Privacy Policy

Our Commitment to Privacy

At Optimal Nexus, we take your privacy seriously. This Privacy Policy explains how we collect, use, and protect your personal information when you use our services and website.

We are committed to transparency and compliance with global privacy regulations including GDPR, CCPA, CASL, and other applicable laws. This policy applies to all users of our services, regardless of location.

Information We Collect

We collect only the information necessary to provide and improve our services. This includes:

• Site Analytics: Anonymous usage data, page views, session duration, and browser information to improve user experience.
• Contact Form Submissions: Name, email address, company name, and any message content you voluntarily provide when contacting us.
• Account Data: For registered users, we collect email, company details, and usage data necessary to deliver our orchestration services.
• Cookies: Essential cookies for site functionality, analytics cookies (with consent where required), and preference cookies to remember your settings.
• Third-Party Integrations: When you connect external platforms (CRM, marketing automation), we process data you authorize us to access.

Legal Basis for Processing (GDPR)

We process your personal data based on the following lawful grounds:

• Legitimate Interests: We process analytics and usage data to improve our services, detect fraud, and ensure platform security.
• Consent: For marketing communications and non-essential cookies, we obtain your explicit consent before processing.
• Contractual Necessity: When you sign up for our services, we process data necessary to fulfill our contractual obligations.
• Legal Compliance: We process data to comply with legal obligations, including tax, accounting, and regulatory requirements.

You have the right to object to processing based on legitimate interests. Contact our DPO to exercise this right.

Data Retention

We retain personal data only as long as necessary for the purposes described in this policy:

• Contact Form Inputs: Retained for 30 days, then automatically purged unless converted to an active customer relationship.
• Service Outputs & Logs: Kept for 180 days for quality assurance, then anonymized or deleted.
• Audit & Compliance Logs: Maintained for 365 days to meet regulatory requirements, then archived or securely deleted.
• Account Data: Retained for the duration of your active subscription plus 90 days for account recovery, then deleted upon request.

You may request early deletion of your data at any time by contacting our Data Protection Officer.

Your Rights

Under GDPR and other privacy laws, you have the following rights regarding your personal data:

• Right of Access: Request a copy of all personal data we hold about you.
• Right to Rectification: Correct inaccurate or incomplete data.
• Right to Erasure: Request deletion of your data when no longer necessary or if you withdraw consent.
• Right to Restriction: Limit how we process your data in certain circumstances.
• Right to Data Portability: Receive your data in a structured, commonly used format.
• Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent: Withdraw consent at any time for consent-based processing.

To exercise any of these rights, please contact our Data Protection Officer at dpo@optimalnexus.com.

Contact Our Data Protection Officer

For questions about this Privacy Policy, data subject requests, or privacy concerns:

Email: dpo@optimalnexus.com
Response Time: Within 72 hours for urgent requests, 5 business days for standard inquiries

For detailed information about our compliance frameworks, technical controls, and data processing practices, please visit our Compliance page.