NexxLinx deals with confidential data, including data of their customers. The highest priority is placed on the security and privacy of this data, and these policies are designed to safeguard such data while allowing employees the proper access to complete their job roles. This policy applies to all users of personally identifiable information in NexxLinx's possession.

Physical Security
The data center housing the NexxLinx's customer's data has the highest level of physical security standards. Access to the facility is controlled and logged and the facility is carefully monitored. System Security is also of critical importance and is designed into all levels of the NexxLinx application's and infrastructure.

User Access
User authentication is performed for all external user's before connecting to NexxLinx applications. Only current employees and contractors with a specific “need to know” will have access to specific data.

Network Security
NexxLinx’s computer network is protected from unauthorized intrusion via the use of a firewall; even with such precaution, it is impossible to guarantee that an intrusion into NexxLinx’s computer network will not occur. Remote access to NexxLinx's computer network shall be permitted only through a virtual private network and only when deemed necessary by an appropriately authorized NexxLinx employee. NexxLinx monitors NexxLinx’s computer network traffic for malicious behavior.

Transfer of Data To Third Parties
NexxLinx does not share any of its customer’s personally identifiable information to third parties except in good faith where NexxLinx believes it is appropriate to cooperate in investigations of fraud or other illegal activity. NexxLinx discloses information in response to a subpoena, warrant, court order, levy, attachment, order of a court-appointed receiver or other comparable legal process, including subpoenas from private parties in a civil action.

Data protection
All data in NexxLinx’s possession is backed-up on a regular basis and back-ups are stored in a secure off-site location. Computer systems containing critical data employ redundancy to protect against loss of data from hardware failure. Data retention

NexxLinx’s own data shall be retained for as long as it is actively used, or as required by applicable law, regulation or NexxLinx policy. Client data will be kept for the duration of the work with the client, or longer if required pursuant to the contract with the client, or as required by applicable law or regulation. Once data in possession of NexxLinx is no longer required to be maintained, it shall be properly disposed of which shall include taking reasonable measures to protect against unauthorized access to or use of the information in connection with its disposal.

As a Business Solution Communication Provider, NexxLinx has certain responsibilities for protecting the privacy of a Customer' s personally identifiable information. The Safe Harbor Privacy Policy (the "Policy") sets forth the privacy principles that NexxLinx follows with respect to client’s and client's customer’s personally identifiable information.

SAFE HARBOR
The United States Department of Commerce and the European Commission have agreed on a set of data protection principles and frequently asked questions (the "Safe Harbor Principles") to enable U.S. companies to satisfy the requirement under European Union law that adequate protection be given to personal information transferred from the EU to the United States. The EEA also has recognized the U.S. Safe Harbor as providing adequate data protection (OJ L 45, 15.2.2001, p.47). Consistent with its commitment to protect personal privacy, NexxLinx adheres to the following Safe Harbor Principles.

1) Choice
Acting only as an agent for its clients, NexxLinx provides persons whose personally identifiable information is provided to NexxLinx by a client, an opportunity to opt-out if they do not want to be contacted by NexxLinx on behalf of NexxLinx or NexxLinx's clients.

2) Onward Transfer
NexxLinx will not transfer clients' data except with the written authorization of the client.

3) Security
NexxLinx maintains reasonable precautions to protect personally identifiable information from loss, misuse and unauthorized disclosure, alteration or destruction.

4) Data Integrity
NexxLinx's customer's information maintained by NexxLinx will be used for the sole purpose of supporting client's business operations.

5) Access
NexxLinx's customer's have the option to review their personal data by contacting NexxLinx's customer services representatives. As part of the review process, only authorized NexxLinx customer services representatives can correct, amend, or delete the customer's information where it is inaccurate.

6) Notice
NexxLinx does not use customer data for any purpose incompatible with those purposes authorized in its client agreements. Sensitive Information, including credit card numbers, is not stored except as directed by NexxLinx's clients who own the data, and is not transferred to third parties except as authorized by client.

7) Enforcement
NexxLinx has established procedures for periodically verifying the implementation of and compliance with the Safe Harbor principles. We conduct an annual self-assessment of our practices with respect to Personal and Sensitive Personal Information to verify that representations we make about our privacy practices are true and that related privacy policies have been implemented as represented. All NexxLinx employees will be required to be familiar with and adhere to this policy. NexxLinx will investigate any reported complaints of violations of its privacy policy and will take prompt remedial action where violations are found.

Should you have questions or concerns about this Privacy Policy, please call us at 678.718.4475 x352