Privacy & GDPR
1. INTRODUCTION & SCOPE
Nexus Amplify OÜ, registered in Estonia (Registry Code: 17224258), with headquarters at Sepapaja 6, 15551 Tallinn, Estonia, is committed to protecting your privacy and ensuring your personal data is handled in compliance with applicable laws, including the EU General Data Protection Regulation (GDPR).
This Privacy Policy explains how we collect, use, store, and process data when: - You use our website or platform; - You participate in our affiliate programs; - We monetize your data or that of our clients.
By using our services, you accept the terms of this policy.
2. DEFINITIONS
Client: Any advertiser, agency, or partner using Nexus Amplify's services.
Publisher: A person or entity promoting campaigns through Nexus Amplify's platform.
User: An individual whose data is collected, processed, or monetized.
Personal Data: Any information that relates to an identified or identifiable natural person.
Processing: Any operation performed on personal data, whether automated or not.
GDPR: EU Regulation 2016/679 on the protection of natural persons regarding the processing of personal data.
3. DATA CONTROLLER & CONTACT INFORMATION
Nexus Amplify OÜ acts as:
- Data Controller when we collect data via our website/platform.
- Data Processor when processing client-provided databases.
Contact: Email: dpo@nexusamplify.com
Address: Sepapaja 6, 15551 Tallinn, Estonia
4. DATA COLLECTION & USE
4.1 Direct Interactions
We collect data from contact forms, account registration/login and user-submitted information.
4.2 Affiliate & Monetization Activities
Includes campaigns via email, coregistration, display and social media; as well as hashed email data and segmented audiences.
4.3 Technical Data
We collect data via cookies, device/browser info, IP address, ad impressions, conversion tracking, and engagement analytics.
5. LEGAL BASIS FOR PROCESSING
We rely on: - Consent (Art. 6(1)(a)) – for cookies, marketing, data sharing. - Legitimate Interest (Art. 6(1)(f)) – for analytics, fraud prevention, data monetization. - Contractual Necessity (Art. 6(1)(b)) – to deliver services.
6. COOKIES & TRACKING TECHNOLOGIES
6.1 Use of Cookies
We use cookies and similar technologies for: - Platform functionality (session cookies) - Analytics (e.g., Google Analytics) - Advertising (e.g., Meta Pixel, Google Ads)
6.2 User Consent
Strictly necessary cookies do not require consent. All other cookies are subject to user approval via cookie banner.
6.3 Third-Party Cookies
May be set by advertising or analytics partners. Users can opt out via browser settings or partner tools (e.g., YourAdChoices).
6.4 Data Retention
Cookies: Up to 24 months
Monetized data: Aggregated or anonymized after 12 months
7. TRACKING PIXELS & WEB BEACONS
We use tracking pixels ("web beacons") to: - Track ad performance (clicks, conversions) - Analyze email engagement (opens, link clicks) - Enable retargeting campaigns
8. YOUR RIGHTS UNDER GDPR
You may: - Request access to your data - Correct or update information - Delete your data (where permitted) - Object to processing (e.g., direct marketing) - Restrict processing in specific contexts - Receive a copy (portability)
To exercise your rights, contact: dpo@nexusamplify.com
If your data was shared by a partner: - We may redirect your request to the original data controller - You may request deletion or opt-out from monetization
9. DATA SECURITY
We implement: - Role-based access controls - Secure data storage and encryption - Network and application-level protections - Incident detection and response processes
10. DATA RETENTION & DELETION
Account data: deleted within 30 days after closure
Payment data: retained for 5 years (legal requirement)
Analytics: anonymized after 12 months
11. INTERNATIONAL TRANSFERS
When transferring data outside the EEA: - We use Standard Contractual Clauses (SCCs) - Ensure equivalent safeguards are applied
12. DATA MONETIZATION TERMS
12.1 Scope
We monetize: - Our own user databases - Client-owned databases (with valid legal basis)
12.2 Conditions
Clients must:
- Provide valid user consent or legitimate interest proof
- Remove unsubscribed or deleted users
- Disclose Nexus Amplify in their privacy policies
We process:
- Hashed emails, engagement metrics, demographic data
- Only for agreed marketing campaigns (email, display, coreg)
12.3 User Rights & Opt-Out
Users may opt out of data monetization by emailing dpo@nexusamplify.com with subject "Opt-Out".
13. PLATFORM INTEGRITY POLICY (PUBLISHERS & ADVERTISERS)
All parties must: - Use human traffic only (no bots, proxies) - Label ads clearly as "Sponsored" or "Ad" - Avoid illegal content and deceptive practices
Breaches may lead to: - Suspension or termination - Revenue withholding - Legal action (for fraud/GDPR breaches)
14. TERMINATION & POST-TERMINATION
Either party may terminate the agreement with notice.
After termination:
- All data (tags, pixels) must be purged
- Outstanding balances will be paid per terms
- Monetized data will be handled per GDPR
15. CONTACT & SUPPORT
For any request or inquiry:
Email: contact@nexusamplify.com
DPO: dpo@nexusamplify.com
Please include "Privacy Request" or "Legal Inquiry" in the subject line.
16. GOVERNING LAW
This Policy is governed by Estonian law. Disputes will be resolved in Harju County Court, Tallinn.
Copyright © 2025 Nexus Amplify OÜ. All rights reserved