Contract effective date: September 18, 2024. Audit release: July 9, 2026. Runtime consent and session timestamps are recorded when users actually interact with NEXQ systems.
Privacy Rights and Data Subject Request Policy
Customization required. This template is provided for policy operations and counsel review. Replace every
NEXQ-reviewed value, verify every factual statement, and confirm applicability before publication. The template is not legal advice and does not create an attorney-client relationship.
Effective date: September 18, 2024
Last updated: September 18, 2024
Owner: NEXQ privacy, security, and legal operations
Applies to: NEXQ websites, web applications, protected workspace surfaces, mobile app surfaces, APIs, secure healthcare and healthtech workflow demonstrations, quantum encryption, diagnostics, oncology, longevity, research collaboration, support, and related services
This policy explains how NEXQ receives, verifies, fulfills, denies, and appeals privacy rights requests.
1. Request channels
Users may submit requests through https://nexq.us/legal#privacy-requests, by email to hello@nexq.us, or through other legally required methods. California opt-out requests must also be available through https://nexq.us/legal-policy-bundle/site/policies/do-not-sell-share-notice.html where applicable.
2. Rights covered
Depending on law and context, rights may include access, confirmation, correction, deletion, portability, restriction, objection, withdrawal of consent, opt-out of sale/share/targeted advertising/profiling, limit use of sensitive personal information, and appeal.
3. Verification
We verify identity proportionate to the sensitivity of the request. Account holders may be required to authenticate. Non-account holders may need to provide information sufficient to locate records.
4. Response timing
Response deadlines vary by law and contract. Track statutory deadlines, extensions, appeals, and customer contract deadlines in the DSAR log. HIPAA, GDPR, U.S. state privacy laws, and customer agreements may require different timing.
5. Denials
We may deny or limit requests where allowed, including when we cannot verify identity, records are exempt, compliance would impair rights of others, retention is legally required, or the request is manifestly unfounded, excessive, or abusive.
6. Appeals
Where required, users may appeal a denied request by contacting hello@nexq.us. Appeal responses should explain the decision and regulator complaint options where applicable.
7. Processor/service-provider requests
If we process data for a customer, we may redirect the request to the customer or assist the customer under the applicable agreement.