NextMinder.com
The controller of your personal data collected on this website NextMinder, a company dedicated to market research and digital product development.
This means NextMinder determines the purposes and means of processing personal data obtained through this site. If you have any questions or requests regarding your personal data, you may contact us at the above email.
Our Data Protection Officer (DPO) can be reached at the provided email address.
We collect and process various types of personal data to provide our services, improve user experience, and for other legitimate business purposes. The data we collect depends on how you interact with our website and services.
When you fill out forms on our website (e.g., contact form, demo request, newsletter signup), we collect the information you provide, such as your name, email address, phone number, company, and any other details you choose to share in the message field.
If you create an account to access our products or services, we collect your registration information, such as your name, email address, username, and password. We may also collect additional profile information you provide, such as your job title, company, and interests.
We automatically collect certain technical data when you visit our website, such as your IP address, browser type, device information, operating system, and browsing behavior. This data is collected through cookies, web beacons, and other tracking technologies. We use this information to analyze website traffic, improve user experience, and personalize content.
We collect information about how you use our products and services, such as the features you use, the pages you visit, and the time you spend on our website. This data helps us understand how users interact with our platform and identify areas for improvement.
If you participate in surveys or research studies, we collect your responses and any personal information you provide. This data is used to gather insights, improve our products and services, and for other research purposes.
We use cookies and similar tracking technologies to collect information about your browsing behavior and preferences. This data is used to personalize content, analyze website traffic, and target advertising. For more information about our use of cookies, please see our Cookie Policy.
Our website may integrate with third-party services, such as social media platforms and analytics providers. These third parties may collect information about your interactions with their services. We are not responsible for the privacy practices of these third parties. Please review their privacy policies for more information.
We do not intentionally collect any special categories of personal data (such as race, religion, health, etc.) through the site, nor do we knowingly collect personal data from children under 16 without parental consent. Our site is not directed at children.
We use the data collected for the following purposes:
We use your personal data to deliver the services you request, such as providing access to our platform, processing transactions, and responding to inquiries. We also use your data to improve our services, personalize content, and enhance user experience.
We use your contact information to communicate with you about our products and services, send you newsletters and updates, and respond to your inquiries and support requests.
We use your data to personalize your experience on our website and platform, such as recommending content, tailoring search results, and displaying targeted advertising.
We use your browsing information and usage data to analyze website traffic, track user behavior, and improve our website's performance and content.
We use your data to conduct research and development activities, such as analyzing user trends, testing new features, and improving our algorithms.
We use your data to ensure the security of our website and platform, prevent fraud, and protect our users and business from harm.
We may use your data to comply with legal obligations, such as responding to subpoenas, court orders, or other legal requests.
We will not use your personal data for any purpose incompatible with the original purposes without obtaining your consent or as required/permitted by law.
Under the GDPR, we rely on the following legal bases for processing your personal data:
We process certain data based on your consent. This includes sending marketing emails or newsletters (when you subscribe or opt-in) and setting analytics/advertising cookies on your device (per your consent via the cookie banner). Also, if you participate in a survey or provide data for research, we often do so on the basis of your informed consent. You have the right to withdraw your consent at any time.
If you request a service or enter into an agreement through our site (e.g., sign up for an account, or register for an event), we process your data to fulfill that contract or to take steps at your request prior to entering into a contract. For example, using your email to send you a report you requested, or using your details to set up an account is contractually necessary.
We process certain data for the legitimate interests of operating and improving our business, provided these are not overridden by your privacy rights. This includes:
We always balance our interests with your rights; for example, for analytics we anonymize data where possible to lessen impact on privacy.
If we are subject to any legal requirements to retain or disclose personal data, we will process data as needed to comply. For instance, we may need to keep web transaction records for tax or accounting if the site offers paid services or disclose data if required by a court order or regulator.
If we rely on consent, you have the right to withdraw that consent at any time (with effect for the future). If we rely on legitimate interests, you have the right to object to such processing (see Section 6 on your rights).
Some of the personal data we collect may be transferred to and processed by recipients outside the European Economic Area (EEA). In particular:
When we transfer personal data internationally, we ensure appropriate safeguards as required by GDPR. Typically, we rely on:
All our major vendors (AWS, Microsoft, HubSpot, etc.) have signed Standard Contractual Clauses committing to EU-level data protection. We have also put SCCs in place for any internal transfers to Iota Impact affiliates or contractors outside the EEA.
We evaluate the legal environment of the destination country and, if needed, apply additional measures (such as encryption) to ensure data protection (as detailed in our International Transfer Policy).
If applicable, some providers may be certified under schemes like the new EU-US Data Privacy Framework or similar (we monitor and use such frameworks once fully in effect and deemed adequate).
You can request more information about international transfers and obtain a copy of the relevant safeguards (e.g., SCCs) by contacting us at the email above. Despite the data being transferred, we uphold your rights and protections. Our U.S. providers are contractually obligated to protect your data, and we contractually require them to assist with GDPR obligations.
Under the GDPR (and equivalent UK or other privacy laws where applicable), you have various rights regarding your personal data:
You have the right to request confirmation of whether we process your personal data, and if so, to obtain a copy of that data along with supplemental information (purposes, categories of data, recipients, retention periods, etc.). You can request, for example, "a copy of all personal data you have about me," and we will provide the data we hold, such as form submissions, account info, and browsing data linked to you.
If any of your personal data that we have is inaccurate or incomplete, you have the right to have it corrected. For instance, if you notice we have misspelled your name or you changed your email address, you can ask us to update it, and we will do so promptly.
You may request that we delete your personal data (the "right to be forgotten"). We will honor this right and erase your data without undue delay if one of the GDPR grounds applies – for example, if the data is no longer necessary for the purposes collected, or you withdraw consent and no other legal basis exists, or you object to processing and we have no overriding interest. Note that certain data we may need to retain if required by law or if an exemption applies (we will inform you if so).
You can ask us to restrict (pause) the processing of your data under certain circumstances. This can apply if you contest the accuracy of your data (for a period enabling us to verify it), or if you want us to preserve data you need for a legal claim while other data gets erased, or if you have objected to processing and await our verification of overriding grounds. When processing is restricted, we will store your data but not otherwise process it until the issue is resolved.
For data you provided to us and which we process by automated means on the basis of consent or contract, you have the right to obtain it in a structured, commonly used, machine-readable format and have it transmitted to another controller where technically feasible. For example, if you provided us with a lot of content or profile data and you want to move to another service, we can export your data in a CSV or JSON format for reuse.
You have the right to object to certain processing:
We do not make any solely automated decisions (including profiling) that produce legal or similarly significant effects on you via the website. In the event we ever do, you would have the right to human intervention and to contest the decision. (This is more relevant for things like credit approvals, which we do not do on our site).
To Exercise Your Rights: Please contact us at contact@nextminder.com or dpo@nextminder.com. Specify which right you wish to exercise and provide enough information for us to verify your identity (we may ask you to confirm some details we have on file to ensure we're dealing with the correct person).
If you believe we have not handled your request or your data in accordance with the law, you also have the right to lodge a complaint with a supervisory authority (see Section 10).
We only keep your personal data for as long as necessary to fulfill the purposes for which it was collected, unless longer retention is required or permitted by law. In practice:
If you contact us through a contact form, we will retain your data for as long as necessary to respond to your inquiry and provide you with the information you requested. We may also retain your data for a reasonable period after your inquiry has been resolved to ensure that we can provide you with ongoing support and assistance.
If you create an account on our website, we will retain your account data for as long as your account is active. If you close your account, we will retain your data for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce our agreements.
If you subscribe to our marketing emails, we will retain your email address until you unsubscribe. You can unsubscribe from our marketing emails at any time by clicking the "unsubscribe" link in the email.
We retain analytics data for as long as necessary to analyze website traffic, track user behavior, and improve our website's performance and content. We typically retain analytics data for a period of 26 months.
We may retain your data for longer periods if required to comply with legal obligations, such as tax laws or regulatory requirements.
After the retention period, we will either securely delete your personal data or anonymize it so it can no longer be associated with you.
You can request deletion at any time (as noted in your rights above), and we will delete data as long as we have no ongoing legitimate reason to keep it.
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk of the personal data we process. These measures are designed to protect your data from unauthorized access, disclosure, alteration, or destruction.
We use encryption to protect your data both in transit and at rest. Our website uses HTTPS to encrypt data transmitted between your browser and our servers. We also encrypt sensitive data stored on our servers.
We restrict access to your personal data to authorized personnel who need to access it to perform their job duties. We use role-based access controls to ensure that only authorized personnel have access to specific data.
We only collect and retain the minimum amount of personal data necessary to fulfill the purposes for which it was collected.
We conduct regular security assessments to identify and address potential vulnerabilities in our systems and processes.
We have an incident response plan in place to address any security incidents that may occur. This plan includes procedures for identifying, containing, and eradicating security incidents, as well as notifying affected parties.
While we strive to protect your data, no system can be 100% secure. Therefore, we cannot guarantee the absolute security of your data.
Please note:
You also play a role in security. Ensure that any account credentials you create are strong and kept confidential. If you suspect any unauthorized access to your account or personal data, please notify us immediately.
Our website uses cookies and similar tracking technologies to provide and improve our services. For detailed information on the cookies we use and how to manage your preferences, please refer to our [Cookie Policy]. In summary:
When you first visit, you will see a cookie consent banner. You can choose which categories of cookies to accept. Your choices will be remembered, but you can change them anytime via the cookie settings link on our site.
Certain personal data can be collected through cookies/tracking (like IP address, device ID, browsing behavior). We handle any such personal data in accordance with this Privacy Notice and only use it for the purposes stated (analytics to improve site, etc.).
If you disable or reject cookies, parts of the site may not function optimally (see Cookie Policy's guidance on this).
We may update this Website Privacy Notice from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. If we make material changes, we will notify users by posting a prominent notice on our website or by other means (e.g., email if appropriate). The "Last Updated" date at the top indicates when the latest changes were made.
For example, if we start collecting new data or use data in a new way, we will revise this notice accordingly and obtain new consent if required.
We encourage you to review this page periodically to stay informed about how we are protecting your information. Historic versions of this policy can be obtained by contacting us.
If you have any questions, concerns, or requests regarding this Privacy Notice or how we handle your personal data, please contact our Data Protection Officer at dpo@nextminder.com.
If you feel that we have not addressed your data protection concerns satisfactorily, you have the right to lodge a complaint with your local Supervisory Authority. For example, if you are in the EU, this could be the Data Protection Authority in your country of residence or where the issue occurred. In the UK, it is the Information Commissioner's Office (ICO).
We would, however, appreciate the chance to deal with your concerns before you approach the authority, so please consider reaching out to us first.