Privacy Policy

IP address, browser and device information, logged technical events, technical data related to website usage, and other data.

Website operation, IT security, incident management, prevention of abuse.

Legitimate interest of the Data Controller (Article 6(1)(f) GDPR).

Where cookies and similar technologies are used, the detailed rules are set out in a separate Cookie Policy.

Name, company name, job title, email address, phone number, message content, related metadata, and other data.

Business contact, provision of information, coordination, preliminary needs assessment, preparation of offer/contract process.

Steps taken prior to entering into a contract (Article 6(1)(b) GDPR) and/or legitimate interest of the Data Controller (Article 6(1)(f) GDPR).

Name, email address, phone number, company name, booking details, technical data processed by the booking system, and other data.

Scheduling and conducting consultation appointments, maintaining contact.

Steps taken prior to entering into a contract (Article 6(1)(b) GDPR) and/or legitimate interest (Article 6(1)(f) GDPR).

Names, job titles, email addresses, and phone numbers of Client contact persons; contractual and billing data; communication related to performance, and other data.

Contract creation, performance, contact maintenance, invoicing, claims management, enforcement of legal claims.

Performance of a contract / steps taken prior to entering into a contract (Article 6(1)(b) GDPR); legal obligation (Article 6(1)(c) GDPR) — in particular, fulfillment of accounting obligations.

AI-based automation, enterprise AI chat, API access, and other services.

Data entered, uploaded, integrated, or generated by the Client in the course of the services; such data may include personal data.

Provision of the service in accordance with the Client's instructions.

In the case of data processing, the legal basis for data processing is determined by the Client as the data controller. The Data Controller acts on the basis of the Client's documented instructions.

The detailed terms are governed by the parties' contract and — where applicable — a data processing agreement (DPA).

User identifiers (if applicable), authorization data, system and security logs (e.g., login and error information, operational logs), technical metadata, and other data.

Secure operation, error detection, error resolution, prevention of abuse, support for compliance and audit requirements.

Legitimate interest (Article 6(1)(f) GDPR).

12–24 months.

The Data Controller is entitled to use contact data provided by the data subject to send business and marketing emails, including information about services, consultation opportunities, feature updates, events, and content supporting collaboration.

Legitimate interest of the Data Controller (Article 6(1)(f) GDPR), related to maintaining and developing business relationships and delivering relevant information about services.

The data subject may object to such communications at any time; upon objection, the Data Controller will cease sending further marketing/business development messages. Methods for objecting and unsubscribing: (i) via the unsubscribe option included in the email, and/or (ii) by sending a request to info@naxoftai.com.

The Data Controller may use cookies, tracking codes, pixels, and other technologies for measuring website usage and evaluating the effectiveness of marketing communications, in order to operate, develop, and improve the user experience of the naxoft.com website.

Ensuring the basic operation and security of the website; preparing traffic and usage statistics (analytics); monitoring website performance and errors; measuring marketing campaign performance, targeting and retargeting (remarketing), where such features are implemented.

IP address, device and browser data, actions performed on the site (e.g., page views, clicks), identifiers (cookie ID), advertising identifiers, and event data related to website usage.

Cookies and technologies strictly necessary for the operation of the website may be based on the Data Controller's legitimate interest (Article 6(1)(f) GDPR). Non-essential cookies and similar technologies (in particular: analytics, marketing, remarketing) require the data subject's consent, which the Data Controller obtains through the cookie/consent management interface (cookie banner) displayed on the website. Consent may be withdrawn at any time, which shall not affect the lawfulness of processing carried out prior to the withdrawal.

A detailed description of cookies and similar technologies (categories, purposes, providers, retention periods, possible data transfers) is published by the Data Controller in a separate Cookie Policy; visitors may also modify their settings at any time via the cookie banner.

Where the Data Controller uses third-party analytics or advertising services, the identity of the providers, any data transfers outside the EU/EEA, and the safeguards applied are specified in the Cookie Policy.