Legal

Privacy Policy

Effective: 1 May 2026

This Privacy Policy explains how P3 Technologies Ltd ("we", "us", "our") collects, uses, and protects personal data when you use Nexus CRM ("the Service"), accessible at www.nexus-crm.co.uk.

P3 Technologies Ltd is the data controller for personal data we collect about you in your capacity as our customer, prospect, or website visitor. Where you upload personal data about your own clients, tenants, contacts, or other third parties into the Service, you are the data controller and we act as data processor on your behalf, governed by the Data Processing Agreement that forms part of our Terms of Service.

1. Who we are

Company: P3 Technologies Ltd

Company number: 17180916

Registered office: 107a High Street, Carrville, Durham, DH1 1BQ

ICO registration number: ZC133723

Contact for data protection enquiries: hello@nexus-crm.co.uk

2. What personal data we collect

We collect and process the following categories of personal data:

  • Account data: User account details (name, email, role, firm), client and lead records entered by the Subscriber, deal pipeline data, communications, documents uploaded by the Subscriber, and usage analytics.
  • Contact data: name, email address, phone number, business name, billing address.
  • Billing data: payment card details (processed by our payment processor — we do not store full card numbers), billing history, VAT details.
  • Technical data: IP address, browser type and version, device information, operating system, time-zone, login times, pages viewed, and cookies (see our Cookie Policy).
  • Communications: emails, support tickets, chat messages, and any feedback you provide.
  • Marketing preferences: your consents to receive marketing communications.

3. How we collect personal data

We collect personal data when you:

  • Register for an account or trial of the Service.
  • Subscribe to a paid plan and provide billing information.
  • Use the Service (we collect technical and usage data automatically).
  • Contact us by email, support form, or live chat.
  • Subscribe to our newsletter or marketing communications.
  • Visit our website (via cookies and similar technologies).

4. Lawful bases for processing

We process your personal data on the following lawful bases under UK GDPR:

  • Contract: where processing is necessary to provide the Service to you under our Terms of Service.
  • Legitimate interests: for fraud prevention, security, product improvement, internal analytics, and to communicate with you about your account, where these interests are not overridden by your rights.
  • Consent: for marketing emails to prospects and for non-essential cookies. You may withdraw consent at any time.
  • Legal obligation: where we are required to process data to comply with applicable law (for example, accounting and tax records).

5. How we use your personal data

We use personal data to:

  • Provide, operate, and maintain the Service.
  • Process subscriptions, payments, and renewals.
  • Authenticate you and protect the security of the Service.
  • Communicate with you about service updates, billing, and support.
  • Improve the Service through analytics and product research.
  • Send marketing communications where you have consented or where permitted by law.
  • Comply with our legal and regulatory obligations.

6. Sharing your personal data

We share personal data only where necessary, with the following categories of recipient:

  • Sub-processors who help us deliver the Service (hosting, database, email delivery, payment processing, analytics, customer support tools). A current list is available on our sub-processors page.
  • Professional advisers (accountants, lawyers, auditors) bound by confidentiality.
  • Authorities, regulators, or law enforcement where required by law.
  • A purchaser or successor entity in the event of a sale, merger, or restructuring of our business.

We do not sell personal data.

7. International transfers

Where personal data is transferred outside the United Kingdom, we ensure appropriate safeguards are in place, including UK International Data Transfer Agreements (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or transfers to jurisdictions covered by UK adequacy regulations.

8. How long we keep personal data

We retain personal data only for as long as necessary for the purposes set out in this Policy, or as required by law:

  • Account data: for the duration of your subscription, plus 12 months after termination, after which the account is deleted unless we are required to retain it.
  • Billing and accounting records: 6 years after the end of the relevant tax year (HMRC requirement).
  • Marketing data: until you withdraw consent or 24 months of inactivity, whichever is sooner.
  • Support communications: 24 months after closure of the support ticket.

9. Your rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Have inaccurate or incomplete personal data corrected.
  • Request erasure of your personal data in certain circumstances.
  • Restrict or object to our processing of your personal data.
  • Receive your personal data in a portable format.
  • Withdraw consent where we rely on consent.
  • Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, contact us at hello@nexus-crm.co.uk. We will respond within one calendar month.

10. Security

We implement appropriate technical and organisational measures to protect personal data, including encryption in transit (TLS 1.2+), encryption at rest, role-based access controls, regular backups, monitoring and logging, and supplier due diligence. No system is completely secure; we will notify you and the ICO of any qualifying personal data breach within 72 hours of becoming aware of it.

11. Cookies

We use cookies and similar technologies. See our Cookie Policy for details.

12. Children

The Service is not intended for use by children under 18. We do not knowingly collect personal data from children.

13. Changes to this Policy

We may update this Policy from time to time. The latest version will be available at our website. Material changes will be notified to active users by email.

14. Contact us

For any questions about this Policy or our data practices, contact: hello@nexus-crm.co.uk