Privacy Policy

1. Introduction

Nexus Logic Labs LLC ("we," "us," "our," or the "Company") is a technology services company registered in Wyoming, United States. We are committed to protecting your privacy and ensuring that your personal data is handled in a safe and responsible manner.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website nexuslogiclabs.com (the "Site"), use our services, or interact with us through third-party platforms including Meta platforms (Facebook, Instagram, WhatsApp Business). This policy applies to all data we process as a Technology Provider under the Meta Business ecosystem.

By using our Site or services, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access the Site or use our services.

2. Data Controller

The data controller responsible for your personal data is:

When we process data on behalf of our clients (as a data processor or Tech Provider), the respective client is the data controller. We process such data strictly in accordance with their instructions and applicable data processing agreements.

3. Information We Collect

3.1 Information You Provide Directly

• Contact Information: Name, email address, phone number, and company name when you fill out our contact form or reach out to us.
• Communication Data: Records of correspondence when you contact us via email, WhatsApp Business, or other channels.
• Client Data: Information provided during the course of our professional services, including project requirements, technical specifications, and account credentials shared for service delivery.
• Business Information: Company details, billing information, and other data necessary for contractual relationships.

3.2 Information Collected Automatically

• Device Information: Browser type, operating system, device type, and screen resolution.
• Usage Data: Pages visited, time spent on pages, click patterns, and referring URLs.
• IP Address: Used for approximate geolocation and security purposes.
• Cookies and Similar Technologies: See Section 8 (Cookie Policy) for details.

3.3 Information from Third Parties

• Meta Platform Data: When providing services as a Technology Provider through Meta platforms (including WhatsApp Business API, Facebook, and Instagram), we may receive data authorized by our clients and their end users in accordance with Meta's Platform Terms and Data Use Policies.
• Analytics Providers: We may receive aggregated analytics data from third-party services.

4. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To provide, maintain, and improve our technology services, including software development, cloud infrastructure management, and IT consulting.
• Communication: To respond to your inquiries, send service updates, and provide customer support.
• Meta Platform Services: To provide technology services on behalf of our clients through Meta platforms, including managing WhatsApp Business communications, ad campaigns, and customer engagement tools. Data accessed through Meta platforms is used strictly for the purposes authorized by our clients and in compliance with Meta's Platform Terms.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.
• Security: To detect, prevent, and address technical issues, fraud, and security threats.
• Website Improvement: To analyze usage patterns and improve the functionality and content of our Site.
• Contractual Obligations: To fulfill our obligations under service agreements with our clients.

5. Legal Basis for Processing (GDPR)

For individuals in the European Economic Area (EEA), United Kingdom, and Switzerland, we process personal data on the following legal bases:

• Consent: Where you have given clear consent for us to process your personal data for a specific purpose (e.g., cookies, marketing communications).
• Contractual Necessity: Where processing is necessary for the performance of a contract with you or to take pre-contractual steps at your request.
• Legitimate Interests: Where processing is necessary for our legitimate business interests (e.g., fraud prevention, network security, direct marketing), provided those interests do not override your fundamental rights and freedoms.
• Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your data with:

• Service Providers: Trusted third-party vendors who assist us in operating our business (e.g., cloud hosting via AWS, email services, analytics tools). These providers are contractually obligated to protect your data.
• Meta Platforms: When acting as a Technology Provider, we interact with Meta's APIs and platforms. Data exchanged is governed by Meta's Platform Terms, our Data Processing Agreements, and this Privacy Policy.
• Clients: When we process data on behalf of our clients, we may share reports and analytics as required by our service agreements.
• Legal Requirements: When required by law, subpoena, court order, or governmental authority.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction.

7. Meta Platform Data Handling (Technology Provider)

As a registered Technology Provider on the Meta platform, we adhere to the following specific data handling practices:

• Purpose Limitation: Data obtained through Meta platforms is used solely for the purposes for which it was collected and as authorized by our clients.
• Data Minimization: We only request and process the minimum data necessary to provide the requested service.
• Secure Processing: All data obtained through Meta APIs is processed using encryption in transit (TLS 1.2+) and at rest (AES-256).
• No Unauthorized Sharing: We do not share Meta Platform Data with third parties except as required to provide the service, and never for advertising or data brokerage purposes.
• Data Deletion: Upon client request, contract termination, or when data is no longer needed, we promptly delete all Meta Platform Data within 30 days. Users may also request deletion directly.
• Compliance: We comply with Meta's Platform Terms, Developer Policies, and all applicable data protection regulations.
• Annual Review: We conduct annual reviews of our data handling practices to ensure ongoing compliance with Meta's requirements.

8. Cookie Policy

Our Site uses cookies and similar tracking technologies to enhance your browsing experience.

Types of Cookies We Use

• Strictly Necessary Cookies: Essential for the Site to function properly. These cannot be disabled.
• Analytics Cookies: Help us understand how visitors interact with our Site by collecting and reporting information anonymously.
• Functional Cookies: Enable enhanced functionality and personalization, such as language preferences.

Managing Cookies

You can manage your cookie preferences through the cookie consent banner displayed on your first visit, or by adjusting your browser settings. Note that disabling certain cookies may affect the functionality of the Site.

9. Data Security

We implement industry-standard administrative, technical, and physical safeguards to protect your personal data, including:

• Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
• Access controls and authentication mechanisms
• Regular security assessments and vulnerability scanning
• Secure cloud infrastructure on AWS with SOC 2 compliance
• Employee training on data protection and security best practices
• Incident response procedures for data breaches

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

10. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

• Contact form submissions: Retained for up to 24 months after the last interaction.
• Client project data: Retained for the duration of the service agreement plus 3 years for legal and tax compliance.
• Meta Platform Data: Retained only for the duration necessary to provide the service, and deleted within 30 days of contract termination or user request.
• Website analytics data: Retained in aggregated, anonymized form for up to 26 months.

11. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including the United States, where our servers and offices are located. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data Processing Agreements with all third-party processors
• Compliance with the EU-US Data Privacy Framework where applicable

12. Your Rights

12.1 Rights Under GDPR (EEA/UK Residents)

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data ("right to be forgotten").
• Right to Restrict Processing: Request that we limit how we use your data.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or direct marketing.
• Right to Withdraw Consent: Withdraw consent at any time without affecting the lawfulness of prior processing.

12.2 Rights Under CCPA (California Residents)

• Right to Know: Request disclosure of what personal information we collect, use, disclose, and sell.
• Right to Delete: Request deletion of personal information we have collected.
• Right to Opt-Out: Opt out of the sale or sharing of personal information. Note: We do not sell personal information.
• Right to Correct: Request correction of inaccurate personal information.
• Right to Non-Discrimination: Exercise your rights without receiving discriminatory treatment.

12.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

We will respond to your request within 30 days (or sooner as required by applicable law). We may need to verify your identity before processing your request.

13. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child under 16 without parental consent, we will take steps to delete that information promptly. If you believe we may have collected information from a child, please contact us immediately.

14. Third-Party Links

Our Site may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last updated" date at the top of this page and, where required, by sending a notification. We encourage you to review this policy periodically.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For GDPR-related inquiries from EU/UK residents, you may also lodge a complaint with your local data protection authority.