NexK IT SolutionsmyNexK

Privacy policy

How we process your personal data in the myNexK portal

Last updated: May 9, 2026

Introduction

This policy describes how NexK IT Solutions ("we", "NexK IT") collects, uses, and protects your personal data in the context of using the myNexK customer portal (my.nexk-it.com), in accordance with Regulation (EU) 2016/679 ("GDPR") and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data.

Data controller

The data controller is NexK IT Solutions — Konan Gérald, BCE BE 1037.508.040, Lotelingstraat 38, 2812 Muizen, Belgium. For any question regarding your data: hello@nexk-it.com.

Data collected

In the context of the myNexK portal, we process the following categories of data:

  • Identity: surname, first name, position (if provided)
  • Contact details: professional email, phone number, organization
  • Ticket content: subject, description, attachments, exchanges with our agents
  • Technical data: IP address, session identifiers, browser metadata (user-agent)
  • Preferences: language, theme (light/dark), notifications

Purposes and legal bases

Your data is processed to:

  • Execute the support contract: ticket management, SLA tracking, agent/client communication (legal basis: Article 6.1.b GDPR — performance of the contract)
  • Authenticate your access and secure your session (legal basis: legitimate interest — Article 6.1.f)
  • Improve the service through anonymized audience measurements (legal basis: legitimate interest)
  • Comply with our accounting and legal obligations (legal basis: legal obligation — Article 6.1.c)

Subprocessors

We use the following subprocessors for hosting and operating the portal. All are bound by a Data Processing Agreement (DPA) compliant with the GDPR:

  • Vercel Inc. (application hosting) — USA, under EU Standard Contractual Clauses (SCC)
  • Supabase Inc. (database + authentication) — europe-west region (Frankfurt)
  • Brevo (transactional email delivery) — France

Retention period

Your data is retained for the duration of the support contract, plus five (5) years after the end of the contract to comply with our legal obligations (Belgian civil and accounting limitation periods). Resolved tickets are archived but remain accessible for consultation. Technical data (logs) is purged after 90 days.

Your rights

In accordance with the GDPR, you have the following rights:

  • Right of access and copy of your data
  • Right of rectification of inaccurate data
  • Right to erasure ("right to be forgotten") under the conditions provided by law
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing based on legitimate interest

To exercise these rights, contact us at hello@nexk-it.com with proof of identity. We respond within 30 days maximum.

Complaint

You can lodge a complaint with the Data Protection Authority (APD/GBA) — Rue de la Presse 35, 1000 Brussels, contact@apd-gba.be, www.dataprotectionauthority.be.

Security

We implement appropriate technical and organizational measures: TLS 1.3 encryption in transit, isolation via Row Level Security (RLS) at database level, multi-factor authentication for agents, access logging, encrypted backups.