GDPR Notice

Privacy Policy

Last updated: 5 June 2026

This policy explains how we process the personal data you submit through the contact form on nextlayersec.tech, in accordance with the GDPR (EU 2016/679).

1. Data controller

The controller of your personal data is NextLayer Security. For any matter concerning your personal data — including exercising the rights described below — contact us at: hello@nextlayersec.tech.

2. What data we collect

Through the contact form we collect only the data you provide voluntarily:

  • name (or company name) — so we know how to address you,
  • email address — so we can reply,
  • message content — a description of your enquiry.

3. Purpose and legal basis

We process your data to respond to the enquiry sent via the form. The legal basis is:

  • Art. 6(1)(a) GDPR — your consent, given by ticking the checkbox when submitting the form,
  • Art. 6(1)(f) GDPR — our legitimate interest in handling correspondence and business contact.

4. Recipients and processors

To deliver email we use Resend (Resend, Inc.), which relies on Amazon SES infrastructure. This means your data may be transferred outside the European Economic Area (USA). Such transfer is based on Standard Contractual Clauses approved by the European Commission. We do not sell or share your data with third parties for marketing purposes.

5. Retention period

We keep your data for as long as necessary to handle your enquiry and any follow-up correspondence, no longer than 12 months from the last contact, or until you withdraw consent. After that, the data is deleted.

6. Your rights

In relation to the processing of your data you have the right to:

  • access your data and obtain a copy,
  • rectify (correct) your data,
  • erase your data (the right to be forgotten),
  • restrict processing,
  • data portability,
  • object to processing,
  • withdraw consent at any time (without affecting the lawfulness of processing before withdrawal),
  • lodge a complaint with the President of the Personal Data Protection Office (PUODO), ul. Stawki 2, 00-193 Warsaw, Poland.

7. Is providing data mandatory

Providing your data is voluntary but necessary to respond to your enquiry. Without your email address we cannot reply to you.

8. Automated decisions and profiling

Your data is not used for automated decision-making or profiling.

9. Cookies

The site uses only essential cookies, including one that remembers your language choice. We do not use marketing or tracking cookies without your consent.

10. Changes to this policy

We reserve the right to update this policy. The current version is always available at this address, and the date of the last change is shown at the top of the page.

Back to home