Effective Date: Jun 24, 2026
Version: 1.0 (Production Release)
This Privacy Policy governs the data processing practices of the Nexus Management System (“the Software”), an enterprise management platform. This policy is specifically intended for the administrative organization (“the Client”) utilizing the Software to manage their daily operations and personnel.
Currently, the Software is owned, operated, and maintained by an independent developer (“the Developer”). This policy outlines the strict technical safeguards, data routing architectures, and API protocols implemented by the Developer to ensure the Client’s data integrity, sovereignty, and privacy.
Nexus respects your privacy and is committed to protecting your organizational data. All data accessed via your Google account is used strictly to provide the application’s core organizational functionality. We do not share, transfer, sell, or disclose your personal information or Google user data to any third-party companies, advertisers, brokers, or external entities. To facilitate synchronization, cloud backups, and multi-user collaboration, certain operational data (such as internal event records, organization data, and necessary Google object identifiers like eventIDs, fileIDs, or formIDs) are securely transmitted to and stored on our protected virtual private servers (Nexus Cloud infrastructure). This data remains strictly within the secure Nexus ecosystem, is accessible only to authorized administrators within your organization, and is never sold, traded, or monetized. Authorized organization administrators retain the full right to export their data as reports at their own discretion.
Our use and transfer of information received from Google APIs to any other app will strictly adhere to the Google API Services User Data Policy, including the Limited Use requirements.
The Software requests the following scopes to facilitate specific automated workflows:
drive.file): Utilized to programmatically create the “Nexus System” folder structure and securely store related operational files. The Software only accesses and manages files it generates; it does not read, modify, or delete unrelated private files within the Client’s Google Drive.calendar): Utilized to synchronize the Client’s workspace by updating the calendar name to match the organization, scheduling internal events, and automatically dispatching event invitations to newly registered members.forms.body): Utilized to dynamically create, update, and manage member registration forms, and to securely read submitted form data back into Nexus’ Pending Registrations section.gmail.send): Utilized exclusively for outbound automated communications. This includes dispatching welcome messages to newly approved organizational members, as well as allowing system administrators to send automated diagnostic reports to the Developer for support purposes. It does not read, monitor, or modify the Client’s inbox.To maximize data sovereignty and accommodate varying security requirements, the Software operates under two distinct hosting modalities. The handling of personally identifiable information (PII) depends entirely on the modality selected by the Client:
eventIDs or fileIDs) is synchronized with your chosen database modality to allow the Software to link local records to Google objects.In accordance with the Protection of Personal Information Act (POPIA) of South Africa, the Software is engineered around the principles of privacy by design. Legal responsibilities are strictly delineated based on the Client’s chosen hosting modality:
settings.json manifest on the Client’s authorized hardware. Only operational metadata necessary for cross-device synchronization (e.g., individual event or file reference IDs) is transmitted to the database.To protect the Client’s data against unauthorized access, alteration, or destruction, the Developer implements the following technical safeguards:
settings.json file are visually masked within the user interface to prevent “shoulder-surfing” and unauthorized physical exposure.Upon termination of the service agreement or uninstallation of the Software, data retention and retrieval responsibilities are determined by the Client’s selected hosting modality:
As the Nexus Management System continues to evolve, this Privacy Policy may be updated to reflect architectural enhancements, changes in South African regulatory requirements, or the formal incorporation of the Developer into a registered corporate entity (e.g., a Pty Ltd).
When significant modifications to data processing protocols occur, the Developer will provide reasonable notice to the Client’s administrators via the Software’s internal notification system or the administrative email address on file.
For technical inquiries, bug reporting, POPIA compliance questions, or concerns regarding data processing, please contact the Developer directly at: skandiworker@gmail.com