Global Privacy Hub
The Global Privacy Hub is where you can find documents demonstrating Nexthink’s commitment to upholding the highest standards of data protection and ensuring optimal compliance with applicable privacy laws.
Nexthink recognizes the importance of keeping its customers’ and partners’ personal data protected and safe. You can rest assured, we will only ever handle your personal data securely, and our certification under ISO 27701 shows that we do just that.
DPA and sub-processors
Cloud Data Processing Addendum – This sets out the contractual obligations we can offer to you to be confident we will take care of your personal data when you use our solutions. If you wish to sign the DPA, do, please let us know.
Nexthink Data Processing Schedule - The Nexthink Data Processing Schedule provides a detailed description of Nexthink’s processing activities, including a list of third parties, Nexthink engages to provide certain functionalities within its solutions. These sub-processors' access to any data is strictly limited to the indicated categories.
You can execute Nexthink’s DPA for your region under the following links:
EMEA and rest of the world (excl. France)
Certifications
Nexthink maintains processes and operating procedures that, combined with Nexthink’s state-of-the-art technical security controls, form a rigorous and certified Security and Privacy management framework (ISMS and PIMS). This framework addresses Security and Privacy requirements for Nexthink’s organization, as well as for the development and operation of Nexthink’s services and its cloud infrastructure.
Nexthink regularly undergoes external audits to receive updated SOC 2 Type 2 (link to an article) reports on two trust services principles: security and availability.
ISO/IEC 27701 demonstrates that Nexthink has strong measures in place to ensure our customers' compliance with the GDPR and other applicable privacy legislation (pdf download):
ISO/IEC 27018 is an addendum to ISO/IEC 27001, we are proud to be certified under this international code of practice for cloud privacy (pdf download):
ISO/IEC 27017 provides guidance concerning the information security elements of cloud computing, advising on the adoption of cloud-specific security controls to supplement the recommendations outlined in ISO/IEC 27001 (pdf download):
ISO/IEC 27001 is a security management standard that specifies security management best practices and comprehensive security controls (pdf download):
Policies
Privacy Code 2024 – The Nexthink Privacy Code describes how Nexthink Experience accesses and processes your personal data, focusing on the GDPR.
Privacy FAQ
Our Frequently Asked Questions section provides you the information you need regarding Nexthink’s robust data protection measures.
Transparency report
Nexthink Transparency Report provides information relating to data disclosure requests for customer data Nexthink has received as of the launch of its cloud offering.
Contact
If you have any questions concerning Nexthink’s approach to privacy, please do reach out to our Privacy & Security Committee at privacy-security@nexthink.com.