minimisation. No method of transmission over the Internet is completely secure, but we work to protect your data against loss, misuse and unauthorised access.
10. Changes to this policy
We may update this Privacy Policy from time to time, for example when our services or legal requirements change. The current version, with its “last updated” date, is always published on this page. Significant changes will be highlighted on the website.
