Privacy Policy

Last updated: January 2026

Nxtlab (“we”, “us”, or “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or engage with our services.

1. Who We Are

Nxtlab is a cloud engineering and DevOps agency based in London, United Kingdom.

For data protection law, Nxtlab is the data controller.

2. What Data We Collect

We may collect and process the following types of personal data:

a) Information You Provide to Us

  • Name

  • Email address

  • Company name

  • Job title

  • Any information you submit via contact forms, email, or enquiries

b) Technical and Usage Data

  • IP address

  • Browser type and version

  • Operating system

  • Pages visited and time spent on our website

  • Referring URLs

This data is collected through cookies and similar technologies.

3. How We Use Your Data

We use your personal data to:

  • Respond to enquiries and communicate with you

  • Provide and improve our services

  • Manage client relationships and contracts

  • Monitor and improve website performance and security

  • Comply with legal or regulatory obligations

We will only use your data where we have a lawful basis to do so.

4. Lawful Basis for Processing

Under UK GDPR, we rely on the following lawful bases:

  • Consent – where you have explicitly agreed (e.g. submitting a contact form)

  • Contract – where processing is necessary to deliver services

  • Legitimate interests – to operate, maintain, and improve our business

  • Legal obligation – where required by law

5. How We Share Your Data

We do not sell your personal data.

We may share your data only with:

  • Trusted service providers (e.g. hosting, analytics, email services)

  • Professional advisers (legal, accounting)

  • Authorities or regulators where legally required

All third parties are required to respect the security of your data and process it in accordance with the law.

6. International Data Transfers

Some of our service providers may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as:

  • Adequacy regulations

  • Standard contractual clauses

7. Data Security

We take appropriate technical and organisational measures to protect your personal data, including:

  • Secure cloud infrastructure

  • Access controls

  • Encryption where appropriate

Despite our efforts, no method of transmission over the internet is completely secure.

8. Data Retention

We retain personal data only for as long as necessary:

  • To fulfil the purposes outlined in this policy

  • To comply with legal, accounting, or reporting requirements

When data is no longer required, it is securely deleted or anonymised.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request erasure of your data

  • Object to or restrict processing

  • Request data portability

  • Withdraw consent at any time

To exercise your rights, contact us at privacy@nxtlabco.uk.

10. Cookies

Our website uses cookies to improve functionality and analyse usage. You can control cookies through your browser settings. For more information, please see our Cookie Policy (if applicable).

11. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page, and the “last updated” date will be revised accordingly.

13. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact:

Email: privacy@nxtlabco.uk