Guides
NEXUS
Start typing to search…

September 26, 2025

Privacy Policy

Effective Date: September,26, 2025

Introduction

NEXUS Co., Ltd. (“we,” “our,” or “us”) takes the protection of personal data (“Personal Data”) very seriously. Please read this Privacy Policy carefully. This Privacy Policy applies to our CROSS Ramp Console services (collectively, the “Services”). It explains how we handle the personal information collected when you use the Services, outlines your rights regarding your Personal Data, and describes how you can contact us if you have any questions. We process your personal information responsibly and in compliance with applicable laws and regulations. By using, accessing, linking to, or engaging with the service, you consent to the collection, use, disclosure, storage, and security of your information as described in this policy. If you do not agree with this policy, please do not use, access, or link to the service.

1. Legal Grounds for Processing

There must be a valid basis for using your personal data, which is referred to as the "legal grounds for processing" under certain laws. We process your personal data based on the following grounds:

  • Your Consent

    This means that, as the data subject, you have agreed and consented to the processing of your personal data for the specified purposes.

  • Legal Obligation

    The processing of your personal data is necessary for us to comply with our legal obligations.

  • Legitimate Interest

    This refers to cases where the processing is necessary for pursuing our legitimate interests, except when such interests are overridden by the interests or fundamental rights and freedoms of the data subject, requiring the protection of your personal data. Our legitimate interests generally include:

    • Product improvement and research & development
    • Marketing and promotion
    • Security and fraud prevention
    • Legal compliance
    • Business operations

2. Collection of Personal Data

We collect the following personal data. The types of personal data we collect may vary depending on how you use or interact with our services. The information below is essential for providing our services, and without it, we will not be able to provide the requested services. We do not collect additional categories of personal data without informing you.

  • Information You Provide to Us
    • When signing up for membership: We collect your name and email address through social login (the social login feature is technically implemented via the Firebase service), and, depending on your choice, your profile picture.
    • When linking a wallet: Wallet address
  • Technical Information Collected During Your Use of the Service
    • When you use our services, we collect information about the most recently connected Web3 wallet and its session details, as well as your browser language settings. For more details, please refer to the cookie section of this Privacy Policy.

3. Purposes of Using Personal Data

We may process your personal data for the following purposes:

  • To Provide and Operate Our Services

    Your personal data is used to provide the services, communicate regarding service usage, and for other customer support purposes.

  • To Safeguard Our Services and User Information

    Your personal data is used to identify and address violations, investigate suspicious activities, detect, prevent, and respond to harmful or illegal actions, and detect fraudulent activities.

  • To Respond to Customer Support Inquiries

    Your personal data may be used to manage your inquiries and requests by sending emails or communicating with you in other ways.

  • To Send Marketing Communications

    Your personal data may be used, depending on your consent, to send you information related to our services, such as news, promotions, and other updates.

  • To Improve Service Quality

    Your personal data may be used for analytical purposes to better understand your usage patterns, which help us enhance the quality of our services.

  • To Comply with Legal and Regulatory Obligations

    Your personal data may be used to enforce our service terms, comply with laws, legal processes, or legal obligations, exercise or defend legal claims, detect, prevent, or address fraud, comply with requests from law enforcement, regulatory, and tax authorities (both domestic and international), resolve security or technical issues, or otherwise protect the property and legal rights of the company or others.

4. Retention Period of Information

We retain your personal data for the period necessary to fulfill the purposes outlined in this Privacy Policy or as instructed by you. This includes retaining data for legal, accounting, or other obligations. However, exceptions apply in cases where longer retention periods are required or permitted by law, and we may retain your personal data for the duration necessary for legal claims, complaints, lawsuits, or regulatory procedures.

5. Sharing Personal Data with Third Parties

We may share your personal data with external processors when necessary for the operation of our services. We may use external analytics services (e.g., adjust, AppsFlyer, Google Analytics) and may use cloud service providers (e.g., AWS, Azure, Tencent) for data storage and service operation. When handling personal data through third parties, we make reasonable efforts to ensure that the data is processed securely in compliance with applicable requirements, such as Standard Contractual Clauses (SCCs) and Data Processing Agreements (DPAs).

6. International Transfer of Your Personal Data

We are a global service provider based in the Republic of Korea. If you are not residing in the Republic of Korea, your personal data will be transferred internationally when using our services. The Republic of Korea has been recognized with an adequacy decision under the GDPR, confirming that it provides an equivalent level of data protection as EU member states.

When transferring personal data outside the Republic of Korea, we make reasonable efforts to implement appropriate safeguards in accordance with applicable requirements, including Standard Contractual Clauses (SCCs) and Data Processing Agreements (DPAs), in order to protect the rights of data subjects.

7. Disclosure of Your Personal Data

We may disclose your personal data to the extent required by legal obligations or when we believe in good faith that disclosure is necessary to comply with legal processes. In such cases, the receiving entity may not be able to ensure the same level of security for your personal data.

Additionally, we may disclose your personal data in connection with the transfer of business or corporate restructuring.

8. Your Rights as a Data Subject

You have specific rights regarding the personal data we collect and process. You may exercise these rights concerning the personal data we process about you.

  • Right of Access or Right to be Informed

    This means you have the right to obtain information from us about our data processing activities concerning you (e.g., how we collect and use your personal data, retention periods, sharing entities, etc.).

    You have the right to confirm whether we are processing personal data about you, and if so, to obtain a copy of such personal data along with certain related information. In some cases, we may refuse your access request. In such instances, we will provide the reasons for the refusal.

  • Right to Rectification or Correction

    You have the right to request the correction of any inaccuracies in the personal data we hold about you (or your child) without undue delay, as well as the completion of incomplete personal data.

    If you are unable to modify the information yourself through your account settings, please contact us, and we will do our best to modify the personal data on your behalf.

  • Right to Deletion or Erasure

    You have the right to request the anonymization, deletion, or removal of your personal information when appropriate. In such cases, we will delete your personal data unless we have overriding legitimate interests or legal requirements to continue processing it. We will also inform you of the reasons if we refuse a deletion request.

  • Right to Restrict the Processing of Your Personal Data

    This is known as the "right to restrict processing." You have the right to request that your personal data is only used or stored for specific purposes. This right applies in certain cases, such as when you believe the data is inaccurate or that the processing activity is unlawful.

  • Right to Object to Processing

    If we process your personal data based on legitimate interests or for direct marketing purposes, you have the right to object to such processing of your personal data.

    Except in the following cases, we will cease processing your personal data:

    (i) If we have strong legal grounds for processing that override your interests, rights, and freedoms, or (ii) If the processing is necessary for the establishment, exercise, or defense of legal claims.

  • Right to Data Portability

    If we process your personal data based on a contract with you or your consent, you have the right to receive your personal data in a structured, commonly used, and machine-readable format, or to request the transfer of this personal data to a third party.

  • Right to Withdraw Consent

    If we rely on your consent as the legal basis for processing your personal data, you can withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. If you have consented to sharing your details with third parties and wish to withdraw this consent, please contact the relevant third parties to modify your preferences.

  • Right to Non-Discrimination

    We will not discriminate against you for exercising any of your rights provided to you under law.

  • Identity and Authority Verification

    To respond appropriately to your privacy rights requests, we may need to verify your identity and may request additional information. The personal data provided for this purpose will only be used to verify your identity or authority to make the request. If submitting a request on behalf of someone else, you must provide proof of authority to act on their behalf. Please ensure that you provide a valid signed power of attorney, or proof of parental responsibility or legal guardianship, when contacting us for rights requests.

  • Response Time and Format for Your Requests

    We will acknowledge receipt of your request within 10 business days and inform you of the expected response time, including any identity verification or processing delays.

    Typically, we will respond to your request within one month from the date of receipt. However, if more time is required (up to 90 days), we will inform you of the reason for the delay and the extended time frame. In some cases, we may be unable to process your request, and we will explain the reasons in our response. We do not charge fees to process your request. However, if your request is excessive, repetitive, or manifestly unfounded, we may charge a fee. In such cases, we will explain the reasons for the charge and provide a cost estimate before completing your request.

9. Data Security

We take the security of your personal data seriously and have established a dedicated team with expertise in information security. The members of this team are committed to safeguarding your data. We implement technical, administrative, and physical measures designed to protect your personal data, and we will continuously improve and maintain these measures. These measures include encryption and deletion.

10. Cookies and Other Tracking Technologies

Cookies are small text files that are downloaded to your computer or mobile device and contain data. Browser cookies and other similar technologies (referred to as "Cookies" in this cookie policy) allow websites and apps to store information or provide access to information stored on your device. These technologies are used by most website and app providers to help users navigate between pages efficiently, ensure the security of web pages or applications, understand how websites are used, remember user preferences, and generally improve the user experience. When you use our services, we may place cookies on your device. More general information about cookies can be found at www.allaboutcookies.org.

We may also track service usage information for the purpose of improving service quality. If you do not wish to allow such tracking, you may disable it at any time through your device settings.

11. Children

The Service is not intended for children, and the Company does not knowingly collect personal information from children. To use the Service, you must be legally capable of entering into a contract.

12. Right to File a Complaint with a Supervisory Authority

When EU or UK GDPR applies to the processing of your personal data, you have the right to file a complaint with a supervisory authority if you are not satisfied with how your personal data is handled.

You can file a complaint with the supervisory authority in the EU member state of your residence, workplace, or where the alleged GDPR violation occurred. In the UK, you can file a complaint with the Information Commissioner’s Office (ICO).

13. Changes to This Policy

We reserve the right to amend this Privacy Notice at any time to reflect changes in the law, our data collection, use or sharing practices or advances in technology. We will make the revised Privacy Notice accessible throughout the Services. You should review this Privacy Notice periodically. The “Effective Date” indicated in this Privacy Notice represents the date it was last updated.

By continuing to access or use the Services, you are confirming you have read and understand the latest version of this Privacy Notice.

14. Contact Information

If you have any questions about this privacy policy or concerns related to your personal data or this privacy policy, please contact us at:

  • Address:1 , 15F, 10, Daewangpangyo-ro 606beon-gil, Bundang-gu, Seongnam-si, Gyeonggi-do, South Korea
  • Email: [email protected]

It may take up to one month to respond to your inquiry.

[EU Representative]

We have appointed VeraSafe as our representative for data protection matters in the EU. You can contact us or VeraSafe regarding any issues related to the processing of personal data.

[UK Representative]

We have appointed VeraSafe as our data protection representative in the UK. You can contact us or VeraSafe regarding any issues related to the processing of personal data.



Updated 12 days ago