1. APPROACH TO PRIVACY

1.1 NXSYS, operated by Encom International Ltd (“NXSYS”, “we”, “our” or “us”) is committed to protecting and respecting your privacy. This Privacy Policy sets out how we collect, store, process, transfer, share and use information that identifies or is associated with you (“personal information”) and information regarding our use of cookies and similar technologies.

1.2 NXSYS operates a payroll platform that enables employers to payroll their employees and subcontractors. NXSYS allows a new employee to register their details with their new employer so that their employer may run payroll for any sums due to the employee (the “NXSYS Service”).

1.3 This Privacy Policy applies to the NXSYS Service. Please ensure that you have read this Privacy Policy and understood how we collect, store, use and disclose your personal information before subscribing or accessing the NXSYS Service, whether on behalf of an employer or as an employee.

2. WHO IS RESPONSIBLE FOR THE USE OF YOUR PERSONAL INFORMATION

2.1 If you are an employee, most of the personal information that we store about you will be provided by your employer, including your name, salary and payment details, information about your job role and subscription to the NXSYS Service. Your employer is the controller of that personal information, meaning they determine and are responsible for the personal information that is used, and we will only use that personal information as instructed by your employer in order to provide the NXSYS Service. We will be the controller of (and be responsible for) your personal information only in the limited circumstances set out in this Privacy Policy.

2.2 If you are accessing the NXSYS Service on behalf of an employer, NXSYS Ltd will be the controller of the personal information you provide us when you use the NXSYS Service. This means that we determine and are responsible for how this personal information is used.

3. PERSONAL INFORMATION WE COLLECT FROM YOU AND HOW WE USE IT

3.1 We collect personal information that you submit directly to us when you use the NXSYS Service. This can include information you provide to us when you sign up to the NXSYS Service, or when you correspond with us by phone, e-mail or otherwise in relation to the NXSYS Service.

3.2 We will indicate to you where the provision of certain personal information is required in order for us to process your request, respond to your query or otherwise provide you with a functionality of the NXSYS Service. If you choose not to provide such personal information, we may not be able to process your request to sign up to the NXSYS Service, provide support or respond to your other requests.
Personal information we collect from and about employees.

3.3 When you use the NXSYS Service as an employee, we will collect the following information:
Transaction History
We will keep a record of the amounts we have paid you on behalf of your employer and when these payments were made.
We use this information to recover these amounts from your employer.
The processing is necessary for our legitimate interests, namely obtaining reimbursement from your employer.
This information will be shared with your employer’s payroll platform provider, in order to process and keep a record of payments made to you.
The identity of your employer
We use this information to serve targeted advertisements to employees of our customers in relation to the NXSYS Service, based on the employer named in your social media profile.
The processing is necessary for our legitimate interests, namely targeting our advertising to individuals whose employers have signed up to the NXSYS Service.
Correspondence, comments and opinions
We use this information to address your questions, issues and concerns. The processing is necessary for our legitimate interests, namely communicating with users and responding to queries, complaints and concerns.
We use this information to develop new products and features available on the NXSYS Service or otherwise improve the NXSYS Service. The processing is necessary for our legitimate interests, namely developing and improving the NXSYS Service.
Personal information we collect from users that sign up on behalf of an employer.
When you sign up to the NXSYS Service on behalf of an employer, we will collect the following information:
Your contact details such as your name and email address.
We use this information to communicate with you regarding your employer’s use of the NXSYS Service, including contacting you to promote the NXSYS Service.
The processing is necessary for your employer’s legitimate interests, namely communicating with you with regard to the NXSYS Service.
We may share this information with the employer’s payroll platform provider, in order to enable you to access the NXSYS Service through the payroll platform.
Correspondence, comments and opinions. When you contact us directly, e.g., by email, phone, through our social media channels or when you complete an online form, we will record your comments and opinions.
We use this information to address your questions, issues and concerns. The processing is necessary for our legitimate interests, namely communicating with users and responding to queries, complaints and concerns.
We use this information to develop new products and features available on the NXSYS Service or otherwise improve the NXSYS Service. The processing is necessary for our legitimate interests, namely developing and improving the NXSYS Service.
All personal information set out above.
We use all the personal information we collect to operate, maintain and provide to you the features and functionality of the NXSYS Service, to communicate with you, to monitor and improve the NXSYS Service and our business, and to help us develop new products and services.
The processing is necessary for our legitimate interests, namely, to administer and improve the NXSYS Service.

4. HOW LONG WILL WE STORE YOUR PERSONAL INFORMATION

4.1 Where we are responsible for your personal information (i.e., when we are the controller), we will generally store your personal information for no longer than necessary for the purposes set out in paragraph 3, in accordance with our legal obligations and legitimate business interests, and in any event no longer than 6 years after you stop using the NXSYS Service.

4.2 We may, however, need to retain your personal information for longer if we are required to do so by law.

5. RECIPIENTS OF PERSONAL INFORMATION

5.1 In addition to the recipients listed in paragraph 3, we may also share your personal information with the following (as required in accordance with the uses set out in paragraph 3):

(a) Service providers and advisors: we may share your personal information with third party vendors and other service providers that perform services for us or on our behalf, which may include providing professional services, such as legal and accounting services, processing payments, mailing, email or chat services, fraud prevention, or providing analytic services.

(b) Purchasers and third parties in connection with a business transaction: your personal information may be disclosed to third parties in connection with a transaction, such as a merger, sale of assets or shares, reorganisation, financing, change of control or acquisition of all or a portion of our business.

(c) Law enforcement, regulators and other parties for legal reasons: we may share your personal information with third parties as required by law or if we reasonably believe that such action is necessary to (i) comply with the law and the reasonable requests of law enforcement; (ii) detect and investigate illegal activities and breaches of agreements, including our Terms of Service; and/or (iii) exercise or protect the rights, property, or personal safety of NXSYS, its users or others.

6. STORING AND TRANSFERRING YOUR PERSONAL INFORMATION

6.1 Security. We implement appropriate technical and organisational measures to protect your personal information against accidental or unlawful destruction, loss, change or damage. All personal information we collect will be stored on secure servers. We will never send you unsolicited emails or contact you by phone requesting your account ID, password, credit or debit card information or national identification numbers.

6.2 International Transfers of your Personal Information. The personal information we collect may be transferred to and stored in countries outside of the jurisdiction you are in where we and our third-party service providers have operations. If you are located in the European Economic Area (“EEA”), your personal information may be processed outside of the EEA including in the United States.

6.3 In the instance of such a transfer, we ensure that:
(a) the personal information is transferred to countries recognised as offering an equivalent level of protection; or
(b) the personal information is transferred to certified entities under the EU-U.S. Privacy Shield; or
(c) the transfer is made pursuant to appropriate safeguards, such as standard data protection clauses adopted by the European Commission or UK Information Commissioner.
If you wish to enquire further about these safeguards used, please contact us using the details set out at the end of this Privacy Policy.

7. YOUR RIGHTS IN RESPECT OF YOUR PERSONAL INFORMATION

7.1 In accordance with applicable privacy law, you have the following rights in respect of your personal information that we hold as a controller:
(a) Right of access. You have the right to obtain:
(i) confirmation of whether, and where, we are processing your personal information.
(ii) information about the categories of personal information we are processing, the purposes for which we process your personal information and information as to how we determine applicable retention periods.
(iii) information about the categories of recipients with whom we may share your personal information; and
(iv) a copy of the personal information we hold about you.
(b) Right of portability. You have the right, in certain circumstances, to receive a copy of the personal information you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another person.
(c) Right to rectification. You have the right to obtain rectification of any inaccurate or Incomplete personal information we hold about you without undue delay.
(d) Right to erasure. You have the right, in some circumstances, to require us to erase your personal information without undue delay if the continued processing of that personal information is not justified.
(e) Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your personal information if the continued processing of the personal information in this way is not justified, such as where the accuracy of the personal information is contested by you.

7.2 You also have the right to object to any processing based on our legitimate interests where there are grounds relating to your particular situation. There may be compelling reasons for continuing to process your personal information, and we will assess and inform you if that is the case. You can object to marketing activities for any reason.

7.3 If you wish to exercise one of these rights, please contact us using the contact details at the end of this Privacy Policy.

7.4 Due to the confidential nature of data processing we may ask you to provide proof of identity when exercising the above rights. This can be done by providing a scanned copy of a valid identity document or a signed photocopy of a valid identity document.

7.5 We will seek to respond to any request relating to your rights within one month of receipt of such request.

7.6 Where, given the complexity of the claim or the number of requests received, the above deadline cannot be met, we will inform you of the extended deadline in which we will respond to your request. Such extension may not be more than two months from the date on which we notify you that an extension is required.

7.7 Where we do not follow up on your request, we will inform you within the one month deadline of the grounds on which we have based our decision and of your right to refer a complaint to your national data protection authority.

7.8 You should contact your employer if you wish to exercise any of the above rights in respect of information we hold on your employer’s behalf.

8. LINKS TO THIRD PARTY SITES

8.1 The NXSYS Service may, from time to time, contain links to and from third party websites, including those of our partner networks, advertisers, partner merchants, news publications, and retailers. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check the individual policies before you submit any information to those websites.

9. OUR POLICY TOWARDS CHILDREN

9.1 Our NXSYS Service is not directed at persons under 18 and we do not knowingly collect personal information from any persons under 18. If you become aware that your child has provided us with personal information, without your consent, then please contact us using the details below so that we can take steps to remove such information and terminate any account your child has created with us.

10. CHANGES TO THIS POLICY

10.1 We may update this Privacy Policy from time to time and so you should review this page periodically. When we change this Privacy Policy in a material way, we will update the “last modified” date at the end of this Privacy Policy. Changes to this Privacy Policy are effective when they are posted on this page.

11. NOTICE TO YOU

11.1 If we need to provide you with information about something, whether for legal, marketing or other business related purposes, we will select what we believe is the best way to get in contact with you. We will usually do this through email or by placing a notice on the NXSYS Service. The fact that we may send notices to you will not stop you from being able to opt out of certain types of contact as described in this Privacy Policy.

12. CONTACTING US

12.1 Please contact support@nxsys.tech if you have any questions, comments and requests regarding this Privacy Policy.

12.2 If we are unable to deal with any issues you raise with us, you also have the right to lodge a complaint with your national data protection authority. Further information about how to contact your local data protection authority is available at https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
12.3 This Privacy Policy was last modified on 29th October 2023.