Privacy Policy

1. Introduction

NexGuide.AI, operated by Caio Augusto Tkalec ("we," "us," or "our"), is committed to protecting your privacy and personal information in accordance with the Privacy Act 2020 (New Zealand) and the General Data Protection Regulation (GDPR) where applicable.

This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our website or use our services.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

• Contact Information: Name, email address, phone number, company name, job title
• Professional Information: Industry, organization type, technology challenges, strategic objectives
• Communication Records: Consultation notes, email correspondence, project documentation
• Website Usage: IP address, browser type, pages visited, time spent on site
• Payment Information: Billing address, payment method details (processed securely by third parties)

2.2 How We Collect Information

• Directly from you when you contact us, book consultations, or engage our services
• Through our website using cookies and similar technologies
• During service delivery and client communications
• From publicly available sources for business development purposes

3. Legal Basis for Processing (GDPR)

Where GDPR applies, we process your personal information based on:

• Consent: For marketing communications and website analytics
• Contract: To provide advisory services you've requested
• Legitimate Interests: For business operations, improvement of services, and direct marketing to existing clients
• Legal Obligation: For compliance with tax and legal requirements

4. How We Use Your Information

4.1 Primary Purposes

• Providing strategic advisory services and consultations
• Communicating about your projects and service delivery
• Processing payments and maintaining financial records
• Improving our services and website functionality
• Complying with legal and regulatory requirements

4.2 Marketing Communications

With your consent, we may send you:

• Industry insights and thought leadership content
• Information about new services
• Invitations to webinars or events

You can opt out of marketing communications at any time by clicking unsubscribe or contacting us directly.

5. Information Sharing and Disclosure

5.1 We Do Not Sell Personal Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

5.2 Limited Sharing

We may share your information with:

• Service Providers: Cloud hosting, payment processing, email services (under strict confidentiality agreements)
• Professional Advisors: Legal, accounting, or other professional services
• Legal Requirements: When required by law, court order, or regulatory authority
• Business Transfer: In the event of a merger, acquisition, or sale of business assets

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

• Encrypted data transmission (SSL/TLS)
• Secure cloud storage with access controls
• Regular security assessments and updates
• Staff training on data protection practices
• Incident response procedures

7. Data Retention

We retain personal information for as long as necessary to:

• Provide ongoing services
• Comply with legal and regulatory requirements
• Resolve disputes and enforce agreements

7.1 Retention Periods

• Client Records: 7 years after service completion (tax requirements)
• Marketing Communications: Until you unsubscribe or 3 years of inactivity
• Website Analytics: 26 months maximum
• Financial Records: 7 years (legal requirement)

8. Your Rights

8.1 Under New Zealand Privacy Act 2020

• Access: Request access to your personal information
• Correction: Request correction of inaccurate information
• Complaint: Lodge complaints with us or the Privacy Commissioner

8.2 Under GDPR (if applicable)

You also have rights to:

• Erasure: Request deletion of your personal information
• Portability: Receive your data in a portable format
• Restriction: Limit how we process your information
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Where processing is based on consent

9. Cookies and Website Analytics

9.1 Types of Cookies

• Essential Cookies: Required for website functionality
• Analytics Cookies: Help us understand how visitors use our site
• Marketing Cookies: Used to show relevant advertisements (with consent)

9.2 Managing Cookies

You can control cookies through:

• Our cookie consent banner
• Browser settings
• Opting out of analytics services

10. International Data Transfers

Your information may be processed in countries outside New Zealand, including:

• United States (cloud hosting services)
• Australia (related business operations)

We ensure appropriate safeguards are in place for international transfers, including adequacy decisions and standard contractual clauses.

11. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children under 16.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Significant changes will be notified through:

• Website notice
• Email notification
• Updated "Effective Date" at the top of this policy

13. Contact Information

For privacy-related questions, concerns, or to exercise your rights:

13.1 Complaints

If you have a privacy complaint, please contact us first. If you're not satisfied with our response, you can contact:

14. Data Processing Summary