Privacy Policy

At nexC, we protect your personal privacy and always strive to ensure a high level of data protection. This privacy policy explains how we collect and use your personal data. It also describes your rights and how you can act on them.

It is important that you understand the privacy policy and feel secure with our processing of your personal data. You are always welcome to contact us if you have any questions. For questions regarding our privacy policy, please contact nexC Data Protection Officer Aviad Priel by emailing privacy@nexc.co.

 

What is personal data?

Personal data is all kinds of information that can be directly or indirectly associated to a physical living person. For example, images and sound recordings that are processed in a computer can be personal data even if no names are mentioned. Encrypted data and different types of electronic identities (such as IP numbers) are personal data if they can be linked to physical people.

 

what is processing of personal data?

Processing of personal data is everything that occurs in terms of handling personal data. Any action performed with personal data counts as a form of processing, regardless of whether it is automated or not. Examples of common processing are collection, registration, organising, structuring, storing, revising, transfer and deletion.

 

Who is responsible for the personal data we collect?

nexC, Israel corporate ID number: 556586-1415. Address: yishayahoo 27 Tel-aviv, Israel, is responsible for personal data and the company’s processing of personal data.

 

What personal data do we collect about you as a customer and for what purpose (why)?

 

Purpose - In order to process orders/purchases

where nexC offers a checkout service for retailers.

Processing performed by retailers using the dataDelivery (including notification and contact information regarding delivery). Identification and age check. Processing of payment (including analyses of possible payment solutions which may include a check of payment history). Processing of returns/complaints and warranty matters.

Categories of personal dataName. Contact details (e.g. address, e-mail and phone number). Payment history. Payment information. Purchase information (e.g. which item has been ordered or if the item is to be delivered to another address).

Legal basis

Completion of the purchase agreement. This collection of your personal data is required so that the retailer whose checkout nexC provides will be able to meet its obligations according to the purchase agreement. If data is not submitted, their commitments cannot be met and we are unable to provide the point of sales site with the information they need to complete a purchase.

Storage period:Until the purchase has been completed (including delivery and payment). If the consumer is a registered/logged in member, the data may be saved as long as the member is an active member of nexC, to enable processing any returns/complaints and warranty issues.

 

Purpose - In order to process service issues.

Processing performedCommunication and answering any questions via phone or via digital channels, including social media. Identification. Investigating any complaints and support cases (including technical support).

Categories of personal dataName or company name. Contact details (e.g. address, e-mail or phone number). Your correspondence. Data about event occurrence, retailer involved, any errors/complaints. Technical data about your equipment. User data for members.

 

Legal basis

The processing is necessary to meet our and your legitimate interest in processing service matters.

Storage periodUntil the service case has been completed. Valid personal data for retailers – so the data will be saved as long as the company is a customer of nexC.

Purpose - In order to evaluate, develop and improve our services, products and systems for customers and users.

Processing performed

  • Adaptation of services to be more user-friendly (e.g. change the user interface to simplify the flow of information or to highlight features commonly used by customers in our digital channels).

  • Analyses of data in order to improve features and tools.

  • Analyses of data to develop, broaden and change product categories and product data to make the service more relevant to users and customers.

  • Analyses of data in order to standardize the retailers service quality on the site.

  • Analyses of data to enable our users and customers to influence the appearance and contents of our services.

  • Analyses of data to improve IT systems in order to improve performance or enhance security for nexC, its users and customers.

  • Based on the data we collect (e.g. clicks to retailers, age and gender) you can be sorted into a user group, upon which analyses are then performed on an aggregate level using non-identifiabledata without any link to you as an individual. The insights from the analyses form the basis for which products, product categories, and the design of tools for which users and customers have access to.

  • The only connection nexC does with data will be for social recommendation and friends buying symmetry. nexC will use only data the user define as public for this matter.

 

Categories of personal data

  • Age.

  • Gender.

  • Address.

  • Correspondence and feedback regarding our services and products.

  • Purchase and user-generated data (e.g. clicks and visit history).

  • Technical data pertaining to devices used and their settings (e.g. language setting, IP address, browser settings, time zone, operating system, screen resolution and platform).

  • Information about how you interacted with us, in other words how you used the service, login method, where and how long different pages were visited, response times, download errors, how you access and leave the service, etc.

 

Legal basis

Legitimate interest. The processing is necessary to meet nexC’s, the users’ and our customers’ legitimate interest in evaluating, developing and improving our services and systems in order to supply the best shopping recommendations.

Storage periodFor non-register user-From the time of collection and for a period of 36 months thereafter. For a member – the data may be saved as long as the member is an active member of nexC, to enable long smart learning process.

Purpose - In order to prevent abuse of a service or to prevent, avoid and investigate crimes against the company.

Processing performedPrevention and investigation of possible fraud or other crimes (e.g. clicks to retailer manipulation). Prevention of spam, phishing, unauthorised retrieval of price or product data from our services, harassment, unauthorised login to user accounts, or other actions prohibited by law or by our membership, service or customer agreement. Protecting and improving our IT environment against attacks and intrusions.

Categories of personal data - Purchase and user-generated data (e.g., clicks and visit history). Technical data pertaining to devices used and their settings (e.g. language setting, IP address, browser settings, time zone, operating system, screen resolution and platform). Data about how our digital services are used.

Legal basisCompliance with legal obligation (if any) or legitimate interest. If no legal obligation exists, processing is necessary to meet our legitimate interest in preventing abuse of a service or preventing, avoiding and investigating crimes against the company.

Storage period

From the time of collection and for a period of 36 months thereafter.

PurposeTo manage your membership and provide the user service with personalized features such as personal recommendation, friend list, buying preferences, favorite lists and price alerts.

Processing performed - Creation of login feature. Checking your identity and age. Maintaining correct and updated information. Each search processing the data in order to find you the best-matching product. The possibility for you to save favorites and similar features which make the user experience better.

 

Categories of personal data

  • Name.

  • E-mail address.

  • Phone number.

  • Address.

  • Historical user data such as clicks to sellers, favorite products, price alerts, visits to product and category pages, comments, reviews and interest notifications.

  • Username and password.

  • Settings and your personal preferences.

  • Question answers

  • Voting friends

 

Legal basis

Full implementation of the membership agreement. This collection of your personal data is required in order to meet our obligations according to the nexC user agreement. If the data is not provided, our commitments cannot be met, and we are therefore forced to refuse membership.

Storage period - Until The user delete is account in nexC.

PurposeIn order to deliver a personalized experience of our services.

Processing performed - Creation of personalised content for you, e.g. via relevant product recommendations, presentation of your specific benefits and offers, custom tools, segmented samples and tips content, and other similar measures that involve an easier user experience for you. Simplification of your use of our services. Personal communication based on your behavior as a logged in member. Analyzer of the data we collect for the purpose:

 

Based on the data we collect (e.g. visited product categories, searches, settings, reviews, and clicks history), we perform an individual-level analysis. The insights from the analyses form the basis for our communication with you and what offers, benefits and information about e.g. tips or new products is presented to you.

 

Categories of personal data

  • Name.

  • Username.

  • Gender.

  • Address.

  • Purchase history.

  • Question history

  • Purchase and user-generated data (e.g. clicks and visit history). Specified customer choices regarding e.g. communication channels or tools on the website.

 

Legal basis

Full implementation of the membership agreement. This collection of your personal data is required in order for us to meet our obligations according to the membership agreement. If the data is not provided, our commitments cannot be met and we are therefore forced to refuse membership or access to services.

Storage periodUntil The user delete is account in nexC.

 

From what sources do we retrieve your personal data?

In addition to the data you provide us, or which we collect from you based on your purchases and how you use our services, we may also collect personal data from someone else (a so-called third party). Examples of data we collect from third parties may be address data from public records (to ensure our retailers deliver to the correct address) or information from signing in with Facebook or another social network to facilitate your experience as a user. Such retrieval never happens without explicit consent from you as a user.

 

Who could we end up sharing your personal data with?

Data processors. In cases where it is necessary so that we can provide our services, we share your personal data with companies that are so-called data processors for us. A data processor is a company that processes the data on our behalf and according to our instructions. We have data processors who help us with:

  1. Payment solutions (card issuing companies, banks and other payment service providers).

  2. Marketing (print and distribution, social media, media agencies or advertising agencies).

  3. IT services (companies that handle necessary operative solutions, technical support and maintenance of our IT solutions)

  4. Billing in cases where a retailer has Swedish social security number as corporate ID number (one-person company).

  5. Aggregation, anonymisation and sale of behavioural data.

When your personal data is shared with personal data counsels, it is for purposes that are compatible with the purposes for which we have collected the data (e.g. to meet our obligations according to purchase or membership terms). We check all personal data counsels to ensure that they can provide sufficient safeguards regarding the security and confidentiality of personal data. We have written agreements with all personal data counsels through which they guarantee the security of the personal data processed and undertake to comply with our security requirements as well as restrictions and requirements regarding the international transfer of personal data.

Companies which are independently responsible for personal data. We also share your personal data with certain companies that are independently responsible for personal data. The fact that the company is independently responsible for personal data means that we are not the party controlling how the data submitted to the company will be processed. Companies and other parties who are independently responsible for personal data and with whom we share your personal data with are:

  1. Government agencies (police, tax agencies or other authorities) if we are required to do so by law or upon the suspicion of crime.

  2. Companies offering payment solutions (card issuing companies, banks and other payment service providers).

When your personal data is shared with a company that is independently responsible for personal data, the privacy policy and personal data management of that company takes precedence and is that which applies.

 

How long do we storage your personal data?

We never storage your personal data longer than is necessary for each purpose. See more about the special storage periods for each purpose.

 

What rights do you have as someone who is a registered member?

Right to access (so-called register extract). We are always open and transparent about how we process your personal data and if you want to gain a deeper insight into the personal data we are processing, you may request access to the data (the data is provided in the form of a register extract indicating purpose, categories of personal data, categories of recipients, storage periods, information about where the information has been collected and the existence of any automated decision-making).

Please note that if we receive a request for access, we may ask for additional information to ensure the effective handling of your request and that the information is provided to the correct person.

 

Right to rectification. You may request that your personal information be corrected if the information is incorrect. Within the framework of the stated purpose, you also have the right to supplement any incomplete personal data.

Keep in mind that you as a member of nexC can edit a great deal of submitted data when logged in on nexC’s website.

 

Right to deletion. You may request the deletion of personal data we process about you if:

  • The data is no longer necessary for the purposes for which they have been collected or processed.

  • You oppose a weighing of interests we have performed based on legitimate interest and your objection weighs more than our legitimate interest.

  • You oppose processing for direct marketing purposes.

  • Personal data is processed illegally.

  • Personal data must be erased to comply with a legal obligation we are subject to.

  • Personal data which has been collected for a child (under the age of 13) for which you have parental responsibility and collection has been made in connection with an offering via information society services (e.g. social media).

 

Keep in mind that we may have the right to deny your request if there are legal obligations that prevent us from immediately deleting certain personal data. These obligations derive from accounting and tax legislation, banking and money laundering legislation, yet also from consumer law. It may also be possible that processing is necessary for us to determine, enforce or defend legal claims. Should we be prevented from granting a request for deletion, we will instead block personal data from being used for purposes other than the purpose that prevents the requested deletion.

 

Right to limitation. You have the right to request that our processing of your personal data be limited. If you disagree that the personal data we process is correct, you may request limited processing during the time which we need to check if your personal data is correct or not. If we no longer need your personal data for the stated purposes, but you need the data to determine, enforce or defend legal claims, you may request limited processing of the data by us. This means that you can request that we do not delete your data.

If you have objected to a weighing of interest of legitimate interest that we have performed as a legal basis for a purpose, you may request limited processing during the time which we need in order to check if our legitimate interest outweighs your interest in having the data deleted. If the processing has been limited in accordance with any of the above situations, we may, in addition to the actual storage, process the data to determine, enforce or defend legal claims, to protect someone else’s rights or if you have given your consent.

 

Right to object to certain types of processing. You always have the right to avoid direct marketing and to object to all processing of personal data based on a weighing of interest.

Legitimate interest In cases where we use a weighing of interest as a legal basis for a purpose, you have the possibility to object to the processing. In order to continue processing your personal data after such objection, we need to demonstrate a compelling legitimate reason for the current processing that weighs heavier than your interests, rights or freedoms. Otherwise, we may only process the data to determine, exercise or defend legal claims.

 

Right to data portability. If our right to process your personal data is based either on your consent or implementation of an agreement with you, you are entitled to request that the data relating to you and which you have provided to us is transferred to another party which will be responsible for the personal data (so-called data portability). A prerequisite for data portability is that the transfer is technically possible and can occur in an automated manner. Does nexC process social security numbers?

 

What are cookies ?

Cookies are a small texts consisting of letters and numbers sent from our web server and stored on your browser or device. On nexC, we use the following cookies:

1. Session cookies (a temporary cookie that terminates when you close your browser or device).

2. Sustained cookies (cookies that remain on your computer until you delete them or they expire).

3. First party cookies (cookies set by the website you visit).

4. Third party cookies (cookies set by a third party site). These are primarily used for analyses, e.g. Google Analytics.).

5. Similar technologies (technologies that store information in your browser or device in a manner similar to cookies).

 

how do we use them?

The cookies we use are intended to improve the services we offer. Some of our services need cookies to work properly, while others improve the services for you. We use cookies for overall analytical information regarding your use of our services and for saving functional settings such as language and other information. We also use cookies to provide relevant targeted marketing to you. You can always contact us for more specific information, or if you have questions about our cookies, by e-mailing privacy@nexc.co.

 

Can you yourself control the use of cookies?

Yes! Your browser or device allows you to change the settings for the usage and scope of cookies. Go to the settings of your browser or device to learn more about managing the settings for cookies. Examples of things you can manage are blocking all cookies, only accepting first party cookies, or deleting cookies when you close your browser. Keep in mind that some of our services might not work if you block or delete cookies..

 

How is your personal data protected?

We use IT systems to protect the privacy, integrity and access to personal data. We have adopted security measures to protect your personal data against unauthorized or illegal processing. Only those persons who actually need to process your personal data to meet our stated purposes have access to them.

 

What does it mean that the Data Inspectorate is the supervisory authority?

The Data Inspectorate is responsible for monitoring the application of the law, and a person who deems that a company processes personal data in an incorrect manner is able to file a complaint with the Data Inspectorate.

 

How do you contact us in the easiest manner with questions about data protection?

Since we take data protection very seriously, we have designated employees who handle these issues, and you can always reach them via privacy@nexc.co.

We may make changes to our privacy policy. The latest version of the privacy policy is always available here on the website. Upon updates that are critical to our processing of personal data (such as a change in specified purposes or categories of personal data) or updates that are not critical to processing but which may be of crucial importance to you, you will receive information via nexc.co and via e-mail (if you have stated an e-mail address) in good time before the updates start to apply. When we provide information about updates, we will also explain what the updates involve and how they affect you.

 

The Privacy policy was last updated 05-02-2021