Contact Nialum

English/spanish

Contact Nialum

Hello 👋 How can I help you? Hola 👋 ¿En qué puedo ayudarte?

7:26

whatsappSend
messenger_opener
Navbar logo

Data Protection Policy

1. Introduction

1. Introduction This Data Protection Policy outlines the principles, practices, and measures adopted by Nialum LLC ("Nialum" or "we") to manage personal data in compliance with applicable data protection laws, including: General Data Protection Regulation (GDPR) of the European Union. California Consumer Privacy Act (CCPA) of the United States. Other relevant privacy regulations worldwide. Nialum LLC Information: Legal Name: Nialum LLC Address: 1209 Mountain Road Pl NE Ste N, Albuquerque, NM 87110, USA EIN: 99-1967971 Contact Email: dpdnialum@nialum.com Website: www.nialum.com This policy applies to all data processed via our website, Platform, and custom mobile applications. 2. Data Processing Responsibilities Nialum assumes different roles depending on the context of the data processing: Data Processor: Acting on behalf of Contracting Entities (educational institutions or similar organizations), following their instructions under GDPR Article 28 and relevant U.S. regulations. Data Controller: For data collected directly from users (e.g., website visitors, inquiries). Responsibilities and roles are defined contractually for Contracting Entities, ensuring compliance with the GDPR and other applicable laws. 3. Purpose of Data Processing Nialum processes personal data for the following purposes: Service Provision: To enable and maintain access to the Platform’s functionalities as contracted. User Support: To respond to inquiries, provide technical support, and communicate about services. Legal Compliance: To meet obligations imposed by applicable laws and regulations. Platform Optimization: To analyze and improve the Platform using aggregated and anonymized data. Fraud Prevention: To ensure the security and integrity of the Platform.
4. Types of Data Processed We collect and process the following categories of personal data: Identification Data: Name, email address, postal code, city, and country. Technical Data: IP address, browser type, operating system, and log files. Usage Data: Actions performed on the Platform, pages visited, preferences, and session duration. Optional Data: Additional information shared by users, such as support queries.
5. Legal Basis for Processing The legal bases for processing personal data include: Contractual Necessity: To fulfill our obligations under agreements with Contracting Entities. User Consent: For optional activities, such as analytics or marketing, requiring explicit opt-in. Legal Obligations: To comply with laws and regulations, including data retention for tax or auditing purposes. Legitimate Interests: To improve services and maintain the security of the Platform, balanced against user rights.
6. Data Retention Nialum retains personal data only as long as necessary for the purposes outlined in this policy: Active Contracts: Data is retained throughout the duration of the contract. Legal Obligations: Certain data may be retained for up to 7 years to comply with financial, tax, or auditing regulations. Anonymization: After retention periods expire, data is securely anonymized or deleted.
7. Subcontracting of Technical Services Nialum engages verified third-party service providers to support operations, such as: Hosting Services: Provided by Arsys Internet under GDPR-compliant agreements. Subcontractor Obligations: All third parties are bound by contracts requiring compliance with data protection laws and confidentiality.
8. International Data Transfers To ensure secure global operations, Nialum adheres to the following principles for international data transfers: Standard Contractual Clauses (SCCs): For transfers outside the European Economic Area (EEA). Data Privacy Frameworks: Adherence to frameworks like the EU-U.S. Data Privacy Framework where applicable. Additional Safeguards: Encryption, pseudonymization, and strict access controls.
9. Rights of Data Subjects Users have the following rights under GDPR, CCPA, and other applicable regulations: Access: Obtain information on how their data is processed and request a copy. Rectification: Correct inaccuracies in their personal data. Deletion: Request deletion of data no longer necessary for processing ("right to be forgotten"). Restriction: Limit data processing in specific circumstances. Portability: Receive their data in a machine-readable format or transfer it to another controller. Objection: Oppose processing based on legitimate interests. Consent Withdrawal: Revoke previously granted consent. How to Exercise Rights: Users can submit requests via dpdnialum@nialum.com. Nialum commits to responding within 30 days (GDPR) or 45 days (CCPA). 10. Security Measures Nialum has implemented robust technical and organizational measures to protect personal data, including: Encryption: Data encrypted in transit (HTTPS) and at rest. Access Control: Role-based access restrictions for employees and contractors. Audit Logs: Continuous monitoring of access and modifications to sensitive data. Incident Response: Data breaches are addressed and reported within 24-72 hours as required.
11. Data Breach Notification Nialum adheres to breach notification requirements: Users: Prompt notification if risks to rights and freedoms are identified. Authorities: Reporting within 72 hours for GDPR-related breaches.
12. Modifications to This Policy This policy may be updated periodically to reflect regulatory changes or operational adjustments. Significant changes will be communicated to affected parties. 13. Contact For questions or complaints regarding this policy, contact: Email: dpdnialum@nialum.com Address: 1209 Mountain Road Pl NE Ste N, Albuquerque, NM 87110, USA

                                                                                                                                                                                                                              Updated: 12.2024