This Privacy Policy describes how Nexus Saas Ltd (“Company,” “we,” “us”) processes information in connection with the Kerolox Postmaster Reports web application at kerolox.com (the “Service”). By using the Service, you agree to this Policy and represent you have authority to provide any data you submit.
1) Controller & Contact
Controller: Nexus Saas Ltd, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ.
Contact: [email protected]
2) Categories of Data We Process
- Account & Contact Data (e.g., name, email, identifiers you provide or authorize).
- Service Data (e.g., content/metadata you submit or connect, domains, deliverability metrics, configuration).
- Usage & Technical Data (e.g., logs, IP, device/browser, timestamps, cookies/local storage).
- Third-Party Data from services you connect (identity providers, analytics, email infrastructure).
3) Sources
Directly from you; automatically via your use of the Service; and from third-party services you connect.
4) Purposes of Processing
To provide, operate, secure, debug, and improve the Service; authenticate users; administer accounts; analyze usage; prevent fraud/abuse; comply with law; and communicate about the Service.
5) Legal Bases (where applicable)
Performance of a contract; legitimate interests (operation, security, improvement); compliance with legal obligations; and, where required, your consent.
6) Sharing
We may share information with (i) service providers/processors (hosting, storage, analytics, support, email delivery, identity/OAuth), (ii) affiliates, (iii) authorities where legally required, and (iv) successors/assignees in corporate transactions. We do not sell personal information.
7) International Transfers
Your information may be processed in jurisdictions with laws that differ from yours; we implement appropriate safeguards where required by law.
8) Retention
We retain information as long as necessary for the purposes above and to meet legal obligations, then delete or de-identify it.
9) Security
We apply reasonable administrative, technical, and organizational measures. No method is 100% secure; we cannot guarantee absolute security.
10) Your Responsibilities
- Obtain all required consents and provide any required notices before submitting others’ personal data.
- Ensure you have the lawful right to connect any third-party account or dataset.
- Do not upload special categories of data (e.g., health, biometric, genetic, precise geolocation, financial account numbers, children’s data, or other highly regulated data) unless we explicitly agree in writing.
- Use the Service in compliance with applicable laws and third-party terms you connect.
11) Your Choices & Rights
Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict processing of personal data, or to object and/or port it. To exercise rights, contact us at [email protected]. We may verify your identity and may deny requests where permitted by law. EEA/UK/Swiss residents may lodge a complaint with their data protection authority; California residents have rights under CCPA/CPRA.
12) Cookies & Similar Technologies
We use cookies, local storage, and similar tech for authentication, preferences, analytics, and security. You can manage cookies in your browser; disabling may impair the Service.
13) Third-Party Links & Services
Third-party services are governed by their own terms and policies; we are not responsible for their practices.
14) Children
The Service is not directed to children and should not be used by anyone under the age required by applicable law.
15) Changes
We may update this Policy from time to time. Continued use of the Service after changes constitutes acceptance of the updated Policy.
16) Google APIs & Google Postmaster Tools Data
If you choose to connect a Google account, the Service uses
Google's OAuth 2.0 APIs to access your Google Postmaster Tools
data with the read-only scope
https://www.googleapis.com/auth/postmaster.readonly. This
scope allows read-only access to Postmaster Tools data for the sending
domains you have verified in Google Postmaster Tools.
Through this integration we receive domain-level email deliverability metrics (for example: spam-rate, IP/domain reputation, feedback loop statistics, and related traffic stats). We do not access individual emails, message contents, or recipient inboxes through this integration.
We use Google Postmaster Tools data solely to provide and improve the Service features you request, such as daily spam-rate reports, dashboards, alerts, and related analytics about your sender reputation.
We do not sell Google Postmaster Tools data or use it to build advertising profiles. We may share it only with our service providers who process data on our behalf (for hosting, storage, logging, monitoring, analytics, or support), subject to appropriate confidentiality and security obligations, and as otherwise required by law.
You can revoke our access to Google Postmaster Tools at any time from your Google account settings. After revocation, we stop requesting new data and handle previously collected information in line with the retention principles described in section 8 of this Policy.
Contact: [email protected] · Nexus Saas Ltd, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ