Nexus sees the EU's general data protection regulation (GDPR) as an important step forward in streamlining and unifying data protection requirements across the EU. We also see it as a great opportunity for us to strengthen our clear commitment to data protection principles and practices. It is as well fully in line with our recent ISO 27001 certification in Sweden.
Therefore, we have gathered some frequently asked questions regarding Nexus GO Cards and GDPR. See also GDPR statements.
What kind of personal data does Nexus GO Cards manage and store?
Nexus stores the information our customers need for their ID cards and access cards; the cards we encode, design and produce on behalf of the customer. It may be personal data such as name, social security number, and photos. Nexus also stores the user information of the orderer.
Why is personal data stored for Nexus GO Cards?
Nexus’ customers continually order cards for their businesses, and they want to be able to view their order history. They want to follow which cards that have been produced and when. All Nexus' handling of personal data and card data is strictly confidential and with high data security. We collect only the information that our customers request.
Who determines how long Nexus stores personal data for Nexus GO Cards?
The customer decides whether personal data is deleted immediately after a card has been produced and delivered or if the data is to be stored for some time. The customer can also remove personal data from their order history in Nexus order portal, provided that the order is produced and invoiced.
How do I block a card in Nexus GO Cards?
A card is always blocked in the systems in which it is used, such as an access control system, a card reader, etc. The blocking is made at the customer’s premises and by the customer (who is the one who manages and owns the rights to their respective systems).
Can anyone order ID cards or access cards in your order portal?
To gain access to the Nexus order portal, you and your company need to be a Nexus GO customer. Then we together define the right people and right permissions to be linked to each client account with a secure authentication method. Nexus uses 2FA (two-factor authentication) for our services and we recommend our customers to apply it.
To become a Nexus GO customer is very easy, see here for more information.
How long is a blocked card saved in the order portal?
Blocked cards that have not changed status are deleted after 90 days.
How are client files on the FTP server deleted in Nexus GO Cards?
Client files on the FTP server are handled by the customer and can be deleted after use and when needed.
Does Nexus GO Cards have an agreement for managing GDPR (data processing agreement)?