Last Updated: 10th July 2025
1. Introduction
NexGlobal, LLC (“NexGlobal”, “Company”, “we”, “our”, or “us”) respects your privacy and is committed to protecting the personal and business data you share with us when using our services, software, or visiting our website.
This Privacy Policy explains how we collect, use, store, disclose, and protect the information of visitors, clients, users, and partners across all platforms and services operated by NexGlobal. This Policy applies solely to data collected through nexglobal.io and related domains, and does not apply to any third-party sites or services.
⚠️ By using our services, you agree to this Privacy Policy and other published Terms and Conditions.
2. Who We Are
NexGlobal, LLC is a U.S.-registered limited liability company, specializing in regulatory technology (RegTech), compliance advisory, and AI-powered risk management platforms for financial and non-financial institutions. We operate globally, serving clients across 40+ countries through a distributed network of advisors, developers, and compliance experts.
We are committed to maintaining the highest standards of data integrity, ethical conduct, and regulatory alignment. As both a product innovator and a service provider, NexGlobal blends advanced technologies with strategic advisory to support our clients in achieving and maintaining full compliance.
Legal & Operational Details:
- Legal Entity: NexGlobal, LLC
- Incorporation Jurisdiction: State of Wyoming, United States
- Registered Address: 30 N Gould St, Ste R, Sheridan, WY 82801, United States
- Operational Address (HQ): 2097, 8549 Wilshire Blvd, Beverly Hills, CA 90211-3104, United States
- Support & Inquiries: info@nexglobal.io
NexGlobal also maintains international operations and affiliations with professional and academic partners in the UAE, UK, and other jurisdictions. Our infrastructure is hosted primarily in secure, U.S.-based cloud environments, with regional redundancies and global compliance alignment.
3. Scope of This Policy
This Privacy Policy outlines the principles and practices NexGlobal follows in the collection, use, storage, protection, and deletion of data across all engagements.
3.1 Applicability
This Policy applies to all:
- Website Visitors who browse, interact with forms, or download content from nexglobal.io and affiliated domains.
- Platform Users including clients using NexGlobal’s suite of AML and compliance software tools (e.g., NexAML™, NexSanctions™, NexEKYC™, NexFraudRadar™, HammurabiGPT™).
- Advisory Clients who engage us for audits, remediation planning, training, policy drafting, or other strategic services.
- Corporate Representatives providing business information, KYC documents, or contracting under an entity name.
- Support Users contacting us via email, phone, chatbot, or helpdesk.
3.2 Non-applicability
This Policy does not apply to:
- Third-party websites, services, or APIs that may be linked from NexGlobal’s platforms.
- Client-specific z terms contained in signed service agreements or enterprise contracts.
- Offline or non-digital interactions unless tied to our regulated service offerings.
3.3 Jurisdictional Compliance
While NexGlobal is governed under U.S. law, we aim to align our practices with leading global privacy frameworks, including:
- GDPR (EU/UK)
- CCPA/CPRA (California)
- PDPL (UAE)
- Data protection principles under FATF & Basel guidelines
We commit to transparency, data minimization, and accountability regardless of the user’s jurisdiction, and continuously assess cross-border compliance needs.
4. Data We Collect (Expanded)
NexGlobal collects and processes information necessary to deliver our services effectively and meet compliance, operational, and legal requirements. We adhere to the principle of data minimization—only collecting what is necessary for a legitimate purpose.
4.1 Categories of Data Collected
Category | Examples |
Personal Identifiers | Name, title, email, phone, ID/passport, address, nationality, signature |
Business Information | Company name, legal form, registration number, beneficial ownership (UBO) |
Compliance Records | Audit logs, transaction monitoring alerts, STRs/SARs, risk scores |
Usage Data | IP address, browser info, pages visited, time spent, session identifiers |
Platform Interactions | Logins, document uploads, audit trail data, AI-tool interactions |
Communication Data | Email correspondence, chat transcripts, support requests |
4.2 Sources of Data
We collect information from:
- Direct interactions (client onboarding forms, service agreements)
- Client uploads (via NexAML™, NexEKYC™, etc.)
- Third-party integrations (e.g., sanctions lists, ID verification APIs)
- Website cookies and tracking tools (with consent, where applicable)
4.3 Special Categories
NexGlobal does not intentionally collect:
- Biometric data
- Health information
- Sensitive personal data (unless required for specific compliance tasks, in which case we apply heightened safeguards)
5. How We Use Your Data (Expanded)
NexGlobal processes your data to fulfill contractual obligations, support regulatory compliance, and improve platform performance, in full alignment with lawful bases under applicable data protection laws.
5.1 Primary Uses
Purpose | Details |
Service Delivery | Execute advisory work, AML audits, policy reviews, remediation plans, etc. |
Platform Functionality | Allow access to NexGlobal systems, track user sessions, and enable dashboard visibility |
Risk & Compliance Operations | Generate STRs, conduct UBO reviews, manage alerts, support licensing and inspections |
Account Management & Support | Respond to inquiries, assist with troubleshooting, manage billing and renewals |
Improvement of AI Tools | Analyze usage trends (on anonymized basis) to enhance features and detect anomalies |
5.2 AI and Automation Disclosure
- Your data is never used to train our AI models.
- AI modules (e.g., HammurabiGPT™, NexFraudRadar™) operate within-session only unless expressly saved.
- Sensitive tasks such as STR writing or fraud detection are subject to human oversight in enterprise setups.
5.3 Legal & Regulatory Compliance
We may process and disclose data to:
- Meet AML/CFT obligations under local and international law
- Respond to lawful requests from regulators or law enforcement agencies
- Support investigations, audits, or supervisory reviews
5.4 Marketing and Communication
We may use business contact information (name, work email, company) to:
- Send service updates, whitepapers, or newsletters (you can opt-out anytime)
- Invite clients to product demos, training sessions, or research initiatives
We do not sell or rent your data to third parties.
6. Data Sharing & Disclosure
NexGlobal treats all client and user data with the highest standard of confidentiality and applies strict access controls. However, there are limited circumstances under which we may share data:
6.1 Internal Access (Need-to-Know Basis)
Access to personal and compliance-related data is restricted to authorized personnel who require it to perform their duties. These include:
- AML/Compliance advisory teams
- Engineering and product teams (for support/diagnostics)
- Legal and audit departments (for regulatory matters)
All internal users are bound by confidentiality obligations and role-based access controls.
6.2 Third-Party Service Providers
We may engage vetted service providers to support technical operations, data hosting, verification services, or analytics. These providers may include:
Vendor Type | Purpose of Access |
Cloud Infrastructure | AWS, Google Cloud – secure hosting and database services |
Identity Verification APIs | KYC/UBO screening tools (e.g., Jumio, Refinitiv, ComplyAdvantage) |
Email and CRM Services | SendGrid, HubSpot – client communication & support |
Payment Processors | Stripe, PayPal (only if invoicing is digital) |
External Auditors | Security and financial audit reviewers (under NDA) |
All third-party contracts contain data protection clauses and are reviewed annually.
6.3 Cross-Border Data Transfers
As a U.S.-based company with global clientele, data may be transferred across jurisdictions. These transfers are:
- Governed by Standard Contractual Clauses (SCCs) or similar safeguards
- Stored on encrypted U.S.-based or multi-region servers (based on client preference)
- Restricted from use outside of designated service purposes
6.4 Disclosure for Legal or Regulatory Purposes
We may disclose your data if:
- Required by applicable law, subpoena, court order, or government request
- Necessary to investigate or prevent fraud, abuse, or technical issues
- To enforce our Terms & Conditions or protect the rights of NexGlobal and its clients
NexGlobal does not share data with advertisers or unrelated third parties.
7. Data Retention
We retain data in accordance with applicable laws, industry standards, and internal compliance policies.
7.1 Standard Retention Periods
Data Type | Retention Duration |
General client records | Minimum 5 years from last system activity |
AML compliance logs (e.g., STRs) | Up to 10 years, unless regulatory exception applies |
Audit trails & access logs | 5–10 years based on jurisdiction and use-case |
Contractual and billing records | 5 years for financial audit compliance |
Support and communications | 3–5 years after closure of inquiry or case |
7.2 Client-Controlled Deletion
- Clients may request deletion of non-mandatory data in writing.
- Requests are subject to verification and cannot violate legal hold obligations.
- Deletion is performed using industry-accepted secure wiping methods.
7.3 Exceptions
Data may be retained beyond standard periods if:
- Required by law enforcement investigations
- Part of an ongoing audit or regulatory review
- Under formal legal hold by client or jurisdictional authority
NexGlobal ensures periodic purging of expired data to minimize unnecessary storage.
8. Data Subject Rights
NexGlobal respects the privacy rights of all individuals and entities whose data is processed through our systems or services. Depending on your jurisdiction and applicable law (e.g., GDPR, CCPA), you may have the following rights:
8.1 Right to Access
You may request confirmation of whether we process your personal data and obtain a copy of such data, including:
- Categories of data held
- Processing purposes
- Data sources
- Third-party recipients (if any)
Access requests must be submitted via email to privacy@nexglobal.io. We reserve the right to verify your identity prior to disclosure.
8.2 Right to Rectification
If your personal or organizational data is incomplete, outdated, or incorrect, you may submit a request for correction.
- Requests must specify the fields to be updated and provide proof of accuracy.
- We will respond within applicable legal timeframes (typically 30 days).
8.3 Right to Erasure (“Right to Be Forgotten”)
You may request deletion of personal data under the following conditions:
- The data is no longer necessary for the purpose collected
- You withdraw consent (if processing was consent-based)
- Processing was unlawful or violates contractual terms
Exceptions apply for:
- Legal, regulatory, or investigative obligations
- Retention required by financial sector compliance (e.g., AML, KYC)
8.4 Right to Restrict or Object to Processing
You may request that we suspend processing if:
- You contest data accuracy
- Processing is unlawful but you oppose deletion
- You object to profiling or automated decision-making
If granted, NexGlobal will flag and suspend processing activities for the applicable records until the dispute is resolved.
8.5 Right to Data Portability
For services where applicable, we will provide a machine-readable export of your data upon request, allowing you to transmit it to another service provider, subject to legal restrictions.
8.6 Right to File a Complaint
If you believe your rights are being infringed, you may:
- Contact us at privacy@nexglobal.io
- File a complaint with the relevant data protection authority (e.g., ICO in the UK, DPC in Ireland, or your regional authority)
9. Use of Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance user experience, analyze traffic, and personalize content across our platforms.
9.1 Types of Cookies Used
Cookie Type | Purpose |
Strictly Necessary | Enable basic platform functions such as authentication |
Functional Cookies | Remember user settings (e.g., language, session state) |
Analytics Cookies | Understand user interaction and performance metrics |
Third-Party Cookies | Enable integrations with tools like Google Analytics, HubSpot |
No marketing or retargeting cookies are used without user consent.
9.2 Consent Mechanism
- Users are notified of cookie usage upon first visit to the website.
- Consent is recorded via a banner with opt-in/opt-out features.
- You can update preferences at any time through your browser settings or via the cookie consent panel on our site.
9.3 Do Not Track (DNT)
Our systems honor standard “Do Not Track” signals from modern web browsers, where technically feasible.
9.4 Disabling Cookies
You can configure your browser to:
- Block all cookies
- Alert you when cookies are being sent
- Automatically delete cookies upon closing the browser
Note: Some services and features may be unavailable or impaired if cookies are disabled.
10. International Users & Data Transfers
NexGlobal operates globally with infrastructure and clients across multiple jurisdictions. As such, your personal or business data may be processed in or transferred to countries outside your country of residence — including, but not limited to, the United States, the United Arab Emirates, the United Kingdom, and other jurisdictions where NexGlobal or its service providers operate.
10.1 Data Transfer Mechanisms
To ensure lawful data transfers, NexGlobal adheres to recognized data protection safeguards:
- Standard Contractual Clauses (SCCs): For data transfers from the European Economic Area (EEA), we utilize SCCs approved by the European Commission.
- UK International Data Transfer Addendum (IDTA): For data originating in the United Kingdom, we apply the IDTA alongside SCCs as applicable.
- Cross-Border Protocols: Where permitted by law, we ensure that equivalent data protection standards are upheld across all receiving entities or subcontractors.
10.2 Data Localization Requirements
In cases where local law mandates data localization (e.g., client jurisdictions with strict compliance protocols), we will, where feasible:
- Host data on region-specific servers
- Limit cross-border processing of sensitive categories of data
- Sign localized agreements to comply with national regulatory frameworks
10.3 Jurisdictional Disclosures
By using our Services, you consent to the processing and transfer of your data as described, including storage on U.S.-based servers or other jurisdictions in which we or our cloud providers maintain operations.
11. Children’s Data
NexGlobal’s products, platforms, and services are not designed for or directed at individuals under the age of 18 years, nor do we knowingly collect data from children.
11.1 Policy on Minors
- We do not offer any services that require or are suited for child participants.
- Any data that may appear to be related to minors must be reviewed, validated, and removed unless there is a legitimate legal basis to retain it (e.g., under regulatory obligations of a client entity).
11.2 Parental Notification and Consent
If we become aware that personal data from a child under 18 has been collected without verified parental or guardian consent, we will take reasonable steps to:
- Delete the data promptly from our records and backups
- Notify the appropriate user account or contact of the incident
- Review and revise processes to prevent future occurrences
11.3 Client Obligations
If your organization processes data that includes minors (e.g., for identity verification or onboarding in special cases), it is your sole responsibility to:
- Obtain appropriate legal basis and consent
- Follow applicable data protection laws in your jurisdiction
- Notify NexGlobal to apply special handling, retention, or safeguards
12. Policy Updates and Notification
NexGlobal reserves the right to revise or update this Privacy Policy periodically to reflect changes in:
- Legal and regulatory requirements
- Technological developments or security practices
- Business operations, including new services or jurisdictions
12.1 Update Frequency and Triggers
We will review this policy at least annually, and additionally when:
- We launch new products or data categories
- We change subprocessors or data hosting partners
- Regulatory updates require alignment (e.g., changes to GDPR, CCPA, ADGM, etc.)
12.2 Notification of Changes
We will notify clients and users of material changes through one or more of the following means:
- Email to registered account holders
- Banner notifications on our platform or website
- A change log maintained at the bottom of the policy page
It is your responsibility to periodically review the Privacy Policy. Continued use of our services after updates constitutes acceptance of the revised policy.
13. Contact & Data Rights Requests
If you have any questions, concerns, or requests regarding this Privacy Policy or how your data is handled, you may contact us using the details below:
13.1 Contact Details
Data Protection Contact / Privacy Office
NexGlobal, LLC
📍 Registered Office:
30 N Gould St, Ste R, Sheridan, WY 82801, United States
📍 Operational Address:
2097, 8549 Wilshire Blvd, Beverly Hills, CA 90211-3104, USA
📧 Email: privacy@nexglobal.io
13.2 Your Data Rights
Depending on your jurisdiction, you may be entitled to exercise one or more of the following rights:
Right | Description |
Access | Request a copy of the personal data we hold about you |
Rectification | Request correction of inaccurate or incomplete data |
Erasure (Right to be Forgotten) | Request deletion of your data (subject to regulatory obligations) |
Data Portability | Request transfer of your data to another provider |
Restriction of Processing | Ask us to limit how we process your data in certain situations |
Objection | Object to data processing based on legitimate interests |
Withdraw Consent | Withdraw consent at any time where processing is based on consent |
To exercise these rights, please email privacy@nexglobal.io with the subject line: “Data Rights Request – [Your Name]”. We may request proof of identity before processing your request.
14. Contact Us
For any privacy-related concerns, please contact:
Data Protection Officer (DPO)
privacy@nexglobal.io
NexGlobal, LLC, 30 N Gould St, Ste R, Sheridan, WY 82801, USA