← Back to NEXQ Legal Center

Contract effective date: September 18, 2024. Audit release: July 9, 2026. Runtime consent and session timestamps are recorded when users actually interact with NEXQ systems.

Privacy Rights and Data Subject Request Policy

Customization required. This template is provided for policy operations and counsel review. Replace every NEXQ-reviewed value, verify every factual statement, and confirm applicability before publication. The template is not legal advice and does not create an attorney-client relationship.

Effective date: September 18, 2024
Last updated: September 18, 2024
Owner: NEXQ privacy, security, and legal operations
Applies to: NEXQ websites, web applications, protected workspace surfaces, mobile app surfaces, APIs, secure healthcare and healthtech workflow demonstrations, quantum encryption, diagnostics, oncology, longevity, research collaboration, support, and related services

This policy explains how NEXQ receives, verifies, fulfills, denies, and appeals privacy rights requests.

1. Request channels

Users may submit requests through https://nexq.us/legal#privacy-requests, by email to hello@nexq.us, or through other legally required methods. California opt-out requests must also be available through https://nexq.us/legal-policy-bundle/site/policies/do-not-sell-share-notice.html where applicable.

2. Rights covered

Depending on law and context, rights may include access, confirmation, correction, deletion, portability, restriction, objection, withdrawal of consent, opt-out of sale/share/targeted advertising/profiling, limit use of sensitive personal information, and appeal.

3. Verification

We verify identity proportionate to the sensitivity of the request. Account holders may be required to authenticate. Non-account holders may need to provide information sufficient to locate records.

4. Response timing

Response deadlines vary by law and contract. Track statutory deadlines, extensions, appeals, and customer contract deadlines in the DSAR log. HIPAA, GDPR, U.S. state privacy laws, and customer agreements may require different timing.

5. Denials

We may deny or limit requests where allowed, including when we cannot verify identity, records are exempt, compliance would impair rights of others, retention is legally required, or the request is manifestly unfounded, excessive, or abusive.

6. Appeals

Where required, users may appeal a denied request by contacting hello@nexq.us. Appeal responses should explain the decision and regulator complaint options where applicable.

7. Processor/service-provider requests

If we process data for a customer, we may redirect the request to the customer or assist the customer under the applicable agreement.