ScholarVault AIScholarVault AI
Back to homeLegal

Privacy Policy

Last updated:

ScholarVault AI Ltd ("NEXUS AI", "we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, disclose and protect personal data when you acquire a Technology Certificate, create a Vault, upload information, interact with our AI Assistant, or otherwise use our Services.

1. Introduction

NEXUS AI ("NEXUS AI", "we", "us", or "our") respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains how we collect, use, store, disclose and protect personal data when you acquire a Technology Certificate, create a Vault, upload information, interact with our AI Assistant, or otherwise use our Services.

NEXUS AI provides secure artificial intelligence infrastructure, encrypted Vault technology, Technology Certificates and related software services.

This Privacy Policy applies to all personal data processed by NEXUS AI in connection with the provision of its Services.

2. Data Protection Roles

2.1 NEXUS AI as Data Controller

NEXUS AI acts as a data controller in relation to:

  • User account administration;
  • Technology Certificate issuance and verification;
  • Vault administration;
  • Authentication and security monitoring;
  • Service operation and maintenance;
  • Customer support;
  • Compliance with legal obligations;
  • Fraud prevention and platform security.

2.2 Business Customers

Where NEXUS AI provides Services to business customers, NEXUS AI may act as a data processor under separate contractual arrangements where required by applicable law.

3. Categories of Personal Data Processed

NEXUS AI may process the following categories of personal data.

3.1 Account Information

  • Name
  • Username
  • Email address
  • Contact details
  • Account credentials.

3.2 Authentication Data

  • Technology Certificate identifiers;
  • Authentication records;
  • Two-factor authentication information;
  • Login activity.

3.3 Technical Data

  • IP address
  • Device identifiers
  • Browser type and version
  • Operating system
  • Session timestamps
  • Usage logs
  • Error reports

3.4 Vault Content

  • Documents uploaded by users
  • Identity documents
  • Financial records
  • Medical information
  • Legal documents
  • Personal notes
  • Files and data stored within a Vault.

3.5 AI Interaction Data

  • User prompts
  • AI-generated responses
  • Conversation history
  • Contextual information required to provide personalised AI functionality.

3.6 Communications

  • Customer support requests
  • Correspondence
  • Service-related communications.

4. Purposes of Processing

NEXUS AI processes personal data for the following purposes:

  1. Issuing and validating Technology Certificates
  2. Creating and maintaining Vaults
  3. Providing AI Assistant functionality
  4. Personalising AI responses based on Vault content
  5. Authenticating users
  6. Maintaining system security
  7. Detecting fraud and abuse
  8. Providing customer support
  9. Monitoring and improving Service performance
  10. Complying with legal obligations
  11. Enforcing contractual rights
  12. Responding to lawful requests from authorities.

NEXUS AI does not sell personal data.

NEXUS AI does not use personal data for behavioural advertising.

NEXUS AI does not provide personal data to third parties for marketing purposes.

5. Legal Bases for Processing

Where required under applicable law, NEXUS AI relies on one or more of the following legal bases:

5.1 Contractual Necessity

Processing necessary for:

  • Providing Services
  • Managing accounts
  • Operating Vaults
  • Delivering AI functionality.

5.2 Legitimate Interests

Processing necessary for:

  • Security monitoring
  • Fraud prevention
  • Service improvement
  • Infrastructure protection
  • Business administration.

5.3 Legal Obligations

Processing necessary for compliance with:

  • Applicable laws
  • Regulatory requirements
  • Court orders
  • Law enforcement requests.

5.4 Consent

Where required by law, NEXUS AI will obtain consent before processing personal data.

6. AI Services and Vault Content

Users may upload information and documents to their Vault.

Such information is processed solely for the purpose of providing AI Assistant functionality and associated Services.

Users remain solely responsible for:

  • The legality of uploaded content;
  • The accuracy of uploaded information;
  • Ensuring they have the right to upload such information.

NEXUS AI does not claim ownership of user-uploaded content.

Users grant NEXUS AI a limited licence to process such content solely for the purpose of providing the Services.

AI-generated responses may be inaccurate, incomplete or outdated.

AI outputs are provided for informational purposes only and do not constitute:

  • Legal advice
  • Financial advice
  • Medical advice
  • Tax advice
  • Professional advice of any kind.

Users should independently verify AI-generated outputs before relying on them.

7. Data Sharing

NEXUS AI may share personal data with:

  • Cloud hosting providers
  • Infrastructure providers
  • Cybersecurity service providers
  • Technical support providers
  • Professional advisers
  • Auditors
  • Regulators
  • Government authorities where legally required.

NEXUS AI does not sell personal data.

NEXUS AI does not disclose personal data for advertising purposes.

All third-party service providers are required to implement appropriate security measures.

8. International Transfers

Personal data may be transferred outside the European Economic Area (EEA) where necessary for hosting, support or operational purposes.

Where such transfers occur, NEXUS AI implements appropriate safeguards, including:

  • Standard Contractual Clauses;
  • Adequacy decisions;
  • Encryption measures;
  • Technical and organisational safeguards.

9. Data Retention

Personal data is retained only for as long as necessary to:

  • Provide the Services
  • Maintain Vault functionality
  • Fulfil contractual obligations
  • Comply with legal requirements
  • Resolve disputes
  • Protect legal rights.

Retention periods may vary depending on:

  • Regulatory obligations
  • Security requirements
  • User requests
  • Operational needs.

When personal data is no longer required, it is securely deleted or anonymised.

10. Security Measures

NEXUS AI implements appropriate technical and organisational measures designed to protect personal data.

Such measures include:

  • Encryption in transit
  • Encryption at rest
  • Multi-factor authentication
  • Access controls
  • Network security controls
  • Monitoring systems
  • Audit logging
  • Vulnerability testing
  • Incident response procedures.

While NEXUS AI takes reasonable steps to protect personal data, no method of transmission or storage can be guaranteed to be completely secure.

11. Your Rights

Subject to applicable law, you may have the following rights:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to object
  • Right to withdraw consent.

Requests may be submitted using the contact details provided on our website.

NEXUS AI may require verification of identity before responding to requests.

12. Automated Processing

NEXUS AI uses artificial intelligence systems to generate responses based on:

  • User prompts
  • Uploaded Vault content
  • Available contextual information.

NEXUS AI does not engage in automated decision-making that produces legal or similarly significant effects without appropriate safeguards.

13. Children's Privacy

The Services are not intended for individuals under the age of 18.

NEXUS AI does not knowingly collect personal data from children.

If we become aware that personal data has been collected from a child without appropriate authorisation, such data may be deleted.

14. Cookies and Similar Technologies

NEXUS AI may use cookies and similar technologies for:

  • Authentication;
  • Session management;
  • Security monitoring;
  • Service functionality;
  • Performance analysis.

Additional information may be provided in our Cookie Policy.

15. Complaints

If you believe your personal data has been processed unlawfully, you may:

  • Contact NEXUS AI;
  • Lodge a complaint with the relevant supervisory authority;
  • Contact your local data protection authority.

16. Changes to this Privacy Policy

NEXUS AI may amend this Privacy Policy from time to time.

Updated versions will be published on our website and Platform.

Continued use of the Services following publication constitutes acceptance of the revised Privacy Policy.

17. Contact Information

For privacy-related enquiries, requests or complaints, please contact NEXUS AI using the contact details published on our website, or email privacy@scholarvault.tech.

18. Clarification of Service Nature

For the avoidance of doubt, NEXUS AI:

  • Provides software services
  • Provides encrypted Vault technology
  • Provides AI assistant functionality
  • Issues Technology Certificates
  • Operates secure digital infrastructure.

NEXUS AI does not:

  • Provide banking services
  • Provide payment services
  • Provide investment services
  • Issue e-money
  • Provide legal advice
  • Provide medical advice
  • Provide financial advice
  • Act as a regulated financial intermediary.

Personal data processing by NEXUS AI is limited to the operation and provision of its software and AI infrastructure services.

Privacy Policy — NEXUS AI · ScholarVault AI