Contract effective date: September 18, 2024. Audit release: July 9, 2026. Runtime consent and session timestamps are recorded when users actually interact with NEXQ systems.
Marketing Analytics and Communications Policy
Template and counsel-review notice. This document is a website/app integration template, not a legal opinion. Before publication, replace bracketed placeholders, confirm actual data flows, obtain advice from qualified counsel for each jurisdiction and regulated workflow, and approve final wording through privacy, security, product, marketing, health/clinical, and executive stakeholders. Do not promise controls, certifications, response times, retention periods, or legal rights unless they are actually implemented and operationally supported.
Effective date: September 18, 2024
Last updated: September 18, 2024
Organization: NEXQ Inc.
Services covered:
NEXQ websites, web applications, protected workspace surfaces, mobile app surfaces, APIs, secure healthcare and healthtech workflow demonstrations, quantum encryption, diagnostics, oncology, longevity, research collaboration, support, and related services
Privacy contact: hello@nexq.us
Security contact: hello@nexq.us
Mailing address: Irvine, CA, United States — contact hello@nexq.us for legal notices
1. Scope
This policy governs analytics, advertising, email marketing, SMS/text messaging, push notifications, telemarketing, referral campaigns, attribution, A/B tests, conversion APIs, marketing automation, pixels, clean rooms, data matching, lookalike audiences, and suppression lists.
2. Baseline rules
- Marketing must never outrun the Privacy Policy, Cookie Policy, Notice at Collection, app-store labels, or customer contracts.
- Analytics and advertising tags must be approved through the tracking-technology inventory before deployment.
- Sensitive workflows require opt-in or prohibition depending on the applicable law and contract.
- Suppression lists may be retained to honor opt-outs even when other marketing data is deleted.
- Claims such as “anonymous,” “aggregate,” or “deidentified” require technical and contractual substantiation.
3. Email marketing
Commercial email must identify the sender, avoid deceptive subject lines or headers, include a valid physical postal address, clearly explain how to opt out, and honor opt-outs promptly. Transactional/service messages must not be disguised marketing.
4. SMS, calls, and push notifications
SMS/text, autodialed calls, prerecorded/artificial voice calls, and push notifications require documented consent and opt-out workflows appropriate to the campaign, recipient, and current law. Maintain consent source, timestamp, phone number, message content, campaign ID, opt-out text, and revocation handling. Because FCC/TCPA requirements have changed through rulemaking and litigation, confirm current requirements before launch.
5. Subscriptions and negative options
Free trials, auto-renewals, subscriptions, continuity programs, and other negative-option features require clear material terms, affirmative consent, easy cancellation, and records of authorization. The FTC negative-option rule status has shifted through rulemaking and court actions; counsel must confirm the current federal and state requirements before publishing subscription language.
6. Health, children, education, and financial marketing restrictions
Do not use health, patient, consumer-health, children, student, precise-location, biometric, financial, or government-ID data for targeted advertising, lookalikes, marketing lists, or model training unless counsel confirms the exact use is lawful and approved in writing. School-directed products should not use student PII for behavioral advertising.
7. Measurement and audits
Each campaign must have a documented purpose, audience, data source, legal basis, opt-out mechanism, creative approval, vendor list, and post-campaign deletion or retention rule. Run quarterly audits comparing live tags, data warehouses, CRM lists, mobile SDKs, app-store disclosures, and consent logs.