Nestr BV (“We”) is committed to protecting and respecting your privacy.
This policy (together with our website terms and conditions and any other documents referred to from it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting Nestr.io you are accepting and consenting to the practices described in this policy.
Nestr BV may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This version of the policy is effective from 1st of September 2019.
Who we are
Our website address is: https://nestr.io.
Nestr BV is the data controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).
If you do have a complaint please do contact us first so that we can try to resolve it for you.
What personal data we collect and why we collect it
We may collect the following data about you:
- name and job title
- contact information including email address or addresses
- postal and billing address
- phone number or numbers
- business name
- website address or addresses
- data about how you use our website – visits to specific pages e.g. thank you pages for sign-ups to receive specific information or on purchases.
- any personal data that you choose to share with us in forms on our website, in feedback forms, over the phone, by email, by completing a survey, or in polls.
- technical data, such as your IP address, your login credentials, details about your browser, length of visit to pages on our website, page views, navigation paths, details about how often you visit our website, time zone settings and other technology on the devices you use to access our website
- billing information, e.g. your VAT number
We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.
What we do with the information we gather
We will only use your personal data when legally permitted.
The most common uses of your personal data are:
- Where we need to perform the contract between us.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
Generally, we do not rely on consent as a legal ground for processing your personal data, other than in relation to sending marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by emailing us at hello [@] Nestr.io or by using the link provided in any of the communications you receive from us.
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- Internal record keeping.
- We may use the information to improve our products and services.
- From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customise the website according to your interests.
We will typically use your data for:
- Sales & Marketing, for example sending you marketing communications where we are allowed by law to do so, understanding your business to see if our goods and services may be useful to you, personalising your use of our website, understanding how you use our website so that we can improve it for visitors, understanding which of our products and services you may have been researching, keeping records of conversations we’ve had with you, delivering relevant advertisements to you on platforms where you have settings enabled to see re-targeted advertising.
- Customer Services, for example providing you with the services you have bought from us, replying to enquiries you make about our services, responding to issues or complaints, assessing your experience of using our products and services and handling press enquiries;
- Financial Management, for example carrying out credit checks, processing financial transactions, contacting you about payment queries or outstanding debts, or paying you for goods and services we’ve bought from you;
- Legal and compliance, for example complying with any legal obligations that apply to our business or as required by government authorities like HMRC, bringing legal claims against you in the unlikely event that you breach a contract or fail to make payment;
- Ongoing business health, for example protecting our business and website, managing and making decisions about our business and obtaining professional advice.
Purposes for processing your personal data
We have four core categories, in which we have determined a lawful grounds to hold and process your data in order to contact you:
- You are a customer: where you have taken a trial or paid subscription of our software, or registered for one of our online courses, workshops, membership programmes or licenses, we hold and process your data for the purpose of fulfilling that contract, and for our legitimate interests of informing you of updates to those products or services.
- You have actively requested specific information: where you have requested one our resources or email series, we hold and process your data to deliver the requested information to you, to fulfil that request.
- You have actively added yourself to our marketing list: where you have asked to be sent updates from us by email by providing your email in a web form, email interaction or phone or in-person conversation that made it clear to you that this is what we would be holding and processing your data for.
- You have asked us to get in touch after an event: where we have met you at an event and you provided us with your business card or contact details on a written form, we will use this to contact you in follow-up to that event and invite you to consent to marketing.
In terms of the different types of data we hold about you, we have determined the following lawful grounds to hold and process your data to help us run our business:
- Communication Data: that includes any communication that you send to us whether that be through the contact form on our website, through email, text, social media messaging, social media posting or any other communication that you send. We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. The lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.
- Customer Data: that includes data relating to any purchases of goods and/or services such as your name, title, billing address, delivery address email address, phone number, contact details, purchase details and your card details. We process this data to supply the goods and/or services you have purchased and to keep records of such transactions. The lawful ground for this processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract.
- User Data: that includes data about how you use our website together with any data that you post for publication on our website. We process this data to operate our website and ensure relevant content is provided to you, to ensure the security of our website, to maintain back- ups of our website and/or databases and to enable publication and administration of our website, other online services and business. The lawful ground for this processing is our legitimate interests which in this case are to enable me to properly administer our website and our business.
- Technical Data: that includes data about your use of our website and online services such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of times you use our website, time zone settings and other technology on the devices you use to access our website. The source of this data is from our analytics tracking systems. We process this data to analyse your use of our website and other online services, to administer and protect our business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business and to grow our business and to decide our marketing strategy.
- Marketing Data: includes data about your preferences in receiving marketing from us and our third parties and your communication preferences. We process this data to enable you to partake in our promotions such as competitions, prize draws and free give-aways, to deliver relevant website content and advertisements to you and measure or understand the effectiveness of this advertising. The lawful ground for this processing is our legitimate interests which in this case are to study how customers use our products/services, to develop them, to grow our business and to decide our marketing strategy.
- Advertising Data: We might use Customer Data, User Data, Technical Data and Marketing Data to deliver relevant website content and advertisements to you (including Facebook adverts or other display advertisements) and to measure or understand the effectiveness of the advertising we serve you. The lawful ground for this processing is legitimate interests which is to grow our business. We may also use such data to send other marketing communications to you. The lawful ground for this processing is either consent or legitimate interests (namely to grow our business).
We may also process Aggregated Data from your personal data but this data does not reveal your identity and as such in itself is not personal data. An example of this is where we compile statistics across all of our surveys to see trends, or we review your Usage Data to work out the percentage of website users using a specific feature of our site. If we link the Aggregated Data with your personal data so that you can be identified from it, then it is treated as personal data.
Where we need to collect personal data by law, or under the terms of our contract and you don’t provide me with that data when requested, we might not be able to perform the contract (for example, to deliver our services to you). If you don’t provide me with the requested data, we might have to cancel our contract but if we do, we will notify you at the time.
We will only use your personal data for the purposes for which it was collected or a reasonably compatible purpose if necessary. In case we need to use your details for an unrelated new purpose we will let you know and explain the legal grounds for processing.
We might process your personal data without your knowledge or consent where this is required or permitted by law.
We do not carry out automated decision making or any type of automated profiling.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your website login will persist for two weeks. If you log out of your account, the login cookies will be removed.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure of your information, you will be responsible for choosing secure passwords for your access (mix of upper- and lowercase characters, numbers, characters).
G Suite users – your privacy and the Nestr application
G Suite information that Nestr software collects
At a high level, the Nestr application collects the following information:
- persistent identifiers – your Google ID;
- calendar information.
Nestr accurately represents its identity and intent:
- Our Identity: You authorise Nestr to access Google API Services on behalf of your account and these credentials are kept confidentially and secure.
- Data Requested: When you authorise Nestr access to your Google Account, we request a minimum range of permissions that Google describes as:
- Calendar: To see, edit, share and permanently delete all the calendars that you can access using Google Calendar.
How Nestr uses information in, and with G Suite
So that you can recognise these Actions triggered by, or impacting G Suite as an integrated system the next time you use them in Nestr, information from your G Suite account is used in the following actions in Nestr:
- to schedule and manage calendar bookings (Calendar) – meetings booked via the automated appointment booking function, or via the contact or opportunity record are sent using the Google Calendar API and are created in your G Suite account user’s or users’ calendars;
Nestr does not request access to information that it does not need.
Office 365 users – your privacy and the Nestr application
Office 365 information that Nestr software collects
At a high level, the Nestr application collects the following information:
- persistent identifiers – your Office 365 ID;
- calendar information;
Nestr accurately represents its identity and intent:
- Our Identity: You authorise Nestr to access Outlook API Services on behalf of your account, and these credentials are kept confidentially and secure.