Privacy Policy

Effective date: March 3, 2026
Website: nexeris.us

This Privacy Policy explains how Nexeris (“Nexeris,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal information when you visit our website, interact with our content, or engage our cybersecurity and compliance consulting services.

If you have questions, contact us at info@nexeris.us (recommended) or via the contact methods listed on our website.

1) Scope

This Privacy Policy applies to personal information collected through:

Our website (including forms, scheduling links, gated resources, webinars, and newsletters)
Sales and marketing communications
Client onboarding and delivery of consulting services
Events, webinars, and training (live or on-demand)

This Privacy Policy does not apply to third-party websites or services that may be linked from our site.

2) Information We Collect

We collect information you provide, information collected automatically, and information we may receive from third parties.

A. Information you provide to us

Depending on how you interact with Nexeris, we may collect:

Contact information: name, email address, phone number, job title, company name
Inquiry details: message content, project requirements, compliance goals (e.g., CMMC, DFARS, NIST SP 800-171, ISO), preferred timelines
Scheduling and event information: meeting requests, webinar registrations, attendance details
Business-related information: organization size, industry, procurement/compliance needs, and other information you choose to share
Client service information (if you become a client): contract and billing contacts, project communications, deliverables-related information

Important: Nexeris does not intentionally request or need Controlled Unclassified Information (CUI) or other sensitive government data through the public website. Please do not submit sensitive information through general web forms unless we have explicitly provided a secure method.

B. Information collected automatically (website usage)

When you visit nexeris.us, we (and our service providers) may automatically collect:

Device and connection data: IP address, browser type, operating system, device identifiers
Usage data: pages viewed, time spent, referring/exit pages, clicks and interactions
Approximate location data: derived from IP address (e.g., city/state level)

We may use cookies and similar technologies as described below.

C. Information from third parties

We may receive information from:

Analytics and advertising partners (if used): aggregated engagement metrics, campaign performance
Event/webinar platforms (if used): registration and attendance information
Business sources: referrals, resellers/partners, or publicly available professional information (e.g., business contact details)

3) How We Use Personal Information

We use personal information to:

Provide and operate the website and its features
Respond to inquiries and communicate about Nexeris services
Deliver consulting services, including project administration, client support, and audit-readiness work
Send operational communications (e.g., meeting confirmations, resource delivery emails)
Send marketing communications (e.g., newsletters, webinars, service updates) where permitted
Improve our content and offerings, including website performance and resource usefulness
Maintain security and prevent fraud, abuse, or misuse
Comply with legal obligations and enforce agreements

4) Cookies, Analytics, and Similar Technologies

We may use cookies, pixels, SDKs, and similar technologies to:

Remember preferences
Understand website performance and user engagement
Measure marketing effectiveness

You can control cookies through your browser settings and, where applicable, any cookie banner or preference center implemented on the site. Blocking some cookies may impact site functionality.

5) How We Share Personal Information

We may share personal information in the following circumstances:

A. Service providers

We may share information with vendors that help us operate (for example):

Website hosting and infrastructure
Analytics providers
Email and communications tools
CRM and customer support systems
Scheduling, webinar, and event platforms
Payment and invoicing providers (if applicable)

These providers are permitted to process personal information only to provide services to Nexeris.

B. Business transfers

If Nexeris is involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be disclosed as part of that transaction.

C. Legal and safety

We may disclose information if we believe it is necessary to:

Comply with law, regulation, or legal process
Protect the rights, safety, and security of Nexeris, our clients, or others
Investigate and prevent fraud or misuse

D. With your direction

We may share information when you ask us to (for example, introducing you to a C3PAO or other partner at your request).

We do not sell your personal information in the conventional sense. If applicable law defines certain data sharing (e.g., via some ad technologies) as a “sale” or “sharing,” we will honor opt-out rights where required.

6) Data Retention

We retain personal information for as long as reasonably necessary to:

Provide the website and services
Maintain business records
Comply with legal, tax, and contractual obligations
Resolve disputes and enforce agreements

Retention periods vary depending on the nature of the information and why it was collected.

7) Data Security

We implement administrative, technical, and physical safeguards designed to protect personal information. However, no system can be guaranteed to be 100% secure. You are responsible for using secure communications methods when transmitting sensitive information.

8) Your Choices and Rights

Depending on where you live, you may have rights to:

Request access to personal information we hold about you
Request correction or deletion
Object to or restrict certain processing
Request portability (in some jurisdictions)
Opt out of certain marketing communications

Marketing choices

You can opt out of marketing emails by using the unsubscribe link in those emails. Even if you opt out, we may still send non-marketing operational communications (e.g., scheduling confirmations).

To submit a privacy request, contact info@nexeris.us.

9) U.S. State Privacy Disclosures (including California)

If you are a resident of a U.S. state with a comprehensive privacy law (such as California, Colorado, Connecticut, Utah, Virginia, and others), you may have additional rights.

Categories of personal information (examples)

We may collect the following categories (as defined by some state laws):

Identifiers (name, email, IP address)
Internet or network activity (usage data)
Professional or employment-related information (title, company)
Inferences (e.g., interest in specific compliance services)

Purposes

We use these categories for the purposes described in Section 3.

“Sensitive personal information”

We do not intentionally collect sensitive personal information through the website. If you provide it to us, we will handle it consistent with this Privacy Policy and applicable law.

Exercising rights

Email info@nexeris.us. We may need to verify your request. You may also designate an authorized agent where required by law.

10) Children’s Privacy

Our website and services are intended for business audiences and are not directed to children under 13. We do not knowingly collect personal information from children under 13.

11) International Visitors

Nexeris is U.S.-based. If you access the website from outside the United States, your information may be processed and stored in the United States or other locations where we or our service providers operate.

12) Third-Party Links

Our website may contain links to third-party websites or services. Their privacy practices are governed by their own policies, not this one.

13) Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The “Effective date” at the top indicates when it was last revised. Material changes will be posted on this page.

14) Contact Us

Nexeris
Email: info@nexeris.us

For additional contact details, see the “Contact” page on nexeris.us.

Solutions

DFARS 7012 mandates specific cybersecurity standards and incident reporting procedures for defense contractors who handle Covered Defense Information (CDI).

Supply chain risk in the defense industrial base (DIB) refers to the potential for disruptions, compromises, or unauthorized access to your information and systems stemming.

Data theft and espionage targeting defense contractors can take many forms, each with potentially devastating consequences.

CMMC aims to enhance the protection of Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) within the defense supply chain.

Your network serves as the backbone for all communication and data flow. Every device acts as a potential gateway to your sensitive information.

Migrating to the cloud introduces a shared responsibility model, where you remain accountable for securing your data and configurations within the provider’s infrastructure.

Resources

Free Templates

Webinars

Case Studies