Privacy Policy

1. Who we are

Nexura is a product of Design Castle AB, a company registered in Sweden (the “Company,” “we,” “us”). For privacy matters we act as the data controller for personal data processed through this website. You can reach us at [email protected].

2. What we collect

• Information you provide. Name, work email, company, role, phone number, and any message you submit through our demo or contact forms.
• Usage and device data. Pages viewed, referrer, approximate location (from IP), browser, device type, and timestamps — collected via cookies and similar technologies.
• Communications. Records of emails, calls, or meetings related to your inquiry.

3. How we use it

• Respond to demo requests and sales inquiries.
• Operate, secure, and improve the website and our services.
• Send service-related communications and, where permitted, product updates you can unsubscribe from at any time.
• Comply with legal obligations and enforce our agreements.

4. Lawful bases (GDPR)

We process personal data on the following lawful bases under the EU GDPR: (a) your consent, e.g. for non-essential cookies and marketing emails; (b) performance of a contract or steps prior to entering one, e.g. handling demo requests; (c) our legitimate interests in operating, securing, and improving our services, balanced against your rights; and (d) compliance with legal obligations.

5. Cookies and analytics

We use a small number of cookies that are strictly necessary for the site to function, and Google Analytics 4 to understand aggregate usage. Analytics cookies are only set where consent is required and granted. You can disable cookies in your browser at any time; some features may stop working as a result.

6. Sharing and processors

We do not sell personal data. We share it only with vetted service providers who process it on our behalf — including hosting, email, CRM, and analytics vendors — under written data processing terms. We may also disclose data when required by law, to protect our rights, or in connection with a corporate transaction.

7. International transfers

Some of our processors are located outside the EEA. Where that is the case, we rely on appropriate safeguards such as the EU Standard Contractual Clauses to protect your data.

8. Retention

We keep personal data only for as long as needed for the purposes described above, to comply with legal obligations, or to resolve disputes. Inquiry and demo records are typically retained for up to 24 months from last contact unless a longer period is required.

9. Your rights

Subject to applicable law, you have the right to access, rectify, erase, restrict, or object to processing of your personal data, and to data portability. Where we rely on consent, you can withdraw it at any time. To exercise any of these rights, email [email protected]. You may also lodge a complaint with the Swedish Authority for Privacy Protection (IMY) or your local supervisory authority.

10. Security

We use technical and organisational measures appropriate to the risk, including encryption in transit, access controls, and audit logging. No method of transmission or storage is fully secure; we will notify affected users and authorities as required if a breach occurs.

11. Children

The website is intended for business users and is not directed to children under 16. We do not knowingly collect personal data from children.

12. Changes to this policy

We may update this policy from time to time. The “Effective” date above will reflect the most recent revision. Material changes will be highlighted on this page.

13. Contact

Questions about this policy or our data practices? Email [email protected] or use our contact form.