Nasuni Corporation Privacy Policy

Updated: January 2023 | Download PDF
For California residents, please see our Nasuni Corporation California Privacy Notice here.

Nasuni Corporation Privacy Policy  

Last Updated: January 4, 2023 

The Nasuni website at (including other sites under the domain that link  to this Policy) (the “Website”) is provided by the Nasuni Corporation and its subsidiaries (“Nasuni”, “we”,  “our” or “us”). Nasuni Corporation a corporation established in the state of Delaware in the United States  of America with a registered office and primary business location at One Marina Park Drive, 6th Floor,  Boston, Massachusetts 02210, USA. Our representative in the EU is Nasuni GmbH (Reg. No.  HRB245746) with a registered office and primary business location at Maximilianstrasse 35, Eingang A,  Munich, Bayern 80539, Germany. Our representative in the United Kingdom is Nasuni UK Ltd. (Reg. No.  09761095) with a registered office at 2 Minton Place, Victoria Road, Bicester, Oxfordshire, OX26 6QB,  United Kingdom.  

For California consumers, please see our Nasuni Corporation California Privacy Supplement here. 

If you have questions or complaints about this Privacy Policy or associated practices, please contact us at  [email protected] or please call us at one of these numbers: United States 1.888.6.NASUNI  (1.888.662.7834), Internationally (+1.857.444.8400) or United Kingdom (+  

If you have an unresolved privacy or data use concern that we have not addressed to your satisfaction,  you may contact our US based third-party dispute resolution provider (free of charge) at

The following policy sets out how we deal with your personal data. For the purpose of EU and UK data  protection laws, we are the data controller of the data set out in this Section 1. For certain  information of our customers, we also act as a data processor in as set out in Section 2 below.  Please read the following carefully to understand our practices regarding your personal information and  how we will treat it.  


 The types of personal information we use

We collect and use the following information about you: 

How collected Personal Data collected Legal basis for Collection 
Information provided to us by  you in correspondence via email,  telephone, social media network  (e.g. Facebook, LinkedIn) or use  of our website blog function Name, company name, job title,  email address, phone number  and the country in which you are  located Consent/contract 
Information provided by you  when you use our website to  request additional information  about our services, download a  document, register for an event,  schedule a demo or briefing, or  post a comment or provide  feedback Name, company name, job title,  email address, phone number  and the country in which you are  located Contract and pre-contractual  discussions
When you apply for a job on our  Website or in person Name, job title/ role, current and  previous employer(s), location or  country of residence, your  mailing address, personal email  address, mobile phone number Contract and pre-contractual  discussion, consent 
and salary expectations, as well  as a resume or curriculum vitae 
When you log into our support  portal through the Website Your email address and  password Contract 
Our cookies (if you authorize our  use of them) will collect  information about you  automatically Your IP address, browser type  and information regarding your  use of the Website such as a log  of your visits to the Website,  your browsing activity, your  page views and downloads, and  the URLs of the sites you came  from and that you went to after  leaving the Website.Consent 
We collect information about  your location (i) from derivations  made from the IP address from  which you connect, and/or (ii) if  you consent to the sharing of  location data with our Website  on your mobile operating  system, from the Global  Positioning System (GPS) of  your device when the Website is  running in the foreground or  background. IP address, location data Consent  If you do not wish to share your  GPS location with us, you can  switch off the GPS functionality  on your device. If you otherwise  wish to withdraw your consent to  our use of location data, you can  do so by contacting [email protected]
Third party websites and other  marketing partners may share  with us your personal data. A  list of third parties from whom  we receive such information is  available here. Your name, email address,  company name, location, job  title, and phone number, as well  as your browsing activity Consent 
Our resellers and channel  partners may share your  personal data with us for our  joint marketing purposes Your name, email address,  company name, location, job  title, and phone number Legitimate interests 
We collect information from  publicly accessible sites such as  business directories and social  media sites Your name, email address,  company name, location, job  title, and phone number Legitimate interests 


With your consent, we use cookies and other similar technologies (such as web beacons) (“Cookies”) to  enhance your experience using the Website. “Cookies” are small text files that are placed on your  computer by websites that you visit. They are widely used in order to make websites work, or work more  efficiently, and to deliver a better and more personalized service. Nasuni and its marketing partners or  suppliers may use Cookies when you interact with our Website or use our online products. We use  Cookies to track your visits to the Website and what links you click on, as well as to track your page  views, so that we can understand what content is of interest to you and present you with a better  browsing experience. We also use Cookies to track and deduplicate information you provide when you 

submit a form to us, to test whether you have cookies enabled, and to remember you if you visited the  Website previously so that we know not to ask you again to accept cookies.  

Cookies may be either “persistent” cookies or “session” cookies. A persistent cookie consists of a text file  sent by a web server to a web browser, which will be stored by the browser and will remain valid until its  set expiry date (unless deleted by the user before the expiry date). A session cookie, on the other hand,  will expire at the end of the user session, when the web browser is closed.  

We use the following Cookies:  

Strictly necessary Cookies. These are Cookies that are required for the operation of the Website. They include, for example, Cookies that enable you to log into secure areas of the Website. 

Analytical/performance Cookies. They allow us to recognize and count the number of visitors and to see how visitors move around the Website when they are using it. This helps us to improve the way the Website works, for example, by ensuring that users are finding what they are looking for easily. 

Functionality Cookies. These are used to recognize you when you return to the Website. This enables us to personalize our content for you (such as to prefill forms that you have filled out on our Website in the past). 

Targeting Cookies. These Cookies record your visit to the Website, the pages you have visited and the links you have followed. We use this information to help make our marketing activities more relevant for you. We may also share this information with third parties for this purpose. 

You can accept or refuse the use of these cookies here. If for any reason you prefer, you may disable  Cookies by changing the settings on your browser or by not accepting Cookies when you access the  Website. 

How we use your personal information 

We will use the personal data we collect about you and set out in the table above, in the following ways: 

• As it is important for us to be responsive to you and to ensure the proper functioning of our Website and proper delivery of our services, we believe it is in our legitimate interests to use information you give us and information we collect about you to: 

• Perform the services you requested, such as providing you with more information about our products and services, scheduling a demo or enrolling you in a webinar; 

• Plan and host company events, online forums and social networking activities, such as our user conference or webinars about our products and services or the products and services of our partners; 

• Notify you about changes to our products or services, deliver our products and services to you, invoice you for the products and services you order, further develop our products and services, and provide you with customer and/or technical support for our products and services; 

• Support our intent to maintain and improve the performance and security of our Website and our services and improve and administer our services for our internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; 

• Comply with legal requirements and enforce the terms and conditions of our agreements, including the investigation of potential violations; 

• Assist you with problems using our Website, measure and understand the effectiveness of the content we serve to you and others and present our Website content in a more effective manner for you and for your computer or device; and 

• Enable you to apply for a job with us. 

With your consent, or where we are able to under the applicable law, we may use your personal information to inform you about product upgrades, special offers or other products, services and information (including from third parties); conduct market research; or ask you to complete surveys or evaluations. If you wish to withdraw your consent to such marketing, you can do so by using the unsubscribe function in any email we address to you or by emailing [email protected] or by visiting 

With your consent, or where we are able to under the applicable law, we may process your location data to enable us to identify you by IP address so that we may deliver a more targeted Website experience, or to enable us to comply with applicable laws. If you wish to

withdraw your consent to us using location data, you can do so by visiting, emailing [email protected] or by calling us at one  of these numbers: United States 1.888.6.NASUNI (1.888.662.7834), Internationally  (+1.857.444.8400) or United Kingdom (+  

• We also use your information aggregated with the information of our other Website visitors in order to analyze and administer our Website and services. This information may include your IP address, your browser type, the pages that you viewed, the dates and times that you visited and the URL of the website you came from and the website you went to after you left our site. We believe we have a legitimate interest in using this information to help us analyze overall trends, such as what countries our Website visitors are from or what web pages are of the most interest to our Website visitors, so that we can offer our Website visitors a more reliable and effective Website. 

How we share your personal information  

We share your personal information with the following selected third parties:  

• Our subsidiary companies, which store your personal data in the US, the UK and the European Economic Area (“EEA”), for the purposes of providing customer support, marketing, account management, technical and professional services, and of otherwise operating our business; 

• Our sales and supply chain participants, such as our integrators and order fulfilment providers throughout the world, which store your personal data in the US, EEA, UK, and other countries to deliver our products to you in those countries; 

• Our consultants and independent contractors located in the US, the UK and the EEA, which access your personal information from each of these locations, to provide implementation and other professional services, or customer and technical support, on our behalf to you, if you are a user of our services; 

• Our website hosting and operating suppliers located in the US, which store your personal data in the US and other countries, to enable us to operate our Website and deliver web content to you and who enable you to conduct certain activities on our Website, such download a document; 

• Our analytics and search engine providers, located in the US and other countries, which store your personal data in the US, the EEA and other countries, to assist us in the delivery, improvement and optimization of the Website; 

• Our cloud service providers located in the US, who store your personal data in the US, EEA, UK and other countries, who provide us with sales and marketing automation services based upon information we obtain from our Website so that we can market to you; who provide us with customer service and relationship management services so that we can serve you as a customer and comply with our contract with you; or who provide channel relationship management services so that we can market and sell to you through our sales channel; 

• Our cloud storage providers in the US, UK and EEA, which store your personal data in the US, UK, EEA and other countries, for the purposes of storing, managing and protecting information that we collect from our customers and our Website visitors; 

• Our marketing partners located in the US, UK and EEA, which store your personal data in the US, UK, EEA and other countries, with whom we may jointly offer products, services and programs (such as newsletters or web content), if you purchase, specifically express an interest in, or register for such jointly offered products, services and programs; such marketing partners use the information we provide in accordance with their own privacy policies; and 

• Provided you have consented, advertisers and advertising networks, which store your personal data in the US and other countries, that require the data to select and serve relevant advertisements to you and others. 

For more information about third parties with whom we elect to share personal information, please click  here. 

We may share your personal information with law enforcement agencies, public authorities or other  organizations if legally required to do so, or if we have a good faith belief that such use is reasonably  necessary to: 

• Comply with a legal obligation, process or request (including responding to any requests from law enforcement authorities outside the EEA and the UK); 

• Enforce our terms and conditions and other agreements, including investigation of any potential violation thereof; 

• Detect, prevent or otherwise address security, fraud or technical issues; or 

• Protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law. 

We may also disclose your information to third parties:  

• in the event that we sell or buy any business or assets, in which case we may disclose your data to the prospective seller or buyer of such business or assets; or 

• if we sell, buy, merge or partner with other companies or businesses, or sell some or all of our assets. In such transactions, user information may be among the transferred assets. 

Where we store your personal information  

The information that we collect from you is stored on servers in various locations, primarily in the US. We  may transfer personal information about you outside the country in which you are located to such  locations, including the UK and EEA, where we have business operations. Your personal data is also  processed by employees or agents operating outside the UK and the EEA who work for us or for one of  our suppliers or business partners. Such employees or agents are engaged in, among other things, the  hosting of our Website, the storage of information about our Website users and their Website activities,  the fulfilment of your orders, the provision of information to you that you may request from us, and the  provision of support services. Recipients outside the EEA or UK to whom we transfer the personal  information of EEA residents for storing or processing must comply with the standard contractual clauses  for the transfer and processing of personal data as set out in, as applicable, the European Commission  Decision  

2021/914/EU or the UK Data Protection Act of 2018 and the UK Data Protection Privacy and Electronic  Communications (Amendments, etc.) (EU Exit) Regulation 2019. Where personal data of UK residents is  transferred out of the UK or EEA, the International Data Transfer Agreement (or its shorter “addendum  format”) issued under Section 119A of the (UK) Data Protection Act 2018 and following UK Parliamentary  approval. will be used for transfers and processing. In such cases, we are responsible for the acts of  these recipients that process personal data when they perform services on our behalf. By submitting your  personal data, you agree to this transfer, storing or processing.  

The security of your personal information  

Nasuni has implemented industry-standard measures to protect the security of the personal information  we collect via the Website. For example, we use (SSL – Secure Socket Layers), cloud-based firewalls and  a digital certificate to protect your personal information. Where we have given you (or where you have  chosen) a password which enables you to access certain parts of our Website, you are responsible for  keeping this password confidential. We ask you not to share a password with anyone. No one can  guarantee, and we do not guarantee, that your personal information is completely secure at all times. You  are also responsible for maintaining the confidentiality of your personal information to protect it against  unauthorized access or use.  

Our Website may, from time to time, contain links to and from the websites of our partner networks,  advertisers and affiliates. If you follow a link to any of these websites, please note that these websites  have their own privacy policies and that we do not accept any responsibility or liability for these  policies. Please check these policies before you submit any personal information to these websites.  

Our Website contains blog posts, to which you can post replies. Any personal information you choose to  submit in a blog post may be read, collected, or used by others, and may be used to send you unsolicited  messages. We are not responsible for the personal information you choose to submit in these forums.  

Data retention  

Nasuni retains your personal information for no longer than we need to do perform the activity for which  the information was originally collected. If you express an interest in our products and services, we will  retain your information for up to 24 months after our last contact with you, unless you ask us to delete  your information sooner, but if you become a customer we will maintain your account, and your personal  information associated with the account, for up to seven years from the last date of contact with you or  for the period of time thereafter as specified in our contract with you (whichever is longer). If we have a 

legitimate interest to retain your information for a longer period of time, such as if your information is the  subject of an audit, legal dispute, or governmental order, then we will retain such information until no  longer required to comply with our legal obligations. We may collect your IP address when browsing our  Website, so that we know what content applies to you or whether we can export information to you, and  we retain that information for up to the applicable statutes of limitation under the regulations applicable to  the activity for which the IP address was collected.  

After you have terminated your use of our services, we will store your information in an aggregated and  anonymized format.  

Your rights  

You have the right to:  

(i) Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. 

(ii) Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. 

(iii) Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully 

exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. 

(iv) Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms. 

(v) Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: 

• If you want us to establish the data’s accuracy. 

• Where our use of the data is unlawful but you do not want us to erase it. 

• Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims. 

• You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. 

(vi) Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machinereadable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. 

(vii) Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent. 

• You can exercise your rights by visiting, contacting us at [email protected] or by calling us at one of these numbers: United States 1.888.6.NASUNI (1.888.662.7834), Internationally (+1.857.444.8400) or United Kingdom (+

Marketing. You have the right to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing at any time by visiting, contacting us at [email protected] or by calling us at one of these numbers: United States 1.888.6.NASUNI (1.888.662.7834), Internationally (+1.857.444.8400) or United Kingdom (+ 

Complaints. In the event that you wish to make a complaint about how we process your personal data, please contact us in the first instance at [email protected] or by calling us at one of these numbers: United States 1.888.6.NASUNI (1.888.662.7834), Internationally (+1.857.444.8400) or United Kingdom (+ and we will endeavor to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with your data protection authority. 

Our Policy Towards Children  

Our services are not directed at persons under 16 and we do not knowingly collect personal information  from children under 16. If you become aware that your child has provided us with personal information,  without your consent, then please contact us using the details below so that we can take steps to remove  such information and terminate any account your child has created with us.  


This Privacy Policy may be amended from time to time, consistent with applicable data protection and  privacy laws and principles. We will inform our customers of changes to this policy either through the  customer support portal or by email or other means.  


If you have any questions about this Privacy Policy, please send your inquiry to us at [email protected] or by calling us at one of these numbers: United States 1.888.6.NASUNI  (1.888.662.7834), Internationally (+1.857.444.8400) or United Kingdom (+ or to the  applicable Nasuni office identified on the footer of each page of our Website.  


Our customers, usually your employer, engage Nasuni to provide services. As part of our contract with  our customers, we provide remote access support. This means that we, as the data processor on behalf  of our customer, may have access to personal information where customers instruct us to provide  support. Our customers are the data controller of this data and questions about their data handling  processes should in the first instance be addressed to them. At all times, we act as a service provider and  data processor to our customers, and process data on their behalf and on their written instructions in  compliance with article 28 GDPR and UK GDPR.  

Nasuni Privacy Policy (Last Updated: January 4, 2023)