Privacy Policy

Last updated: December 16, 2025

Privacy and secure communication

Introduction

nexus2AI Inc. ("nexus2AI", "we", "us", or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our multi-model AI consensus platform and related services (collectively, the "Services").

By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use our Services.

Information We Collect

Personal Information

We may collect personal information that you voluntarily provide to us when you:

  • Register for an account or request a demo
  • Subscribe to our newsletter or marketing communications
  • Contact us for customer support or inquiries
  • Participate in surveys, promotions, or other interactive features
  • Upload documents or data for processing through our Services

This information may include:

  • Name, email address, phone number, and job title
  • Company name, industry, and business address
  • Account credentials and authentication information
  • Payment and billing information (processed securely through third-party payment processors)
  • Documents, files, and data you upload for processing

Automatically Collected Information

When you access our Services, we may automatically collect certain information, including:

  • Device information (hardware model, operating system, unique device identifiers)
  • Log information (access times, pages viewed, IP address, referring URL)
  • Location information (general geographic location based on IP address)
  • Usage data (features used, actions taken, performance metrics)
  • Cookies and similar tracking technologies

How We Use Your Information

We use the information we collect for the following purposes:

  • Service Provision: To provide, maintain, and improve our Services, including document verification, credential checking, and AI consensus processing
  • Account Management: To create and manage your account, authenticate your identity, and provide customer support
  • Communication: To send you transactional messages, service updates, security alerts, and marketing communications (with your consent)
  • Analytics: To analyze usage patterns, monitor performance, and improve user experience
  • Security: To detect, prevent, and respond to fraud, abuse, security threats, and technical issues
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, and government requests
  • Business Operations: To support our business operations, including billing, auditing, and internal research and development

Data Security

We implement industry-standard technical, administrative, and physical security measures to protect your information, including:

  • AES-256 encryption for data at rest and TLS 1.3 for data in transit
  • Multi-factor authentication and role-based access controls
  • Regular security audits and penetration testing
  • SOC 2 Type II certified infrastructure and processes
  • Canadian data centers with redundant backup systems
  • Employee security training and background checks
  • Incident response and disaster recovery procedures

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to maintaining the highest standards of data protection.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Active account data: Retained while your account is active and for a reasonable period thereafter
  • Processed documents: Automatically deleted after processing unless you choose to retain them
  • Audit logs: Retained for 7 years to comply with regulatory requirements
  • Marketing preferences: Retained until you withdraw consent

When retention is no longer required, we securely delete or anonymize your information in accordance with our data retention policies.

International Data Transfers

nexus2AI is headquartered in Canada. Your information may be transferred to, stored, and processed in Canada or other countries where our service providers operate. We ensure that any international transfers comply with applicable data protection laws through:

  • Adequacy decisions recognizing equivalent levels of data protection
  • Standard contractual clauses approved by relevant authorities
  • Binding corporate rules for intra-group transfers
  • Certification under recognized frameworks (where applicable)

Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information, subject to legal retention requirements
  • Portability: Request a copy of your data in a structured, machine-readable format
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests or for direct marketing
  • Withdrawal of Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, please contact us at privacy@nexus2ai.com. We will respond to your request within the timeframe required by applicable law.

Canadian Privacy Compliance (PIPEDA)

nexus2AI complies with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation. In accordance with PIPEDA principles:

  • We are accountable for personal information under our control
  • We identify purposes for collection before or at the time of collection
  • We obtain meaningful consent for collection, use, and disclosure
  • We limit collection to what is necessary for identified purposes
  • We do not use or disclose information for purposes other than those for which it was collected
  • We keep personal information accurate, complete, and up-to-date
  • We protect information with appropriate security safeguards
  • We are transparent about our policies and practices
  • We provide individuals access to their personal information
  • Individuals may challenge our compliance with these principles

European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to lodge a complaint with a supervisory authority
  • Right to data portability in a commonly used format
  • Right to be informed about automated decision-making
  • Right not to be subject to decisions based solely on automated processing

Our lawful bases for processing include: performance of a contract, legitimate interests, compliance with legal obligations, and consent (where applicable).

Third-Party Services

Our Services integrate with third-party AI models and service providers. These third parties are contractually bound to protect your information and may only process it in accordance with our instructions. Our key service providers include:

  • AI model providers (OpenAI, Anthropic, Google) for consensus processing
  • Cloud infrastructure providers for hosting and storage
  • Payment processors for billing and transactions
  • Analytics providers for service improvement

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. Types of cookies we use:

  • Essential Cookies: Required for the operation of our Services
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Help us understand how visitors interact with our Services
  • Marketing Cookies: Used to deliver relevant advertisements (with consent)

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of our Services.

Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website with a new "Last updated" date. For significant changes, we may also provide additional notice through email or in-app notifications. Your continued use of our Services after such modifications constitutes your acceptance of the updated Privacy Policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

nexus2AI Inc.

Privacy Officer

Email: privacy@nexus2ai.com

General Inquiries: nexus@nexus2ai.com