We use cookies

This website uses cookies in order to enhance the overall user experience.

Essential cookies

There are some cookies that we have to include in order for certain web pages to function. For this reason, they do not require your consent.

laravel_cookie_consent

1 year 1 month 1 day

Used to store the user's cookie consent preferences.
laravel_session

2 hours

Used to identify the user's browsing session.
XSRF-TOKEN

2 hours

Used to secure both the user and our website against cross-site request forgery attacks.

More details

Optional cookies

These cookies enable features that could improve your user experience, but their absence will not impact your ability to browse our website.

GOOGLE_ANALYTICS

2 hours

This cookie helps us remember your preferences regarding the interface's brightness.

More details

Privacy Policy

(Trading Name of John and Smith Ltd)

1. Introduction

John and Smith Ltd, trading as Nexavault ("Nexavault", "we", "us", "our"), is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website www.nexavault.co.uk (the "Site"), including any other media form, media channel, mobile website, or mobile application related or connected thereto. Please read this policy carefully to understand our views and practices regarding your personal data and how we will treat it. By using the Site, you acknowledge the practices described in this policy.

For the purpose of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, the data controller is John and Smith Ltd (Company number 09399498), registered at Nexus Innovation Centre, George Smith Way, Lufton, Yeovil, England, BA22 8QR.

2. What Personal Data We Collect

We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together as follows:

Identity Data : Includes first name, last name, title.
Contact Data : Includes email address, telephone numbers, company name, job title, and communication address provided by you.
Technical Data : Includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this Site.
Usage Data : Includes information about how you use our Site, products, and services.
Marketing and Communications Data: : Includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We do not typically collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data) through our Site.

3. How We Collect Your Personal Data

We use different methods to collect data from and about you, including through:

Direct interactions : You may give us your Identity and Contact Data by filling in forms (e.g., contact form, newsletter signup) or by corresponding with us by post, phone, email, or otherwise.
Automated technologies or interactions : As you interact with our Site, we may automatically collect Technical Data about your equipment, Browse actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies. Please see our Cookie Policy [Insert Link to Cookie Policy] for further details.
Third parties or publicly available sources : We may receive Technical Data from analytics providers such as Google, based outside the UK/EU.

4. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. This includes operating our Site, improving user experience, analysing usage, and responding to your enquiries.
Where we need to comply with a legal or regulatory obligation.
Where you have given consent. For example, to send you direct marketing communications via email if you have opted-in. You have the right to withdraw consent to marketing at any time by contacting us or using the unsubscribe link in emails.

Purposes for which we will use your personal data

To respond to your enquiries submitted via contact forms or email.
To manage our relationship with you.
To administer and protect our business and this Site (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data).
To deliver relevant website content and measure or understand the effectiveness of the content we serve to you.
To use data analytics to improve our Site, services, marketing, customer relationships, and experiences.
To send marketing communications where you have opted-in to receive them.

5. Disclosure of Your Personal Data

We do not sell your personal data. We may have to share your personal data with the parties set out below for the purposes set out in section 4:

Service Providers: Third parties who provide IT, system administration, website hosting, security, and analytics services.
Professional Advisers: Acting as processors or joint controllers including lawyers, bankers, auditors, and insurers based in the UK who provide consultancy, banking, legal, insurance, and accounting services.
HM Revenue & Customs, regulators, and other authorities: Acting as processors or joint controllers based in the United Kingdom who require reporting of processing activities in certain circumstances.
Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordanceance with our instructions.

6. Data Storage and International Transfers

We are committed to storing all personal data collected through this Site on secure servers located within the United Kingdom (UK).

However, some of our external third-party service providers (such as those providing website analytics or cloud infrastructure services) may be based outside the UK or European Economic Area (EEA). Where the processing of your personal data by these third parties involves a transfer of data outside the UK/EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the UK Government or European Commission.
Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK/EEA (such as Standard Contractual Clauses or the UK's International Data Transfer Agreement).

Please contact us if you want further information on the specific mechanisms used by us when involving third-party service providers whose processing may result in transfers of data out of the UK/EEA.

7. Data Security

We have put in place appropriate technical and organisational security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have procedures to deal with any suspected personal data breach and will notify you and any applicable regulator (such as the ICO) of a breach where we are legally required to do so.

8. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes for processing, and applicable legal requirements.

9. Your Legal Rights

Under UK data protection law, you have rights including:

Request access to your personal data.
Request correction of the personal data that we hold about you.
Request erasure of your personal data.
Object to processing of your personal data where we are relying on a legitimate interest.
Request restriction of processing your personal data.
Request transfer of your personal data to you or to a third party.
Withdraw consent at any time where we are relying on consent to process your personal data.

If you wish to exercise any of these rights, please contact us using the details below. You will not usually have to pay a fee. We may need to request specific information from you to help us confirm your identity.

You also have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).

10. Cookies

Our Site uses cookies to distinguish you from other users. This helps us provide you with a good experience and allows us to improve our Site. For detailed information on the cookies we use and the purposes for which we use them, please see our Cookie Policy.

11. Third-Party Links

This Site may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.

12. Changes to This Privacy Policy

We keep our privacy policy under regular review. Any changes we make will be posted on this page. We may notify you of significant changes where appropriate. Please check back frequently to see any updates or changes. This version was last updated on 28 March 2025.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

Email: privacy@nexavault.co.uk

Postal Address: Nexavault, C/o John and Smith Ltd, Nexus Innovation Centre, George Smith Way, Lufton, Yeovil, England, BA22 8QR