# Global Privacy Hub

The *Global Privacy Hub* is where you can find documents demonstrating Nexthink’s commitment to upholding the highest standards of data protection and ensuring optimal compliance with applicable privacy laws.

Nexthink recognizes the importance of keeping its customers’ and partners’ personal data protected and safe. You can rest assured, we will only ever handle your personal data securely, and our certification under ISO 27701 shows that we do just that.

## DPA and sub-processors <a href="#globalprivacyhub-dpaandsub-processors" id="globalprivacyhub-dpaandsub-processors"></a>

[**Cloud Data Processing Addendum**](https://docs.nexthink.com/legal/global-privacy-hub/cloud-data-processing-addendum) – This sets out the contractual obligations we can offer to you to be confident we will take care of your personal data when you use our solutions. If you wish to sign the DPA, do, please let us know.

[**Nexthink Data Processing Schedule**](https://docs.nexthink.com/legal/global-privacy-hub/nexthink-data-processing-schedule) - The *Nexthink Data Processing Schedule* provides a detailed description of Nexthink’s processing activities, including a list of third parties, Nexthink engages to provide certain functionalities within its solutions. These sub-processors' access to any data is strictly limited to the indicated categories.

You can **execute Nexthink’s DPA** for your region under the following links:

[**United States**](https://eu.docusign.net/Member/PowerFormSigning.aspx?PowerFormId=b419f6f0-f196-474e-89b5-2036b49fbc67\&env=eu\&acct=eb48c5de-e913-4df7-8fea-400a9a90dde3\&v=2)

[**EMEA and rest of the world (excl. France)**](https://eu.docusign.net/Member/PowerFormSigning.aspx?PowerFormId=f7c001e4-772a-46e4-a60f-cad86f4b10c0\&env=eu\&acct=eb48c5de-e913-4df7-8fea-400a9a90dde3\&v=2)

[**France**](https://eu.docusign.net/Member/PowerFormSigning.aspx?PowerFormId=a97d0c60-f29e-44b2-83a2-d040c2f8c44b\&env=eu\&acct=eb48c5de-e913-4df7-8fea-400a9a90dde3\&v=2)

## Certifications <a href="#globalprivacyhub-certifications" id="globalprivacyhub-certifications"></a>

Nexthink maintains processes and operating procedures that, combined with Nexthink’s state-of-the-art technical security controls, form a rigorous and certified Security and Privacy management framework **(ISMS and PIMS)**. This framework addresses Security and Privacy requirements for Nexthink’s organization, as well as for the development and operation of Nexthink’s services and its cloud infrastructure.

<div align="center"><figure><img src="https://2882018043-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fa4qHY3uBZrY3fuoDVXTx%2Fuploads%2Fgit-blob-77cc0766e7ed492a7d35255b6c4c584a134d64e1%2F21972-312_soc_noncpa.jpg?alt=media" alt="21972-312_SOC_NonCPA.jpg" width="133"><figcaption></figcaption></figure></div>

Nexthink regularly undergoes external audits to receive updated [**SOC 2 Type 2**](https://www.nexthink.com/press/nexthink-continues-to-deliver-security-excellence-with-iso-iec-277012019-certification-and-soc-2-type-2-report/) (link to an article) reports on two trust services principles: security and availability.

<div align="center"><figure><img src="https://2882018043-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fa4qHY3uBZrY3fuoDVXTx%2Fuploads%2FJVRnepWhhVZPxEhWK0ZP%2FEYCP%20Quality%20Mark%20ISO%2027701.png?alt=media&#x26;token=0a740a1f-b4e6-466a-b0fa-5f6499eccfe3" alt="" width="188"><figcaption></figcaption></figure></div>

**ISO/IEC 27701** demonstrates that Nexthink has strong measures in place to ensure our customers' compliance with the GDPR and other applicable privacy legislation (pdf download):

{% file src="<https://2882018043-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fa4qHY3uBZrY3fuoDVXTx%2Fuploads%2FZdBIrl5ZglzI47AksU0t%2F2025_EYCP_Certificate_Nexthink%20ISO%2027701.pdf?alt=media&token=6afd75af-94bf-42e9-8e93-1a4f4cbd95af>" %}

<div align="center"><figure><img src="https://2882018043-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fa4qHY3uBZrY3fuoDVXTx%2Fuploads%2FSaofYBut0VWUAFXpjBdX%2FEYCP%20Quality%20mark%20ISO%2027018.png?alt=media&#x26;token=ae487832-be69-4a1e-b4f7-0aa22ff2e745" alt="" width="188"><figcaption></figcaption></figure></div>

**ISO/IEC 27018** is an addendum to ISO/IEC 27001, we are proud to be certified under this international code of practice for cloud privacy (pdf download):

{% file src="<https://2882018043-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fa4qHY3uBZrY3fuoDVXTx%2Fuploads%2FRlbUYLSU2WQ5zi8raczP%2F2025_EYCP_Certificate_Nexthink%20ISO%2027018.pdf?alt=media&token=efd193a7-b2e8-40ad-88d5-bb1ff1c9bcbe>" %}

<div align="center"><figure><img src="https://2882018043-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fa4qHY3uBZrY3fuoDVXTx%2Fuploads%2FBcqHjppVvNS04goPDe5L%2FEYCP%20Quality%20Mark%20ISO%2027017.png?alt=media&#x26;token=95a809b6-c885-4868-ad3b-d35067f652f0" alt="" width="188"><figcaption></figcaption></figure></div>

**ISO/IEC 27017** provides guidance concerning the information security elements of cloud computing, advising on the adoption of cloud-specific security controls to supplement the recommendations outlined in ISO/IEC 27001 (pdf download):

{% file src="<https://2882018043-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fa4qHY3uBZrY3fuoDVXTx%2Fuploads%2FtnwCTYCbu9ToDPPVwrud%2F2025_EYCP_Certificate_Nexthink%20ISO%2027017.pdf?alt=media&token=5d671b0a-4d69-49df-8a36-5c2e55efeef1>" %}

<div align="center"><figure><img src="https://2882018043-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fa4qHY3uBZrY3fuoDVXTx%2Fuploads%2FxLWf8ItoRPkpbgiDQfdO%2FEYCP%20Quality%20mark%20ISO%2027001.png?alt=media&#x26;token=9f0692b8-af7e-4f06-9286-141eb4a96a6e" alt="" width="188"><figcaption></figcaption></figure></div>

**ISO/IEC 27001** is a security management standard that specifies security management best practices and comprehensive security controls (pdf download):

{% file src="<https://2882018043-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fa4qHY3uBZrY3fuoDVXTx%2Fuploads%2FqFkgBi6n84H0U29qfxFS%2F2025_EYCP_Certificate_Nexthink%20ISO%2027001.pdf?alt=media&token=db3073cc-55f0-436f-9e8a-8077c2636aff>" %}

<figure><img src="https://2882018043-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fa4qHY3uBZrY3fuoDVXTx%2Fuploads%2Fuj8UCcYxVyfpAPLS1aXs%2FDistintivo_ens_certificacion_MEDIA_2022.png?alt=media&#x26;token=5094591b-03fd-40b8-9992-dcc960b4a1ba" alt="" width="188"><figcaption></figcaption></figure>

**ENS (Esquema Nacional de Seguridad)** is Spain’s National Security Framework, regulated by Royal Decree 311/2022 (3 May 2022), which provides security requirements to ensure the adequate protection of information handled by public entities and their suppliers:

{% file src="<https://2882018043-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fa4qHY3uBZrY3fuoDVXTx%2Fuploads%2F63Lwg5jNzkcaehMM1N7T%2F2024_Certificate_Nexthink%20ENS.pdf?alt=media&token=7062e8ea-f3aa-4ab6-a676-9b703279fc22>" %}

## Policies <a href="#globalprivacyhub-policies" id="globalprivacyhub-policies"></a>

[**Privacy Code 2025**](https://docs.nexthink.com/legal/global-privacy-hub/privacy-code-2024) – The *Nexthink Privacy Code* describes how *Nexthink* accesses and processes your personal data.

## Privacy FAQ <a href="#globalprivacyhub-privacyfaq" id="globalprivacyhub-privacyfaq"></a>

Our [**Frequently Asked Questions**](https://docs.nexthink.com/legal/faq) section provides you the information you need regarding Nexthink’s robust data protection measures. &#x20;

## Transparency report <a href="#globalprivacyhub-transparencyreport" id="globalprivacyhub-transparencyreport"></a>

[**Nexthink Transparency Report**](https://docs.nexthink.com/legal/global-privacy-hub/nexthink-transparency-report) provides information relating to data disclosure requests for customer data Nexthink has received as of the launch of its cloud offering.

## Contact <a href="#globalprivacyhub-contact" id="globalprivacyhub-contact"></a>

If you have any questions concerning Nexthink’s approach to privacy, please do reach out to our Privacy & Security Committee at [**privacy-security@nexthink.com**](mailto:privacy-security@nexthink.com).