GDPR Privacy Policy – NEXML

This Privacy Policy describes how NEXML complies with Regulation (EU) 2016/679 (GDPR) and Law no. 190/2018 regarding the protection of personal data.

1. Data controller

2. Scope of application

This policy applies to both the NEXML web version and the desktop version (.exe).

3. Desktop version (.exe) – data processing

The NEXML application runs locally on the user’s computer, including in offline mode.

  • Does not transmit data to external servers
  • Does not use third-party APIs
  • All files and data remain exclusively on the user’s device
  • The controller has NO access to user data

According to Art. 2 para. (2) GDPR, data processed locally remains under the exclusive control of the user.

4. Web version – collected data

The web version collects exclusively anonymous statistical data, without personal data:

  • number of visits
  • number of uploaded and analyzed files

Not collected: IP address, email, name, accounts, unique identifiers.

5. Legal basis

  • Art. 6 para. (1) lit. f) GDPR – legitimate interest (platform security and operation)
  • Art. 6 para. (1) lit. a) GDPR – consent (non-essential cookies)

6. AI / Machine Learning data

NEXML uses AI algorithms that process files strictly locally (desktop version) or temporarily (web version), without storing or reusing user data.

7. Rights of data subjects

In accordance with Art. 15–22 GDPR: right of access, rectification, erasure, restriction of processing, data portability, and objection.

8. Data security

Art. 32 GDPR – appropriate technical and organizational measures are implemented to protect data.

9. International data transfers

NEXML does not transfer data outside the European Union.

10. Supervisory authority

ANSPDCP – National Supervisory Authority for Personal Data Processing.