Privacy Policy

This Privacy Policy explains how PT NEXT TECH SOFTWARE (“Company”, “we”, “us”, “our”) collects, uses, stores, shares and protects personal data when you visit our website, contact us, or engage us for software development and technology services

This Privacy Policy should be read together with our Cookie Policy. Where we process personal data on behalf of a B2B client, such processing may also be governed by our Data Processing Agreement or other agreed data protection terms

1. Company Information

This website is operated by:

2. Scope of This Privacy Policy

This Privacy Policy applies to personal data processed in connection with:

• Website visits and website communications
• Business inquiries and communications with prospective or existing clients
• Proposals, contracts, Statements of Work, invoices and client relationships
• Software development, implementation, integration, support and maintenance services
• Recruitment, vendor management, administration and general business operations, where applicable

For client projects, we may process personal data on behalf of B2B clients. In those cases, the client normally determines the purposes and means of processing, and we process the data as a processor or service provider under the applicable agreement or Data Processing Agreement

3. Personal Data We May Process

We may process the following categories of personal data

Business Contact Data

This may include name, company name, job title, business email address, phone number, business address and related contact details

Communication Data

This may include emails, messages, meeting notes, call notes, support requests, contact form submissions and other business communications

Contract and Billing Data

This may include proposals, agreements, Statements of Work, invoices, payment status, tax details, billing contacts and related commercial records

Website and Technical Data

This may include IP address, browser type, device information, operating system, pages visited, timestamps, referral information, log data and cookie-related information

Client Project Data

This may include personal data contained in client materials, test environments, staging environments, databases, logs, support tickets, technical documentation, access credentials or system access details provided to us strictly for the purpose of delivering agreed services, subject to access controls, confidentiality obligations and secure handling procedures

Recruitment Data

This may include CVs, work history, skills, portfolio links, contact details, interview notes and recruitment communications, where you apply for a role, contractor position or collaboration opportunity

We do not intentionally collect sensitive personal data unless it is necessary for a specific project or process and expressly agreed or otherwise permitted by applicable law

4. How We Use Personal Data

We may use personal data for the following purposes:

• To operate, maintain and secure our website
• To respond to inquiries and communicate with prospective or existing clients
• To prepare proposals, contracts, Statements of Work, invoices and related commercial documents
• To provide software development, implementation, integration, technical consulting, support and maintenance services
• To manage client relationships, project delivery and business operations
• To provide support, troubleshooting, testing, maintenance and technical analysis
• To protect our website, systems, infrastructure, source code, credentials and business operations
• To comply with legal, tax, accounting, regulatory and administrative obligations
• To prevent fraud, misuse, unauthorised access, security incidents or unlawful activity
• To send business communications where permitted by applicable law

5. Legal Basis for Processing

Where applicable law requires a legal basis for processing, we may rely on one or more of the following legal bases:

• Performance of a contract or steps taken before entering into a contract
• Our legitimate business interests, including providing services, managing client relationships, securing our systems and operating our business
• Compliance with legal, tax, accounting or regulatory obligations
• Consent, where consent is required by applicable law
• Protection of legal rights, dispute resolution or enforcement of agreements

6. Client Project Data

When we process personal data on behalf of a client in connection with a software development or technology services project, we process such data only for the purpose of providing the agreed services and in accordance with the client’s documented instructions

Such processing may be governed by our Data Processing Agreement or equivalent data protection terms agreed with the client

We do not use client project data for unrelated commercial purposes

The client remains responsible for ensuring that it has a lawful basis for collecting and providing personal data to us, giving all required notices, obtaining required consents where applicable, and determining the purposes and means of processing

7. Cookies and Similar Technologies

Our website may use cookies and similar technologies for website functionality, security, performance, analytics and other purposes

The types of cookies we may use, the purposes for which they are used and the ways in which users may manage cookies are described in our Cookie Policy

Where required by applicable law, we will request consent before placing non-essential cookies, such as analytics, advertising, retargeting or third-party marketing cookies

8. Sharing of Personal Data

We may share personal data with trusted third parties where necessary for our business operations, website operation or service delivery

These third parties may include hosting providers, cloud infrastructure providers, development tools, project management systems, communication platforms, accounting providers, legal advisers, tax advisers, payment or banking providers, security tools, backup providers and other professional service providers

We may also disclose personal data where required by law, court order, regulator request, government authority request, legal process or to protect our rights, users, clients, systems or business operations

We do not sell personal data

9. Sub-processors and Service Providers

Where we process personal data on behalf of a client, we may use trusted third-party providers as sub-processors where necessary to provide the agreed services

Such providers may support hosting, infrastructure, communications, development, project management, security, backup, analytics or other operational functions

Where required by applicable law or by the applicable agreement, we will ensure that relevant sub-processors are subject to appropriate confidentiality and data protection obligations

10. International Transfers

We may process or transfer personal data in countries other than the country where the data was originally collected

Where required by applicable data protection law, we use appropriate safeguards for international transfers, such as contractual data protection obligations, data processing agreements, standard contractual clauses or other lawful transfer mechanisms

11. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law

Business contact data may be retained for the duration of the business relationship and a reasonable period thereafter

Contract, billing, tax and accounting records may be retained as required by applicable legal, accounting and tax obligations

Website and technical logs may be retained for a limited period for security, operational and troubleshooting purposes

Client project data is retained in accordance with the applicable agreement, Statement of Work, Data Processing Agreement or client instructions

Recruitment data may be retained for the duration of the recruitment process and a reasonable period thereafter, unless a longer period is agreed or required by law

When personal data is no longer required, we delete, anonymise or securely archive it

12. Security

We apply reasonable technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration or disclosure

These measures may include access controls, need-to-know access, secure credential handling, confidentiality obligations, controlled development environments, security review, backups, incident escalation procedures and reasonable measures to prevent unauthorised system access

Additional information about our general security, confidentiality, access control, credential handling and incident response practices is available in our Trust Statement

No method of transmission or storage is completely secure, but we take reasonable steps to protect personal data in line with the nature of our services and the risks involved

13. Your Rights

Depending on applicable law, you may have the right to request access to your personal data, correction of inaccurate or incomplete data, deletion of your data, restriction of processing, objection to certain processing, portability of your data or withdrawal of consent where processing is based on consent

To exercise your rights, please contact us at privacy@gonextex.com

If we process your personal data on behalf of one of our clients, we may need to refer your request to that client, as the client is normally responsible for responding as the controller

14. Business Transfers

If the Company is involved in a merger, acquisition, restructuring, sale of assets, financing, corporate reorganisation or similar transaction, personal data may be transferred as part of that transaction

In such cases, we will take reasonable steps to ensure that personal data remains subject to appropriate confidentiality and data protection safeguards

15. Third-Party Websites

Our website may contain links to third-party websites, platforms or services

We are not responsible for the privacy practices, security, content, terms or policies of third-party websites or services. You should review the relevant third-party privacy policies before providing personal data to them

16. Relationship with Other Documents

General terms applicable to use of our website and services are described in our Terms of Service

Our use of cookies and similar technologies is described in our Cookie Policy

Where we process personal data on behalf of a client, such processing may be governed by our Data Processing Agreement

Our general security and operational practices are described in our Trust Statement

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, website, technology, business operations or legal requirements

The updated version will be published on this website

18. Contact

For questions about this Privacy Policy or our handling of personal data, please contact: