Nexly: Learning & Content Creation Suite for Everyone |

Effective Date: April 3, 2025

Preamble: nexly AI is committed to protecting the privacy of our users. We believe that your personal information is valuable and should be treated with care. This Privacy Policy outlines our practices for collecting, using, disclosing, and protecting your personal data when you interact with our website, https://nexly.eu (referred to as the "Site"). The term "User" encompasses both individuals and organizations that engage with our Site.

Introduction and Parties

As the Data Controller, nexly AI is fully committed to complying with the Law of July 30, 2018, concerning the protection of natural persons regarding personal data processing (referred to as the "Law") and Regulation (EU) 2016/679 of the European Parliament and the Council of April 27, 2016, concerning the protection of natural persons in relation to personal data processing and the free movement of such data, which repealed Directive 95/46/EC (General Data Protection Regulation or "GDPR"). nexly AI also adheres to globally recognized privacy standards and best practices, including the APEC Cross-Border Privacy Rules (CBPRs), and we are committed to safeguarding your privacy regardless of your location.

In specific instances, nexly AI may engage the services of third-party entities (hereafter referred to as "Processors" or "Subcontractors") to assist in the processing of your personal data. Please be assured that we diligently select Processors who adhere to the highest standards of data protection and security.

Processing of Personal Data

We collect and process personal data only when necessary for specific purposes. This can happen in a variety of ways:

Direct collection occurs when you voluntarily provide personal data, such as when you place an order on our website, register for an account, enroll in loyalty programs, subscribe to our emails, participate in surveys, or contact us for customer support. This may include your name, email address, shipping and billing addresses, phone number, payment information, and other relevant details.

Passive collection happens through interactions with our digital platforms, where we use tools like cookies and web beacons to gather data about your online behavior. This includes information about the pages you visit, links you click, the time spent on our website, and your device information, including IP address and browser type. We use this data to improve your experience and tailor content based on your interests.

Additionally, we may obtain data from third-party sources such as affiliates, business partners, data compilation companies, and social media platforms. This could include details about your interactions with our advertisements on those platforms.

Purpose of Personal Data Processing

We process personal data for several key purposes, including providing exceptional customer service by responding to inquiries, resolving complaints, and ensuring satisfaction. We also use personal data to keep you informed about our products and services through marketing communications, campaigns, and promotions via email, social media, and notifications. When interacting with third-party social networks, we may use your personal data to enhance your engagement, such as personalizing your experience when sharing content. With your consent, we also customize your experience by analyzing your data to provide personalized product recommendations, tailor content, and deliver targeted advertising based on your interests and browsing behavior. Personal data is essential for fulfilling orders, including updating order statuses, verifying identities, and preventing fraud. Additionally, we may use personal data for internal research, analytics to improve our services, security enhancements, and general account management.

Types of Personal Data Processed

We collect and process various types of personal data tailored to meet your needs, including:

Contact data such as your name, postal address, email address, phone number, and social network details. Account login data like your login ID/email, screen name, password, and security question/answer. Device data including your IP address, online identifiers, and mobile device details. Payment data, such as debit/credit card details, alternative payment methods, and payment history. Demographic data including gender, age range, location, hobbies, interests, and preferences. Third-party social network data, which may include details from your social media profiles, like when you log in using a platform like Facebook. Site usage data including your navigation patterns, pages visited, links clicked, time spent, and search queries. Feedback data from reviews, survey responses, and contact messages. Geolocation data, collected with your consent, to provide location-based services. Inferences created from data such as purchase history, demographic insights, and usage patterns to personalize and enhance your experience.

Consent

By accessing and using the Site, you acknowledge having read this Privacy Policy and willingly provided free, specific, informed, and unequivocal consent to the processing of your personal data as outlined herein. Your consent is obtained through active actions, such as checking the privacy policy box via a hypertext link. Please note that consent is a mandatory requirement for certain actions on the Site or for establishing a contractual relationship with Nexly AI. Withdrawal of consent does not affect prior lawful processing.

Data Minimization and Purpose Limitation

We are committed to the principle of data minimization, collecting and processing only the personal data that is strictly necessary for the specific purposes outlined in this policy. We do not collect or process any personal data that is not essential for the intended purpose.

Data Sovereignty and Localization

nexly AI recognizes the importance of data sovereignty and user control. We offer users the option to store their data within their chosen geographical region, enabling users to comply with regional data protection laws and regulations, such as the GDPR or the California Consumer Privacy Act (CCPA).

Retention Period

We comply with Article 13(2) of the GDPR, retaining your personal data for a maximum of five years, unless a longer retention period is required by legal obligations or to resolve disputes. Data is kept only for as long as necessary to fulfill its purpose. Contact data, account login data, demographic data, third-party social network data, and feedback data are retained for five years after the last interaction with you. Device data, site usage data, and geolocation data are retained for six months after your last visit. Payment data is kept for the duration of order processing and then for five years after the last transaction. Inferences are retained for five years after the last interaction with you.

Data Recipients and Disclosure

We may disclose your personal data to employees, collaborators, subcontractors, and service providers, ensuring they uphold confidentiality and security while supporting our operations. This disclosure is solely for the purpose of marketing our products and providing services. For example, we may share your data with website hosting providers, payment processors, data analytics providers, and customer support services, all of whom are carefully vetted to ensure compliance with data protection regulations. We may also share your data for cross-contextual behavioral advertising to deliver relevant ads based on your interests. You can opt out of personalized ads and manage cookie settings through the provided links. In certain legal situations, such as complying with law enforcement requests or during business transactions like mergers, your data may also be shared. All recipients of your data are contractually bound to use it securely and for its intended purposes, adhering to high data protection standards. If your data is to be used for direct marketing, we will seek your explicit consent beforehand.

Automated Processing

We use automated processes, such as AI algorithms, to personalize your experience on our platform. These include personalized recommendations based on your browsing history and interests, and content customization tailored to your past interactions. You can manage your preferences and opt out of personalized recommendations and ads through your account settings, giving you control over the content you see.

Data Protection Officer (DPO)

Delia Lazarescu serves as the Data Protection Officer (DPO), responsible for ensuring our strict compliance with national and supranational regulations governing the collection and processing of personal data. The DPO oversees all data protection activities, guarantees the highest levels of data security, and serves as the primary point of contact for inquiries and concerns related to data protection.

User Rights

Nexly AI respects your data protection rights. You can access, correct, or request the deletion of your personal data, restrict its processing, or receive it in a portable format. You also have the right to object to processing or automated decisions, and to lodge a complaint with the Data Protection Authority. For any of these requests or inquiries, please contact us at info@nexly.eu.

Data Portability and Deletion

Users have the right to download their data in a machine-readable format and request the permanent deletion of their account and associated data, in line with GDPR regulations. To initiate either process, please contact us at info@nexly.eu.

Cross-Border Data Transfers

Nexly AI ensures the security of personal data during cross-border transfers by using safeguards such as Standard Contractual Clauses (SCCs), Binding Corporate Rules (BCRs), and Privacy Shield Frameworks. These measures comply with GDPR standards and ensure that data is protected when transferred outside the European Economic Area (EEA).

Automated Decision-Making and Profiling

nexly AI employs automated decision-making processes, including profiling, to enhance user experiences. These processes may influence user interactions on the platform. We provide clear explanations of how automated decision-making processes work and the factors considered. We acknowledge and respect your right to contest decisions solely based on automated means and provide effective mechanisms for such challenges. To contest automated decisions or seek further clarification, please feel free to contact us at info@nexly.eu.

Data Breach Notification

In the unlikely event of a data breach that may compromise your personal data, we are committed to notifying you and the relevant authorities promptly. Our notification process will adhere to legal requirements and prioritize transparency. We will notify you via email and post a notice on our website.

Transparency in Algorithmic Processing

nexly AI employs algorithms, including recommendation algorithms, to enhance and enrich user experiences. We provide transparency about the use of algorithms and the types of data used to train them. Users have the ability to customize or opt out of algorithm-driven content suggestions through their account settings, granting them ultimate control over their interaction with our platform.

Privacy Enhancing Technologies (PETs)

Nexly AI is implementing Privacy Enhancing Technologies (PETs) to strengthen data privacy and security. We use differential privacy to protect individual data during AI training, homomorphic encryption to process encrypted data without revealing it, and zero-knowledge proofs to verify data authenticity without disclosing sensitive information. These technologies ensure enhanced privacy while maintaining security and functionality.

Data Ethics and AI

Nexly AI is committed to the ethical use of data and AI, guided by principles of fairness, transparency, privacy by design, accountability, user control, and ethical advertising. We ensure fairness by identifying and mitigating biases in AI algorithms, provide transparency in data processing, and prioritize privacy at every stage of development. We hold ourselves accountable through internal audits and clear accountability mechanisms. Users have control over their data and AI-driven experiences, including opting out of personalized content and ads. Our commitment to these principles ensures a safe, respectful digital environment for all users.

Ethical AI Principles

nexly AI shall adhere to ethical AI principles outlined in the EU AI Act, including principles of fairness, transparency, accountability, privacy by design, and user control over AI-driven experiences. We also embrace ethical AI principles from global frameworks, such as the OECD AI Principles and the Montreal Declaration for Responsible AI.

Human Oversight

Nexly AI ensures human oversight of AI systems through a dedicated team that reviews and approves AI systems, monitors their performance, and addresses any concerns. This team collaborates with developers to integrate ethical considerations throughout the development process. For critical decisions, we implement "human-in-the-loop" systems, where experts review and may override AI decisions to ensure fairness, accuracy, and ethical compliance in areas like recommendations, content customization, and automated moderation.

Risk Assessment and Mitigation

Nexly AI conducts risk assessments for high-risk AI systems, identifying and mitigating potential risks such as bias, privacy breaches, and unintended consequences. We implement safeguards to protect individuals, society, and fundamental rights.

Data Quality and Bias Mitigation

Nexly AI ensures data quality and fairness by evaluating data sources, using bias mitigation techniques like differential privacy, and regularly auditing AI systems for non-discrimination. Continuous monitoring ensures ethical and equitable AI performance.

Explainability and Transparency

nexly AI shall provide clear and understandable explanations of AI-driven decisions to users, including the factors considered and the rationale behind recommendations or actions taken by AI systems. We aim to provide users with insights into how AI systems work and how their decisions are made.

User Consent and Control

nexly AI shall obtain explicit consent from users for the use of AI systems that significantly impact their rights or interests, and provide users with meaningful control over their data and AI-driven experiences.

Data Protection and Privacy

Nexly AI complies with data protection regulations, including GDPR, by implementing strong privacy measures. We anonymize data to protect identities, use encryption to safeguard data in transit and at rest, and provide user-centric privacy settings for control over data collection and processing.

Accountability and Auditing

nexly AI shall maintain records of AI systems, data used for training, and decision-making processes, and be able to demonstrate compliance with the EU AI Act through regular auditing and reporting mechanisms.

Prohibited Practices

Nexly AI strictly complies with the EU AI Act by prohibiting social scoring, indiscriminate surveillance, and the manipulation of vulnerable individuals. We do not rank individuals based on behavior, collect data without consent, or exploit vulnerable groups. Our commitment ensures ethical AI development and responsible data use.

Notification of Authorities

nexly AI shall promptly notify relevant authorities of any significant incidents, malfunctions, or breaches involving AI systems that may affect the rights or safety of individuals or society.

Training and Certification

nexly AI shall ensure that personnel involved in the development, deployment, and monitoring of AI systems receive adequate training on ethical AI principles, legal requirements, and best practices, and obtain appropriate certification where necessary.

Continuous Monitoring and Improvement

nexly AI shall establish processes for continuous monitoring, evaluation, and improvement of AI systems to ensure ongoing compliance with the EU AI Act and evolving best practices in AI governance.

Consent Management Dashboard

Users can easily manage their consent preferences through an intuitive, user-friendly dashboard within their accounts. This advanced dashboard offers granular control over various data processing activities, allowing users to tailor their privacy settings to their exact specifications.

Privacy by Design

At nexly AI, we integrate privacy principles into our product development from the outset. This means that your data privacy is considered at every stage of product design and development, ensuring that your information is protected by design and default.

User Education and Awareness

We are committed to educating users about data privacy and security. Our platform offers an extensive repository of tips, guides, and resources to empower users to protect their personal information and make informed decisions. This includes providing user-friendly explanations of data protection principles, tips for staying safe online, and resources for managing privacy settings.

Ethical Advertising Practices

In the event that we engage in behavioral advertising, Nexly AI is dedicated to adhering to ethical advertising practices. Users have the option to opt out of personalized ads, and we are transparent in explaining how ads are selected and delivered.

Use of Personal Data for AI Model Training

At Nexly AI, we use personal data to train AI models, enhancing our platform’s responsiveness and personalization while prioritizing privacy and security. Data is anonymized or pseudonymized to protect identities, and we adhere to strict compliance with data protection laws. Users have control over their data through our Consent Management Dashboard, and we conduct regular audits to ensure transparency and ethical use. Data is retained only as needed and deleted when no longer required. For more details or to exercise your rights, contact us at info@nexly.eu. Your trust and privacy remain our top priorities.

Third-Party Audits and Certification

nexly AI subjects itself to rigorous third-party audits and certifications to uphold industry standards and promote transparency and accountability in data protection practices. These audits and certifications include compliance with the GDPR, APEC CBPRs, and other relevant international standards. We also undergo regular audits to ensure compliance with the GDPR and other relevant regulations.

Privacy Impact Assessments (PIAs)

We conduct Privacy Impact Assessments (PIAs) to identify, evaluate, and mitigate risks associated with data processing, especially for novel technologies or high-risk activities. This process involves analyzing potential privacy risks, implementing mitigation strategies, and continuously monitoring their effectiveness to ensure robust data protection.

Regular Transparency Reports

nexly AI is committed to regularly publishing transparency reports, which disclose data requests from government agencies, the nature of these requests, and Nexly AI's documented responses. This commitment underscores our dedication to transparency in all interactions with authorities.

Accessibility and Multilingual Support

We unflinchingly adhere to the tenets of accessibility and inclusivity by ensuring that our privacy policy is accessible to individuals with disabilities, meticulously following the Web Content Accessibility Guidelines (WCAG). Furthermore, we extend the courtesy of translations of the policy in multiple languages to cater to our diverse, global audience.

User Consent for Cookies and Tracking Technologies

We value your privacy and strive to provide transparency in our use of cookies and tracking technologies on our website. Before you proceed, we would like to request your consent to use these technologies for various purposes such as enhancing your browsing experience, analyzing website traffic, and delivering personalized content and advertisements. By clicking "Accept" or continuing to use our website, you signify your consent to our use of cookies and tracking technologies as described in our Cookie Policy. You can manage your preferences and withdraw your consent at any time through our Consent Management Dashboard.

Children's Privacy

Protecting the privacy of children is of utmost importance to us. Our services are not intended for individuals under the age of 16, and we do not knowingly collect personal data from children. If you are a parent or guardian and believe that we have unintentionally collected personal data from a child, please contact us immediately, and we will take steps to delete such information from our records.

Data Security Measures

We prioritize the security of your personal data by implementing industry-standard protections and regularly updating our security protocols. Our measures include strong encryption to safeguard data in transit and at rest, strict access controls to limit data access to authorized personnel, robust firewalls to prevent unauthorized access, and ongoing security assessments to identify and mitigate vulnerabilities. These efforts ensure the confidentiality and integrity of your information.

Data Retention Justifications

We retain your personal data for the duration necessary to fulfill the purposes outlined in this Privacy Policy. Our retention periods are determined by the nature of the data and the specific purposes for which it is processed. For example, we will retain your order information for a period of 5 years for the purpose of fulfilling your order and providing customer support. In some cases, we may be required to retain data for longer periods to comply with legal obligations or resolve disputes.

Algorithmic Impact Assessment (AIA)

Nexly AI conducts Algorithmic Impact Assessments (AIAs) for AI systems that pose significant risks to individuals' rights or interests. This process includes identifying potential risks such as bias, privacy violations, and societal harm, evaluating their severity, and implementing mitigation strategies like data anonymization, fairness techniques, human oversight, and transparent reporting.

Ongoing monitoring ensures continued compliance with ethical and legal standards. AIAs assess data quality, algorithmic transparency, fairness, privacy impact, and broader societal effects. Through rigorous AIAs, we minimize risks while ensuring responsible and ethical AI development.

Human-in-the-Loop Systems

nexly AI shall implement human-in-the-loop systems where appropriate, allowing human intervention in AI-driven processes to review and override automated decisions, especially in cases of significant impact on individuals' rights or interests. This ensures that humans are involved in the decision-making process, particularly for critical decisions or situations where human judgment is necessary.

Accessibility in AI Systems

nexly AI shall ensure that AI systems are designed and developed with accessibility considerations, ensuring equal access and usability for individuals with disabilities. We aim to make our AI systems inclusive and accessible to all users. This involves using design principles that accommodate users with different abilities and ensuring that our AI systems are compatible with assistive technologies.

Procurement Requirements for AI Systems

nexly AI shall establish procurement requirements for AI systems, ensuring that third-party AI solutions comply with ethical AI principles, data protection regulations, and the EU AI Act before integration into nexly AI's infrastructure. We prioritize ethical and compliant AI solutions when acquiring third-party AI systems. This involves carefully vetting AI vendors and ensuring that their products and services align with our ethical and legal standards.

Collaboration with Regulatory Authorities

nexly AI shall collaborate with regulatory authorities, data protection agencies, and other relevant stakeholders to promote the responsible use of AI and ensure compliance with the EU AI Act and other applicable regulations. This includes engaging in dialogue with regulatory bodies, participating in industry working groups, and proactively seeking guidance on emerging AI issues.

Public Transparency Reports on AI Systems

nexly AI shall publish regular transparency reports on AI systems, providing detailed information about the design, functionality, and impact of AI systems on individuals and society. These reports will promote accountability and transparency in our AI practices.

Ethical Review Board

Nexly AI will establish an ethical review board of experts in AI ethics, data protection, and human rights to ensure compliance with ethical standards and the EU AI Act. This board will review and approve AI systems, provide ethical guidance, monitor AI performance, and offer independent assessments.

Board members will be selected based on expertise, diversity, and independence. The review process includes an initial assessment of AI design and risks, an ethical analysis for fairness and transparency, a risk assessment for potential harms, and final recommendations for approval or modification. This ensures responsible AI development and deployment.

Continuous Ethical AI Training

At Nexly AI, we prioritize ethical AI development through continuous education and training. All employees involved in AI must complete mandatory training on AI ethics frameworks, bias mitigation, privacy, transparency, and responsible AI use.

We support ongoing professional development with internal workshops, external certifications, and AI ethics review boards for oversight. Ethical considerations are embedded in product development through design workshops, code audits, and user testing.

Our training programs evolve based on employee feedback, industry standards, and new research. By committing to continuous ethical AI education, we ensure responsible AI development, build user trust, and foster a responsible AI ecosystem.

Community Engagement and Feedback

nexly AI shall actively engage with the community and solicit feedback on AI systems' impact, inviting input from users, stakeholders, and advocacy groups to inform AI governance practices and decision-making. This involves creating channels for user feedback, engaging with relevant stakeholders, and participating in public dialogues about the impact of AI.

Contact

For any inquiries, concerns, or requests pertaining to this privacy policy or any data-related matter, please do not hesitate to reach out to the Data Controller at info@nexly.eu. We hold your privacy in the highest regard and are at your beck and call to assist you with any inquiries or requests that may be entrusted to us.