Privacy Policy

This Privacy Policy has been updated on May 25th 2023.


At NXT:FWD, we’re committed to your privacy. We know that earning your trust is utmost important to us. This privacy policy applies to the collection, use, and disclosure of personal data for marketing and sales of services, customer agreements and visit the Website, or communicate or interact with us via the website e.g., download material, subscribe to our newsletters, take part in a promotion campaign, or give us feedback.

What Information Do We Collect?

We may collect personal data from You when you visit our website or otherwise interact with us.
This includes following data and possible other data you have given to us:

- basic information, such as name, title, and your relation to a company you represent and contact details (email address, phone number);
- information relating to our relationship, such as services and order details, contract information, payment details, billing information;
- marketing and communication data e.g., your interests and preferences, selections, marketing permissions and prohibitions;
-  your interaction and related records such as correspondence, your comments, or responses to our surveys;
- personal data generated while visiting our website through cookies or otherwise, and how you use the website;
- technical data on browsing the website e.g.,language, device ID and type, operating system, application settings as well also their data collected by means of cookies and similar technologies;
- and other data you have given to us, which is primarily based on your consent and defined in detail on a case by case basis.

We also collect personal data when you fill out a form on our website to request more information. We may collect personal information such as your name, email address, phone number, and company name.

We may collect and use for any purpose aggregated data, where an individual person is not identified from e.g., analytics and statistical data when visiting our website

Purpose and Legal Basis for Processing ofPersonal Data

We only collect and process personal data, which is needed for managing our relationship with you and for other relevant operational or commercial purposes, including the processing of personal data for anonymizing it.

Website admin, and Information Security

We process personal data to administer and maintain our website, including hosting and delivering of content therein and for preventing faults and repairing thereof. Your personal data may be used to ensure the information security of the website, including prevention of possible frauds and relevant investigations. In these cases, the processing is based on our legitimate interest to operate business effectively and to ensure that the website is appropriately protected.

Our legitimate interest collection and analysing of the necessary information to develop our operationse.g., functionality of the website. We may process personal data for measurement and reporting including statistical information about the use of our website based on your consent.

Marketing and Analytics

 In the case of marketing, the processing of personal data is based on our legitimate interest to collect and analyse relevant information to better understand our customers and develop relevant services. Based ony our consent we may store and access information, including personal data, ony our device in order to create personalised ads profiles and deliver relevant content at the website as well as to measure the effectiveness of the advertising.Respectively, your personal data may also be processed to develop and improve the website, or for developing our own or our partners’ services.

Customer Relationship Management

In case of managing the customer relationship, our processing is based on the contract between you, or a company you represent, and us, or our legitimate interests to serve you based on your choices and provide you enhanced customer experience, and to interact for feedback.

Compliance with the law

We process your personal data in order to meet our statutory obligations e.g., to fulfil authorities’ requests based on the law.

Other purposes you have consented to

We may process your personal data also for specific purposes if you have consented to such processing. Processing of data on browsing the website and your preferences related thereto as well as sharing such data with nominated third parties is primarily based on your consent.

Use of Cookies

When you visit our website, cookies, and other similar technologies (“Cookies”) are used to automatically collect information about your visit. Collected information is e.g., browser type and version, IP-address, geolocation, device information (platform, model, OS). To use the site you need to accept the cookies. Cookies remain on your device until they are expired, or you delete them.

Retention time for each cookie is two months. You can accept or refuse cookies or change your earlier choices through cookie banner at our website. You can always disable cookies or clear your cookie history for all visited websites from your browser settings.

Accepting cookies will enable you to get the best from our website. If you refuse cookies, some aspects of the website may not work on your device, and you may not be able to access all areas thereof.

Data Sharing and Disclosures of Personal Data

We may share your personal data with third-party service providers who assist us in providing our services. We may also disclose your personal data to comply with legal obligations or protect our legal interests.

Communication of the Marketing Activities

We send commercial e-mails that may include technologies (web beacons, cookies or similar) that allow us to know what you do with the message (open, read etc.)and links you may click. When you click a link in our marketing e-mail, we will also use a cookie to log what pages you view and what content you download from our website. You may control the use of your personal data for direct marketing purposes.

You can ask us to stop sending you marketing messages by following the opt-out links on any marketing message sent to you at any time. In such case, we will retain minimum amount of personal data to respect your choice in order to avoid contacting you again. Please note that even though you opt-out of direct marketing, we may need to contact and communicate with you in connection with the other purposes your personal data is processed for.

Hosting of the Data, and Transfer of Personal Data Outside of the EU or EEA

As a global organisation, we operate in multiple regions to provide our services to our customers worldwide. Your data is primarily hosted in local environments within your region. When You or your organisation reside within the European Union (EU)/European Economic Area(EEA), Personal Data is processed by us withinEU/EEA and in third party data processing facilities located within the EU/EEA.

Some of our service providers may have access or are located outside the EU/ EEA and their processing of your personal data will involve a transfer of data out side of EU/EEA. We will take necessary steps to provide appropriate safeguards for international data transfers and to the extent necessary implement supplementary measures for protection of personal data as required by applicable laws.

Personal data is transferred only to countries that have been deemed to provide an adequate level of protection of personal data, and where not we will implement the standard contractual clauses and implement necessary technical, or ganisational, or contractual supplementary measures to ensure that personal data has the same protection as in EU/EEA.

Retention of Personal Data

We will retain your personal data only for as long as necessary to communicate with you for sales, marketing and other purposes, provide access to our website, and as required by law (different data categories have different retention periods). After that, we will securely dispose of your personal data.

Your personal data processed based on a customer relationship with you, or a company you represent, are stored, as a rule, for the duration of the customer relationship or as long as the provision of the services requires. After our relationship or service provision has ended, we store personal data that are necessary to protect our legitimate interests e.g., enabling response on requests or claims under applicable provisions concerning statute of limitations, or we may store your personal data, to the extent necessary, in order to respect your request not to receive direct marketing from us.

Personal data processed based on legitimate interests are processed as long as there are grounds for their processing. If you object such processing, data will be erased after your request has been validated. An example of this kind of processing falling within the scope of legitimate interest is direct marketing. If personal data is processed based on legal obligations, it is retained as long as required by law. The storage time of personal data processed with your consent is determined according to the purposes of processing.

Your Rights

You have certain rights regarding your personal data:

Right to Access:
- You have the right to access your personal data that we hold.
Right to Rectify Personal Data:
- You have the right to request that we correct any inaccurate or incomplete personal data that we hold.
The Right to Object to the Processing:
- You have the right to object to the processing of your personal data for certain purposes. 
The Right to Data Portability:
- You have the right to receive your personal data in a structured, commonly used, and machine-readable format. 
The Right to Be Forgotten:
- You have the right to request that we erase your personal data under certain circumstances.
The Right to Restriction of the Processing:
- You have the right to request that we restrict the processing of your personal data under certain circumstances.
The Right to Give and Withdraw Your Consent:
- You have the right to give or withdraw your consent for the processing of your personal data.

Data Security

We take appropriate technical and organisational measures to protect your personal data from loss, destruction, un authorised access, disclosure, or other misuse. These measures include physical, electronic, and procedural safeguards that comply with applicable legal requirements. We limit access to personal data to those author is edemployees and service providers who need to know the information in the course of their duties. They will only process your personal data based on our instructions and are subject to a confidentiality obligation.

PersonalData is stored in an encrypted database in GoogleCloud platform. We adhere to best practices for persisting and encrypting data, and to that end, data is always encrypted at rest. The databases are not directly accessible from the Public Internet and can only be reached via privileged application servers. Our application services, and other aspects of our infrastructure are all located in a highly secured environment to prevent any direct access from the outside world.

Please be aware that, although we endeav our to provide appropriate security measures for personal data, no security system can prevent all potential security breaches.If a security breach occurs, we will inform you in accordance with applicablelaws.

Changes to the Privacy Policy

We may update this privacy policy from time to time. We will notify you of any significant changes by posting a notice on our website or by sending you an email.

Contact Us

The contact details of the company:
- NXT:FWD Software Oy, business ID: 3178214-8, Lapinlahdenkatu 16, 00180 Helsinki.

If you have any questions or concerns about this privacy policy or our use of your personal data, please contact the support team