# Configuring Nexthink privacy settings

This page provides the technical framework for configuring Nexthink privacy settings to collect, manage, access, and store data following compliance and security requirements within your organization.

## Infinity privacy settings <a href="#privacypolicyandsettings-infinityprivacysettings" id="privacypolicyandsettings-infinityprivacysettings"></a>

The following tables summarize the possible privacy configurations for Nexthink Infinity platform and Collector, along with their corresponding procedures and descriptions.

Go to the [Infinity privacy policy](#privacypolicyandsettings-infinityprivacypolicyprivacypolicy) section on this page for in-depth technical details about data privacy.

{% hint style="warning" %}
Refer to the [Establishing a privacy policy](https://docs-v6.nexthink.com/V6/6.30/establishing-a-privacy-policy) documentation for privacy settings that apply to Nexthink V6 (on-premise) and Nexthink Experience.
{% endhint %}

### Collector default configuration for data collection

<table data-full-width="false"><thead><tr><th>Privacy setting option</th><th>Description</th><th>Link to procedure</th></tr></thead><tbody><tr><td><strong>Username</strong> and <strong>User Principal Name (UPN)</strong></td><td><p>By default, Collector reports the username in a human-readable format. You can configure Collector to only report a hash of the username.</p><p>Also, by default, Nexthink does not collect user principal name (UPN) information.</p></td><td><a href="../bringing-data-into-your-nexthink-instance/deploying-nexthink-in-non-vdi-environment/installing-collector/configuring-collector-level-anonymization">Configuring Collector level anonymization</a></td></tr><tr><td><strong>Focus time</strong></td><td><p>By default, execution events do not contain information about how long the application is in focus.</p><p>You can enable the tracking of the focus time.</p></td><td><a href="../bringing-data-into-your-nexthink-instance/deploying-nexthink-in-non-vdi-environment/installing-collector/configuring-collector-level-anonymization">Configuring Collector level anonymization</a></td></tr><tr><td><strong>User Activity</strong></td><td><p>By default, Collector reports how much time the user spends actively using the device.</p><p>You may configure Collector to disable reporting user activity time.</p></td><td><a href="../bringing-data-into-your-nexthink-instance/deploying-nexthink-in-non-vdi-environment/installing-collector/configuring-collector-level-anonymization">Configuring Collector level anonymization</a></td></tr><tr><td><strong>Wi-Fi network</strong> (SSID and BSSID)</td><td>By default, Collector does not gather the SSIDs and BSSIDs of the WiFi hotspots connected to the device.</td><td><a href="../bringing-data-into-your-nexthink-instance/deploying-nexthink-in-non-vdi-environment/installing-collector/configuring-collector-level-anonymization">Configuring Collector level anonymization</a></td></tr><tr><td><strong>Domain name</strong></td><td>By default, Collector does not report domain names for network connections.</td><td><a href="../bringing-data-into-your-nexthink-instance/deploying-nexthink-in-non-vdi-environment/installing-collector/configuring-collector-level-anonymization">Configuring Collector level anonymization</a></td></tr><tr><td><strong>Network connections</strong></td><td>By default, Collector gathers network connections for all binaries including destination attributes and connection metrics.</td><td><a href="../bringing-data-into-your-nexthink-instance/deploying-nexthink-in-non-vdi-environment/installing-collector/configuring-collector-level-anonymization">Configuring Collector level anonymization</a></td></tr></tbody></table>

### Nexthink Mobile app data collection configuration

The Nexthink Mobile app collects **personally identifiable information (PII)** from employee devices only when the required permissions are explicitly granted. These permissions can be configured in two ways:

* **End-user consent**: The user accepts the privacy terms presented as an in-app prompt during the initial app setup.
* **Mobile Device Management (MDM) configuration**: An administrator uses an MDM solution (e.g., Microsoft Intune) to pre-configure and grant permissions. In addition to mandatory data collected by default, administrators can enable the following permissions via the MDM:
  * UPN
  * Serial Number

### Infinity platform privacy configuration options

<table data-full-width="false"><thead><tr><th>Privacy setting option</th><th>Description</th><th>Link to procedure</th></tr></thead><tbody><tr><td>Data management</td><td>Nexthink enables customers to anonymize and delete already collected user and device names.</td><td><a href="../../user-guide/administration/content-management/data-management">Data management</a></td></tr><tr><td>Bring your own key<a href="https://nxdocs.atlassian.net/wiki/spaces/INITSPACE/pages/1815937030"> </a>(BYOK)</td><td><p>Specific fields are encrypted at rest in AWS using an AES-256 key encryption.</p><p>Nexthink provides a second layer of encryption using a unique key.</p></td><td><a href="../../security/security-plus/bring-your-own-key-byok-encryption">Bring Your Own Key (BYOK)</a></td></tr><tr><td>Web Application</td><td><p>If the Nexthink browser extension is installed, usage data is collected by default. You can disable this option.</p><p>Additionally, the Extension gathers more data such as web-based application URLs, if configured.</p></td><td><a href="../../user-guide/applications/managing-applications">Managing Applications</a></td></tr><tr><td>Device Location, Geolocation and Organization</td><td><p>By default, Nexthink determines whether a device connection is remote or on-site within your organization. Simillarly, the system defines the geographical location of a device based on its public IP address.</p><p>Nexthink includes a rule-based assignment process to dynamically reassign the organization entities of devices, allowing setting proper View domain configurations.</p></td><td><a href="../../user-guide/administration/system-configuration/product-configuration">Product configuration</a></td></tr><tr><td>View domain</td><td>Enforces compliance rules so that access to data is on a need-to-know basis.</td><td><a href="../../user-guide/administration/account-management/roles/view-domain">View domain</a></td></tr><tr><td>User permissions</td><td>Nexthink provides four levels of data privacy that specify the access rights and visibility of each user account to particular pieces of information.</td><td><p><a href="../../user-guide/administration/account-management/accounts">Accounts</a></p><p><a href="../../user-guide/administration/account-management/roles">Roles</a></p></td></tr><tr><td>Single sign-on (SSO)</td><td>Single sign-on integration to facilitate user access to Nexthink through a single corporate login.</td><td><a href="../../user-guide/administration/account-management/single-sign-on">Single sign-on</a></td></tr><tr><td>Collect URLs</td><td>By default, the system does not store URLs.<br>If enabled, Nexthink sanitizes all collected URLs to conceal sensitive information.</td><td><a href="../../user-guide/applications/configuring-applications/configuring-web-applications">Configuring web applications</a></td></tr><tr><td>Web Usage Time</td><td>By default, Nexthink collects the web usage time if a Web application is defined.</td><td><a href="../../user-guide/applications/managing-applications">Managing Applications</a></td></tr></tbody></table>

## Infinity privacy policy <a href="#privacypolicyandsettings-infinityprivacypolicyprivacypolicy" id="privacypolicyandsettings-infinityprivacypolicyprivacypolicy"></a>

Find below the pillars that build the Nexthink Infinity privacy policy:

* Data encryption
* Data collection
* User permissions
* Anonymization
* Hosting locations
* Data retention
* Audit trails
* Certifications and security reports

### Data encryption <a href="#privacypolicyandsettings-dataencryption" id="privacypolicyandsettings-dataencryption"></a>

Nexthink encrypts the transmission of sensitive information using protocols. The table below describes the encrypted communication channels between components.

<table data-full-width="false"><thead><tr><th>Core components</th><th>Direction</th><th>Components</th><th>Protocol or encryption</th></tr></thead><tbody><tr><td>Collector</td><td>&#x3C;--></td><td>Nexthink web interface</td><td>TCP encrypted</td></tr><tr><td>API<br>(optional channel)</td><td>&#x3C;--></td><td>Nexthink web interface</td><td>REST HTTPS</td></tr><tr><td>SSO integration<br>(optional channel)</td><td>&#x3C;--></td><td>Nexthink web interface</td><td>SAML (HTTPS)</td></tr></tbody></table>

In addition, Nexthink encrypts stored data by encoding it on disk. Each organization or customer has a unique key that prevents unauthorized access to data.

The [Bring your own key (BYOK) encryption](https://docs.nexthink.com/platform/security/security-plus/bring-your-own-key-byok-encryption) model allows you to manage your own unique encryption key, if required.

### Data collection <a href="#privacypolicyandsettings-datacollection" id="privacypolicyandsettings-datacollection"></a>

Each endpoint communicates with a web instance provided and operated by Nexthink. Collectors installed on employee devices report events and metrics by:

* Gathering hardware and software information.
* Monitoring system activities and device properties.

In turn, authorized users can operate the Nexthink web interface to apply fixes to employee devices. Refer to the [Collector overview](https://docs.nexthink.com/platform/configuring_nexthink/bringing-data-into-your-nexthink-instance/deploying-nexthink-in-non-vdi-environment/installing-collector/collector-overview) documentation.

In addition to Collectors, Nexthink administrators can configure Nexthink browser extensions to monitor the usage and performance of web-based applications and software as a service (SaaS). Nexthink browser extensions only inspect URLs.

For a full map of the data collected by Nexthink, refer to the [Data we collect and store](https://docs.nexthink.com/platform/understanding-key-data-platform-concepts/data-we-collect-and-store) and the [NQL data model](https://docs.nexthink.com/platform/understanding-key-data-platform-concepts/nql-data-model) documentation.

The table below highlights some of the main objects and events collected by Nexthink.

{% hint style="info" %}
Nexthink does not gather information about the content within files, emails, websites, or any other piece of content or application.
{% endhint %}

| Devices                                      | <ul><li>Software and hardware properties of devices</li><li>Events (boots, connections, crashes, etc.)</li><li>Performance (CPU and memory usage, etc.)</li></ul>                             |
| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Users and sessions                           | <ul><li>User properties (name, username, group, rights, etc.)</li><li>Session information</li><li>Events (login, logout, lock, unlock, connect, disconnect and network performance)</li></ul> |
| Binaries and execution events                | <ul><li>Software programs and updates installed</li><li>Executions</li><li>Performance (resource consumption, freezes, crashes, etc.)</li></ul>                                               |
| Applications (desktop and web)               | Usage and performance of configured applications. This applies to customers with the specific Nexthink product: Applications experience.                                                      |
| Surveys and survey answers                   | With campaigns, Nexthink users can create employee surveys and store the answers.                                                                                                             |
| Networking and connectivity of the endpoints | <ul><li>Local IP</li><li>IP of the DNS servers</li><li>IP of the gateway</li><li>VPN status</li><li>SSID of the WiFi network</li><li>BSSID of the access point</li></ul>                      |
| Zoom and Teams call data                     | <ul><li>Call participants</li><li>Call time</li><li>Call duration</li><li>Video and screen sharing activity</li></ul>                                                                         |

### User permissions <a href="#privacypolicyandsettings-userpermissionsuserpermissions" id="privacypolicyandsettings-userpermissionsuserpermissions"></a>

Nexthink users can see and manage content depending on their role and permissions. Consider the following when setting up user permissions for privacy control:

* During deployment, the system creates a Nexthink administrator as the admin account.
* The main administrator can create user accounts for other administrators who are allowed to manage other users and roles.
* Additional administrator accounts have access to all data.
* Non-admin users can access personal data according to their roles.

Refer to the [Accounts](https://docs.nexthink.com/platform/user-guide/administration/account-management/accounts) and [Roles](https://docs.nexthink.com/platform/user-guide/administration/account-management/roles) documentation.

#### **User access to your organizational data**

In addition to user permissions to manage content visibility, Nexthink provides a [single sign-on (SSO)](https://docs.nexthink.com/platform/user-guide/administration/account-management/single-sign-on) mechanism to facilitate user access to Nexthink through a single corporate login.

#### **Nexthink access to your organizational data**

Nexthink limits its access to your organizational data to specific individuals in accordance with data processing agreements, business needs and access controls.

Nexthink prevents unauthorized access by following a strict security protocol:

* The Nexthink data inventory documentation lists data attributes and collected items by category and marks them as *Personal data*.
* During periodic design reviews, the Nexthink Security and Privacy Committee sets requirements for storing and transmitting data, ensuring proper compartmentalization and access controls.
* Personal data always remains within the customer production instance unless exported by the customer.
* Nexthink grants access authorization to the platform and customer data separately.
  * Nexthink sets a request procedure to allow temporary access to specific resources in the AWS production environment for platform support or troubleshooting.
* Authorized Nexthink employees may access the customer production instance solely for support.
  * Nexthink manages the access to production data on Amazon Web Services (AWS) systems through AWS SSO connected to Nexthink Okta identity provider (IdP), which relies on role-based access control limited to authorized personnel.
  * CloudTrail logs data access at all times. Access to virtual machines uses the secure shell (SSH) protocol on top of AWS Systems Manager (SSM).

### Anonymization <a href="#privacypolicyandsettings-anonymization" id="privacypolicyandsettings-anonymization"></a>

Nexthink provides customizable data anonymization to specify the visibility of information according to [user permissions](#privacypolicyandsettings-userpermissionsuserpermissions).

* **Destinations and domains**: Set to **Hidden** to hide destinations and domains of connectivity events from the user.
* **Devices**: Set to **Hidden** to hide device names from the user.
* **Users**: Set to **Hidden** to hide user names from the user.

The table below lists the visible attributes of destinations, domains, devices, and users.

{% hint style="info" %}
Refer to the [Configuring Collector level anonymization](https://docs.nexthink.com/platform/configuring_nexthink/bringing-data-into-your-nexthink-instance/deploying-nexthink-in-non-vdi-environment/installing-collector/configuring-collector-level-anonymization) documentation for anonymization at Collector level.
{% endhint %}

<table data-full-width="false"><thead><tr><th>Data type</th><th>Attributes</th></tr></thead><tbody><tr><td><strong>Destinations</strong></td><td><p>Destination name</p><p>IP address</p><p>Nexthink UID</p><p>Destination owner</p><p>Destination Country</p><p>Destination datacenter_region</p><p>Destination Port</p><p>Destination ip_subnet</p></td></tr><tr><td><strong>Domains</strong></td><td><p>Domain name</p><p>Nexthink UID</p></td></tr><tr><td><strong>Devices</strong></td><td><p>Computer name</p><p>Windows SID</p><p>IP address</p><p>Nexthink UID</p></td></tr><tr><td><strong>Users</strong></td><td><p>Username</p><p>Distinguished Name</p><p>Full Name</p><p>Nexthink UID</p></td></tr></tbody></table>

### Hosting locations <a href="#privacypolicyandsettings-hostinglocations" id="privacypolicyandsettings-hostinglocations"></a>

Nexthink uses AWS hosting locations in Europe, United Kingdom, United States of America, United Arab Emirates, Switzerland, and Australia.

Customers can choose a single region to store their data.

### Data retention <a href="#privacypolicyandsettings-dataretention" id="privacypolicyandsettings-dataretention"></a>

Data retention periods vary according to the type of the data stored within the product. Refer to the [Data resolution and retention](https://docs.nexthink.com/platform/understanding-key-data-platform-concepts/data-resolution-and-retention) documentation.

#### **Data subject requests**

Nexthink includes [data management](https://docs.nexthink.com/platform/user-guide/administration/content-management/data-management) features that allow Nexthink administrators to execute requests of data subjects:

* **Data retention** timeframe for your Nexthink instance.
* **Data deletion** of a specific device and its associated data.
* **Data retrieval** of all the data associated with a specific user.
* **Data anonymization** at a storage level, not conditioned by the user permissions.

Nexthink deletes all customer and end-user personal data after the expiration or termination of the agreement.

In addition, a customer may also request Nexthink for a copy of the personal data. In that case, Nexthink provides a copy within 30 days from the date of the request.

#### **About data deletion**

Nexthink procedure to delete customer data removes the entire data-related infrastructure, including operating systems (virtual machines) and storage resources (virtual disks). Consider the following:

* Nexthink keeps the customer blob containing the backups for 90 days.
* The daily backup procedure automatically destroys expired backups older than 90 days.
* After 90 days, Nexthink permanently destroys the customer storage blob and the remaining backups (if any).

The Nexthink Site Reliability Engineering team can delete and destroy customer data before the scheduled date by receiving a written request from a customer delegate.

### Audit trails <a href="#privacypolicyandsettings-audittrails" id="privacypolicyandsettings-audittrails"></a>

Nexthink captures actions performed by users with administrator rights that may impact the system, but audit trails are not a logging facility. This means the system exclusively audits the action and who performs it without logging the values set by the users' actions.

Refer to the [Audit trail codes](https://docs.nexthink.com/platform/security/exporting-audit-logs) documentation for more information about audit logs.

#### **Data sent to Nexthink**

Nexthink collects non-personal data for Nexthink SA to provide value-added services to Nexthink customers.

Learn how to enable or disable these services to select which data you send to Nexthink in the article about [Operational Analytics Information sent to Nexthink](https://docs.nexthink.com/platform/references/operational-analytics-information-sent-to-nexthink).

### Certifications and security reports <a href="#privacypolicyandsettings-certificationsandsecurityreports" id="privacypolicyandsettings-certificationsandsecurityreports"></a>

Nexthink maintains a set of policies and standard operating procedures. A [certified](https://app.gitbook.com/s/a4qHY3uBZrY3fuoDVXTx/global-privacy-hub) *Security and Privacy management framework* in accordance with:

* ISO 27001
* ISO 27017
* ISO 27018 (“ISMS”)
* ISO 27701 (“PIMS”).

The implementation and efficiency of this *Security and Privacy management framework* is annually audited by reputable independent third-party experts.

In addition, Nexthink regularly undergoes external audits to receive updated **SOC 2 Type II** reports on two trust services principles: security and availability. The detailed reports are available upon request and under a non-disclosure agreement (NDA).

Refer to the [Information Security Addendum](https://app.gitbook.com/s/a4qHY3uBZrY3fuoDVXTx/services-terms/information-security-addendum) documentation for a detailed overview of the most important security measures.

Also, the [Global Privacy Hub](https://app.gitbook.com/s/a4qHY3uBZrY3fuoDVXTx/global-privacy-hub) documentation includes information about the Nexthink privacy program and an extensive FAQ section.