01 Overview
Nexus Digital LLC ("Nexus Digital," "we," "our," or "us") is committed to protecting the privacy of our clients, website visitors, and users of our services. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you:
- Visit our website at nexusdigital.io
- Engage us for digital marketing, SEO, or web development services
- Use our onchain service or onchain wallet payment gateway
- Communicate with us via email, phone, or WhatsApp
- Submit information through our contact forms
This policy is incorporated by reference into our Terms and Conditions. Please read both documents together.
02 Who We Are
Nexus Digital LLC is a full-stack digital agency incorporated in New York, United States. We are the data controller for personal data collected through our website and services.
- Company: Nexus Digital LLC
- Address: New York, NY, United States
- Email: [email protected]
- Phone: +1 (833) 664-8230
- WhatsApp: wa.link/3y21sg
- FinCEN MSB Reg: #31000123456789 (for onchain service operations)
03 Data We Collect
3.1 Information You Provide Directly
- Contact data: name, business email, phone number, company name when you fill out our contact form or sign up for services.
- Service data: project requirements, business goals, and communication preferences.
- Billing data: invoicing details, payment method information (processed via PCI-compliant third-party processors — we do not store full card numbers).
- Communications: emails, WhatsApp messages, and support tickets.
3.2 Data Collected Automatically
- Usage data: pages visited, time on site, referring URLs, browser type, operating system, and device type.
- IP address: used for analytics, security, and approximate location.
- Cookies & tracking: see Section 7 for full details.
3.3 Data from Third Parties
- Analytics providers (Google Analytics, etc.) may share aggregated audience data.
- For onchain service KYC, identity verification providers may share verification status.
- Advertising platforms may share conversion and campaign performance data.
04 How We Use Your Data
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Deliver requested services | Contact, service, project data | Contract performance |
| Send service communications | Email, phone | Contract / Legitimate interest |
| Process invoices & payments | Billing data | Contract performance |
| Respond to inquiries | Contact data, communications | Legitimate interest |
| Marketing & newsletters | Consent (opt-in) | |
| Website analytics | Usage data, cookies | Legitimate interest / Consent |
| KYC / AML verification (onchain service) | Identity documents, address | Legal obligation |
| Fraud prevention & security | IP address, usage patterns | Legitimate interest |
| Legal compliance & reporting | Transaction data, identity | Legal obligation |
| Service improvement | Aggregated usage data | Legitimate interest |
05 Onchain Service Data & Blockchain Privacy
Our onchain service and onchain wallet payment gateway involve unique privacy considerations specific to blockchain technology:
5.1 Public Blockchain Data
By design, blockchain transactions are publicly recorded and immutable. When you use our onchain service, the following data is visible on the public blockchain to anyone:
- Wallet addresses (sender and recipient onchain wallet)
- Transaction amounts and timestamps
- Transaction hash identifiers
- Smart contract interactions (where applicable)
We have no ability to delete or modify on-chain records — this is a fundamental property of blockchain technology.
5.2 Off-Chain Onchain Service Data
Separate from public blockchain data, Nexus Digital collects and stores the following off-chain data for our onchain service:
- KYC/AML verification documents and status (required by US law)
- Business identity and ownership information
- Transaction metadata for tax reporting and compliance
- API keys and integration configuration (encrypted)
- Webhook logs and payment notifications
5.3 Onchain Help & Support Data
When you contact us for onchain help, we retain communication records, configuration details, and support ticket history to improve service quality and maintain audit trails required by US financial regulations.
5.4 US Regulatory Data Requirements
As a FinCEN-registered MSB, we are legally required to collect, retain, and in certain cases report specific transaction and identity data. This includes Suspicious Activity Reports (SARs), Currency Transaction Reports (CTRs), and OFAC screening records. These obligations exist independently of your privacy preferences and cannot be opted out of.
06 Data Sharing & Disclosure
We do not sell, rent, or trade your personal data. We share data only in the following circumstances:
6.1 Service Providers
We share data with trusted vendors who help us deliver our services, including:
- Cloud hosting providers (AWS, Google Cloud) for infrastructure
- Analytics platforms (Google Analytics) for website insights
- Payment processors (Stripe) for traditional billing
- KYC/AML providers (Jumio, Sardine) for identity verification
- Email platforms for client communications
- OFAC screening and Travel Rule compliance providers
All service providers are bound by data processing agreements and are prohibited from using your data for any purpose other than providing services to us.
6.2 Legal & Regulatory Disclosures
We may disclose your data when required by law, including to FinCEN (SARs/CTRs), OFAC (sanctions compliance), IRS (1099-DA reporting), law enforcement with valid legal process, and courts or regulatory agencies.
6.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your data may be transferred to the successor entity subject to equivalent privacy protections.
07 Cookies & Tracking Technologies
Our website uses cookies and similar tracking technologies. Here is what we use and why:
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Site functionality, session management, security | Session |
| Analytics | Understanding how visitors use our site (Google Analytics) | Up to 2 years |
| Marketing | Tracking ad campaign performance, remarketing | Up to 90 days |
| Preferences | Remembering your settings (theme, language) | 1 year |
You can control cookies through your browser settings. Blocking certain cookies may affect site functionality. For marketing cookies, you can opt out via the DAA opt-out tool at optout.aboutads.info or the NAI opt-out at optout.networkadvertising.org.
08 Data Retention
We retain personal data for as long as necessary to provide services and meet legal obligations:
- Client service records: Duration of engagement plus 7 years (US contract and tax law requirements).
- Onchain service transaction records: Minimum 5 years from transaction date (FinCEN BSA requirement).
- KYC/AML identity records: 5 years from the end of the business relationship (FinCEN requirement).
- Marketing data: Until you withdraw consent or unsubscribe.
- Website analytics: 26 months (Google Analytics default).
- Support communications: 3 years from last interaction.
After the applicable retention period, data is securely deleted or anonymized. Blockchain transaction data (on-chain records) cannot be deleted due to the immutable nature of blockchain technology.
09 Data Security
We implement technical and organizational measures to protect your personal data, including:
- TLS/SSL encryption for all data in transit
- AES-256 encryption for sensitive data at rest
- Role-based access controls limiting data access to authorized personnel
- Multi-factor authentication for internal systems
- Regular security audits and penetration testing
- API keys and onchain wallet configuration stored in encrypted vaults
- SOC 2 compliant cloud infrastructure
While we take security seriously, no method of transmission or storage is 100% secure. In the event of a data breach affecting your rights and freedoms, we will notify you and relevant authorities as required by applicable law within 72 hours of discovery.
10 Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal data:
🔍 Access
Request a copy of the personal data we hold about you.
✏️ Correction
Request correction of inaccurate or incomplete data.
🗑️ Deletion
Request deletion of your personal data, subject to legal retention obligations.
⏸️ Restriction
Request we restrict processing of your data in certain circumstances.
📦 Portability
Receive your data in a structured, machine-readable format.
🚫 Objection
Object to processing based on legitimate interests or for direct marketing.
🔕 Withdraw Consent
Withdraw consent for marketing at any time without penalty.
📋 Complaints
Lodge a complaint with your supervisory data protection authority.
To exercise any of these rights, contact us at [email protected] or via WhatsApp at wa.link/3y21sg. We will respond within 30 days. Please note that certain rights may be limited where we have overriding legal obligations (such as FinCEN data retention for onchain service transactions).
11 Children's Privacy
Our services are intended for business clients and are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us immediately at [email protected] and we will delete it promptly.
12 International Data Transfers
Nexus Digital is based in the United States. If you are accessing our services from outside the US, your data will be transferred to and processed in the United States. The US may not provide the same level of data protection as your home country.
For clients in the European Economic Area (EEA) or UK, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission as the legal mechanism for transferring data to the US. You may request a copy of our SCCs at [email protected].
13 California Residents — CCPA / CPRA
If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the CPRA provides you with additional rights:
- Right to Know: What personal information we collect, use, disclose, and sell about you.
- Right to Delete: Request deletion of your personal information, subject to exceptions.
- Right to Opt-Out: Opt out of the sale or sharing of personal information. We do not sell personal data.
- Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
- Right to Correct: Request correction of inaccurate personal information.
- Right to Limit Use of Sensitive PI: Limit use of sensitive personal information to necessary purposes.
To submit a California privacy request, contact us at [email protected] or call +1 (833) 664-8230. We will verify your identity before processing the request. Authorized agents may submit requests with written permission from the consumer.
Categories of personal information collected in the last 12 months: Identifiers (name, email, IP address); Commercial information (services purchased); Internet activity (website usage); Professional information (company, job title); Financial information (billing, limited).
14 Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements. Material changes will be communicated via email or prominent notice on our website at least 14 days before they take effect.
The current version of this policy is always available at nexusdigital.io/privacy-policy.html. The "Last Updated" date at the top of this page indicates when it was most recently revised.
15 Contact Us
For any privacy questions, data requests, or onchain service data inquiries, please reach out:
- Privacy Email: [email protected]
- General Email: [email protected]
- Phone: +1 (833) 664-8230
- WhatsApp: wa.link/3y21sg
- Mail: Nexus Digital LLC, Attn: Privacy Officer, New York, NY, United States
We aim to respond to all privacy requests within 30 days. For urgent matters, WhatsApp or phone is the fastest way to reach our team.