Privacy policy and settings
This page provides the technical framework for configuring Nexthink privacy settings to collect, manage, access, and store data following compliance and security requirements within of your organization.
Infinity privacy settings
The following tables summarize the possible privacy configurations for Nexthink Infinity platform and Collector, along with their corresponding procedures and descriptions.
Go to the Infinity privacy policy section on this page for in-depth technical details about data privacy.
Refer to the Establishing a privacy policy documentation for privacy settings that apply to Nexthink V6 (on-premise) and Nexthink Experience.
Collector default configuration for data collection
Username and User Principal Name (UPN)
By default, Collector reports the username in a human-readable format. You can configure Collector to only report a hash of the username.
Also, by default, Nexthink does not collect user principal name (UPN) information.
Focus time
By default, execution events do not contain information about how long the application is in focus.
You can enable the tracking of the focus time.
User Activity
By default, Collector reports how much time the user spends actively using the device.
You may configure Collector to disable reporting user activity time.
Wi-Fi network (SSID and BSSID)
By default, Collector does not gather the SSIDs and BSSIDs of the WiFi hotspots connected to the device.
Domain name
By default, Collector does not report domain names for network connections.
Network connections
By default, Collector gathers network connections for all binaries including destination attributes and connection metrics.
Infinity platform privacy configuration options
Data management
Nexthink enables customers to anonymize and delete already collected user and device names.
Specific fields are encrypted at rest in AWS using an AES-256 key encryption.
Nexthink provides a second layer of encryption using a unique key.
Web Application
If the Nexthink browser extension is installed, usage data is collected by default. You can disable this option.
Additionally, the Extension gathers more data such as web-based application URLs, if configured.
Device Location, Geolocation and Organization
By default, Nexthink determines whether a device connection is remote or on-site within your organization. Simillarly, the system defines the geographical location of a device based on its public IP address.
Nexthink includes a rule-based assignment process to dynamically reassign the organization entities of devices, allowing setting proper View domain configurations.
View domain
Enforces compliance rules so that access to data is on a need-to-know basis.
User permissions
Nexthink provides four levels of data privacy that specify the access rights and visibility of each user account to particular pieces of information.
Single sign-on (SSO)
Single sign-on integration to facilitate user access to Nexthink through a single corporate login.
Collect URLs
By default, the system does not store URLs. If enabled, Nexthink sanitizes all collected URLs to conceal sensitive information.
Web Usage Time
By default, Nexthink collects the web usage time if a Web application is defined.
Infinity privacy policy
Find below the pillars that build the Nexthink Infinity privacy policy:
Data encryption
Data collection
User permissions
Anonymization
Hosting locations
Data retention
Audit trails
Certifications and security reports
Data encryption
Nexthink encrypts the transmission of sensitive information using protocols. The table below describes the encrypted communication channels between components.
Collector
<-->
Nexthink web interface
TCP encrypted
API (optional channel)
<-->
Nexthink web interface
REST HTTPS
SSO integration (optional channel)
<-->
Nexthink web interface
SAML (HTTPS)
In addition, Nexthink encrypts stored data by encoding it on disk. Each organization or customer has a unique key that prevents unauthorized access to data.
The Bring your own key (BYOK) encryption model allows you to manage your own unique encryption key, if required.
Data collection
Each endpoint communicates with a web instance provided and operated by Nexthink. Collectors installed on employee devices report events and metrics by:
Gathering hardware and software information.
Monitoring system activities and device properties.
In turn, authorized users can operate the Nexthink web interface to apply fixes to employee devices. Refer to the Collector overview documentation.
In addition to Collectors, Nexthink administrators can configure Nexthink browser extensions to monitor the usage and performance of web-based applications and software as a service (SaaS). Nexthink browser extensions only inspect URLs.
For a full map of the data collected by Nexthink, refer to the Data we collect and store and the NQL data model documentation.
The table below highlights some of the main objects and events collected by Nexthink.
Nexthink does not gather information about the content within files, emails, websites, or any other piece of content or application.
Devices
Software and hardware properties of devices
Events (boots, connections, crashes, etc.)
Performance (CPU and memory usage, etc.)
Users and sessions
User properties (name, username, group, rights, etc.)
Session information
Events (login, logout, lock, unlock, connect, disconnect and network performance)
Binaries and execution events
Software programs and updates installed
Executions
Performance (resource consumption, freezes, crashes, etc.)
Applications (desktop and web)
Usage and performance of configured applications. This applies to customers with the specific Nexthink product: Applications experience.
Surveys and survey answers
With campaigns, Nexthink users can create employee surveys and store the answers.
Networking and connectivity of the endpoints
Local IP
IP of the DNS servers
IP of the gateway
VPN status
SSID of the WiFi network
BSSID of the access point
Zoom and Teams call data
Call participants
Call time
Call duration
Video and screen sharing activity
User permissions
Nexthink users can see and manage content depending on their role and permissions. Consider the following when setting up user permissions for privacy control:
During deployment, the system creates a Nexthink administrator as the admin account.
The main administrator can create user accounts for other administrators who are allowed to manage other users and roles.
Additional administrator accounts have access to all data.
Non-admin users can access personal data according to their roles.
Refer to the Accounts and Roles documentation.
User access to your organizational data
In addition to user permissions to manage content visibility, Nexthink provides a single sign-on (SSO) mechanism to facilitate user access to Nexthink through a single corporate login.
Nexthink access to your organizational data
Nexthink limits its access to your organizational data to specific individuals in accordance with data processing agreements, business needs and access controls.
Nexthink prevents unauthorized access by following a strict security protocol:
The Nexthink data inventory documentation lists data attributes and collected items by category and marks them as Personal data.
During periodic design reviews, the Nexthink Security and Privacy Committee sets requirements for storing and transmitting data, ensuring proper compartmentalization and access controls.
Personal data always remains within the customer production instance unless exported by the customer.
Nexthink grants access authorization to the platform and customer data separately.
Nexthink sets a request procedure to allow temporary access to specific resources in the AWS production environment for platform support or troubleshooting.
Authorized Nexthink employees may access the customer production instance solely for support.
Nexthink manages the access to production data on Amazon Web Services (AWS) systems through AWS SSO connected to Nexthink Okta identity provider (IdP), which relies on role-based access control limited to authorized personnel.
CloudTrail logs data access at all times. Access to virtual machines uses the secure shell (SSH) protocol on top of AWS Systems Manager (SSM).
Anonymization
Nexthink provides customizable data anonymization to specify the visibility of information according to user permissions.
Destinations and domains: Set to Hidden to hide destinations and domains of connectivity events from the user.
Devices: Set to Hidden to hide device names from the user.
Users: Set to Hidden to hide user names from the user.
The table below lists the visible attributes of destinations, domains, devices, and users.
Refer to the Configuring Collector level anonymization documentation for anonymization at Collector level.
Destinations
Destination name
IP address
Nexthink UID
Destination owner
Destination Country
Destination datacenter_region
Destination Port
Destination ip_subnet
Domains
Domain name
Nexthink UID
Devices
Computer name
Windows SID
IP address
Nexthink UID
Users
Username
Distinguished Name
Full Name
Nexthink UID
Hosting locations
Nexthink uses AWS hosting locations in Europe, United Kingdom, United States of America, United Arab Emirates, Switzerland, and Australia.
Customers can choose a single region to store their data.
Data retention
Data retention periods vary according to the type of the data stored within the product. Refer to the Data resolution and retention documentation.
Data subject requests
Nexthink includes data management and GDPR features that allow Nexthink administrators to execute requests of data subjects:
Data retention timeframe for your Nexthink instance.
Data deletion of a specific device and its associated data.
Data retrieval of all the data associated with a specific user.
Data anonymization at a storage level, not conditioned by the user permissions.
Nexthink deletes all customer and end-user personal data after the expiration or termination of the agreement.
In addition, a customer may also request Nexthink for a copy of the personal data. In that case, Nexthink provides a copy within 30 days from the date of the request.
About data deletion
Nexthink procedure to delete customer data removes the entire data-related infrastructure, including operating systems (virtual machines) and storage resources (virtual disks). Consider the following:
Nexthink keeps the customer blob containing the backups for 90 days.
The daily backup procedure automatically destroys expired backups older than 90 days.
After 90 days, Nexthink permanently destroys the customer storage blob and the remaining backups (if any).
The Nexthink Site Reliability Engineering team can delete and destroy customer data before the scheduled date by receiving a written request from a customer delegate.
Audit trails
Nexthink captures actions performed by users with administrator rights that may impact the system, but audit trails are not a logging facility. This means the system exclusively audits the action and who performs it without logging the values set by the users' actions.
Refer to the Audit trail codes documentation for more information about audit logs.
Data sent to Nexthink
Nexthink collects non-personal data for Nexthink SA to provide value-added services to Nexthink customers.
Learn how to enable or disable these services to select which data you send to Nexthink in the article about Operational Analytics Information sent to Nexthink.
Certifications and security reports
ISO 27001
ISO 27017
ISO 27018 (“ISMS”)
ISO 27701 (“PIMS”).
The implementation and efficiency of this Security and Privacy management framework is annually audited by reputable independent third-party experts.
In addition, Nexthink regularly undergoes external audits to receive updated SOC 2 Type II reports on two trust services principles: security and availability. The detailed reports are available upon request and under a non-disclosure agreement (NDA).
Last updated