Privacy Policy

1. Scope and Service Positioning

This Privacy Policy explains how NexID ("NexID," "we," "us," or "our") collects, uses, discloses, and safeguards personal information when you use nexid.id and related Services.

NexID is a self-service digital identity awareness and privacy tool. Users may only submit information they have the legal right to submit and process. The Services are not designed for harassment, unauthorized surveillance, or unlawful identification of unknown individuals.

NexID serves users globally, including users in the United States, Canada, and Southeast Asia. We apply this Privacy Policy alongside applicable local data protection laws in the jurisdictions where our users are located.

2. Information We Collect

We collect information you provide directly, information collected automatically, and information received from service providers and integrations.

• Account information: Name, username, email or login identifiers, authentication data, account settings, subscription status, and support communications.
• User-submitted content: Uploaded images, submitted links, aliases, public profile data, and other identity-related inputs provided for monitoring or analysis.
• Usage and device data: IP address, log events, browser/device metadata, cookie and session identifiers, diagnostics, and interaction analytics.
• Payment data: Subscription and transaction metadata. Full card details are handled by Stripe, not stored by NexID.

3. How We Use Information

We use personal information to:

• Provide identity exposure monitoring, visibility reports, and related account features.
• Process subscriptions, points, and user-requested transactions.
• Operate, maintain, secure, debug, test, and improve the Services.
• Protect platform security, detect abuse, and prevent fraud.
• Develop new features, enterprise offerings, and API services.
• Comply with legal obligations and enforce our Terms.

4. Uploaded Content and AI/Automated Processing

NexID processes uploaded content, including images and related identity indicators, using automated and AI-assisted systems to provide user-requested analysis, monitoring, matching, reporting, and security operations.

Automated outputs may be probabilistic, incomplete, or inaccurate. NexID does not guarantee accuracy and does not independently validate each user submission. Users are responsible for lawful submission and lawful interpretation of results.

5. Legal Bases (Where Applicable)

Depending on your jurisdiction, NexID may process personal information under one or more of the following bases:

• Performance of a contract to provide requested Services.
• Legitimate interests such as security, fraud prevention, and service improvement.
• Consent, where legally required.
• Compliance with applicable legal obligations.

6. Sharing of Information

We may disclose information as reasonably necessary to operate and grow the business, including to:

• Cloud hosting and infrastructure providers.
• Payment processors such as Stripe.
• Analytics, monitoring, and security vendors.
• Enterprise customers and API clients, subject to contractual and legal restrictions.
• Professional advisors and competent authorities when legally required.

7. No Sale of Personal Data

NexID does not sell users' personal data in its identifiable form to third parties. NexID processes user-submitted information solely to provide identity exposure monitoring, privacy protection, and related platform services requested by the user.

NexID will not disclose or sell identifiable personal data to data brokers or advertisers for unrelated commercial purposes. NexID also does not share personal information for cross-context behavioral advertising in a manner intended to constitute a sale under applicable law.

8. Aggregated, Anonymized, and De-Identified Data Rights

To improve services and operate our business, NexID may collect, process, and use aggregated, anonymized, or de-identified data that cannot reasonably be used to identify an individual user.

Such data may be used for:

• Improving platform performance and AI systems.
• Analytics, security monitoring, and abuse prevention.
• Research, product development, and business intelligence reporting.
• Internal model development and training.
• Commercial partnerships, enterprise/API products, and external reporting using non-identifiable insights.

This anonymized or aggregated data may be shared with partners, customers, or the public only in a manner that does not identify any individual user, and may be used without additional consent where permitted by law.

9. Business Transfers and Corporate Transactions

In the event of a merger, acquisition, restructuring, financing, or sale of all or part of NexID's business or assets, user information may be transferred as part of that transaction.

Any successor entity will be required to honor materially similar privacy and data protection commitments. Continued use of the Services after such transfer constitutes acceptance of updated ownership and related policy updates.

10. Data Retention and Deletion

We retain personal information only for as long as reasonably necessary for the purposes in this Policy, including legal, operational, and security requirements.

• Providing services requested by users.
• Maintaining security, fraud prevention, and system integrity.
• Complying with legal obligations and resolving disputes.
• Enforcing contractual rights and platform rules.

Users may request deletion of account data, but NexID does not guarantee complete deletion in all cases. NexID may retain data where reasonably necessary for security, fraud prevention, legal compliance, dispute resolution, backups, and legitimate business interests. Anonymized, de-identified, and aggregated data may be retained indefinitely.

11. Your Rights and Choices

Subject to applicable law, you may request access, correction, deletion, export, objection, restriction, or withdrawal of consent as applicable.

These rights are not absolute and may be limited where exceptions apply. To submit a privacy request, please use the privacy or support request function in the in-product support or account message center.

12. Security and Responsible Use

NexID applies reasonable administrative, technical, and organizational safeguards designed to protect personal information from unauthorized access, misuse, disclosure, alteration, and destruction. No internet or storage system can be guaranteed fully secure.

Users are responsible for maintaining the confidentiality of account credentials and for activity under their accounts.

13. International Data Transfers

NexID may process personal information in countries other than your country of residence. Where required, NexID implements safeguards for cross-border transfers.

For users in the United States, Canada, and Southeast Asia, NexID will apply transfer and processing controls reasonably designed to meet applicable legal requirements, including local rights and notice obligations that cannot be waived by contract.

You remain responsible for compliance with local laws applicable to your use of the Services.

14. Children

The Services are not intended for individuals under 18, and NexID does not knowingly collect personal information from children under 18.

15. Third-Party Sources

The Services may link to or surface publicly available third-party content. NexID is not responsible for third-party privacy practices or data handling outside NexID-controlled systems.

16. Policy Changes

NexID may update this Privacy Policy periodically to reflect legal, technical, or business changes. Material updates will be posted on the website and within service notices where appropriate. Continued use of the platform after the effective date of changes constitutes acceptance of the updated policy.

17. Contact Us

For privacy questions, rights requests, or complaints, please contact NexID through the in-product support or account message center within the Services. NexID may publish additional contact methods from time to time.