Privacy Policy

Who we are

We are nexGworx and our website address is: https://nexgworx.co.uk. More information around nexGworx and it’s history can be read within our Who we are section

What personal data we collect and why we collect it

Comments

We currently have turned off this feature within the website and therefore this data will not be published in the public domain.

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

We currently have not enabled this feature for visitors to use within this website.

Editors and Administrator – If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact Us form

We have enabled a “contact us” form within this site. By entering your data and checking the consent box, you are agreeing that we can collect, store and process your information for the specific purpose of contacting you in response to your comment or message and any future dealings with nexGworx.

nexGworx will not share your data with any third party without explicit written authority from the specific Data Subject (you).

Under Chapter 3 of the GDPR regulations, Data Subjects (you) have:

  • The right to be informed of why nexGworx is processing your personal data, what data is being processed and who else the data may be passed to.
  • The right of access to your personal data held by nexGworx (The Data Controller).
  • The right to rectification of your personal data if what is held needs correcting or amending in some way
  • The right to erasure where under certain circumstances you can ask for your personal data to be deleted – “The Right to be Forgotten”. This is where the person data is no longer required for the purpose it was collected for, or you (as the Data Subject) have withdrawn your consent for the processing of that data.
  • The right to restrict processing where the Data Subject has asked for a temporary halt to the processing of the data.
  • The right to data portability where you (as the Data Subject) can request for any data that has been supplied directly to nexGworx (as the Data Controller) by the Data Subject in a structured, commonly used, and machine-readable format.
  • The right to object to any further processing of your data which is inconsistent to the primary purpose for which it was collected.
  • The right not to be subject to a decision based solely on automated processing.

Cookies

We notify you that we make use of essential cookies, through a small notice at the bottom of our site (it takes you through to this page). Once you accept the notice, a small cookie is dropped on your device, to avoid the popup appearing repeatedly for you. This cookie lasts for one year.

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. However, nexGworx currently do not allow the publishing of comments, and therefore this data will not be published in the public domain.

We use a security service, which drops a session cookie that helps prevent malicious use / abuse of the site. This is discarded when you close all tabs / windows in your browser that are on our site.

To help optimise site speed, we use a cache service which can drop a short-life functionality cookie, which expires after 1 day.

Access to the website is limit to a handful of editors and an administrator whom the following cookies will be set for.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

We currently have not enabled this feature within this website.

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Hyperlinks to websites owned and operated by other organisations

Within nexGworx’s website, there are links to other third-party websites which have their own privacy policies, including policies on their use of cookies and personal data captured – we urge you to review them. They will govern the use of personal information you submit, or which is collected by cookies whilst visiting these websites.

nexGworx cannot accept any responsibility or liability for the privacy practices of such third-party websites and your use of such websites is at your own risk.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

Our website provider

Your data (relating to your access to this site – e.g. IP address, user agent and HTTP request) may be available to our website provider, to enable us and them to deliver our services to you, obtain usage analytics / statistics, or provide security functionality for us.

Our website provider acts in accordance with GDPR regulations, and will only retain information for as long as necessary to fulfil the purpose for which is was collected. All personal information collected by our website provider is treated as confidential.

How long we retain your data

Standard access logs are retained for a period of 30 days, unless malicious or suspicious behaviour is detected (in which case, data such as IP addresses may be retained indefinitely, for the purposes of preventing repeat attacks).

The following is for the limited number of editors and the administrator who are registered within the system – For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

As leaving comments has been disabled the following has been turned off – If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

What rights you have over your data

If you have an account on this site (currently only (Editors and Administrator), or have left comments (not currently enabled), you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Our security service can intercept bad traffic on our behalf and may capture your source IP if your computer is compromised and/or is used for illegal or malicious activities.

Your contact information

nexGworx’s Director is the data protection officer (DPO). Their role is to oversee and monitor nexGworx’s data protection procedures, and to ensure they are compliant with GDPR. The data protection officer can be contacted by:

Email: DPO@nexGworx.co.uk
Post: Malvern Hills Science Park, Geraldine Road, Malvern, Worcestershire, WR14 3SZ, GB

The Director acts as a representative for nexGworx with regards to its data controller responsibilities; they can be contacted via email at DPO@nexGworx.co.uk.

Additional information

How we protect your data

We ensure that there are appropriate technical controls in place to protect your personal details.

nexGworx also keeps an audit trail of who made changes to this website and when those changes were made.

In the event of a breach nexGworx would follow the breach procedure policy – which includes informing users who might be affected.

Analytical data

All analytics data is access controlled and limited to individuals who have a need to see information to aid the delivery of services, provide technical assistance or who are performing security-based tasks.

Security related data

All security related data is access controlled, and limited to individuals who have security or technical requirements to view it. No data is retained for technical purposes (e.g. to develop functionality for the website) for longer than it is necessary to do so.

What data breach procedures we have in place

nexGworx has formal data breach procedures in relation to GDPR found within their Data Protection and Data Retention policies and procedures.

The software used to run this website is constantly updated as and when updates, including security updates, become available. If a breach is detected, we will process this in line with the legal requirements under GDPR.

To make a formal complaint about nexGworx’s approach to data protection or raise privacy concerns directly with our data protection team, please contact:

The Data Protection Officer (DPO)
nexGworx
Malvern Hills Science Park,
Geraldine Road,
Malvern,
Worcestershire,
WR14 3SZ, GB
Email: DPO@nexGworx.co.uk

If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

You can contact them by calling 0303 123 1113. Or go online to www.ico.org.uk/concerns (opens in a new window; please note we cannot be responsible for the content of external websites).

What third parties we receive data from

Security reports are produced by our hosting provider which enable nexGworx to protect the personal information that might be contained within our website.

What automated decision making and/or profiling we do with user data

Our security service will make automated blocking decisions, based on your activity (e.g. to use your IP address to restrict access, if malicious behaviour is automatically identified).

Industry regulatory disclosure requirements

nexGworx collect and use personal data in order to meet legal requirements and legitimate interests set out in the GDPR and UK law, including those in relation to the following:

  • Article 6 and Article 9 of the GDPR

You have the right to:

  • Be informed about how nexGworx uses your personal data.
  • Request access to the personal data that nexGworx holds.
  • Request that your personal data is amended if it is inaccurate or incomplete.
  • Request that your personal data is erased where there is no compelling reason for its continued processing.
  • Request that the processing of your data is restricted.
  • Object to your personal data being processed.

Where the processing of your data is based on your consent, you have the right to withdraw this consent at any time.