Privacy FAQs

Nextup is committed to providing you with the information and tools you need to meet data and privacy obligations. Below you'll find resources related to our Privacy Policy and specific data protection laws:

What data do you store?

We cover the data we store and its purpose in our privacy policy in more detail but in summary we store your name, email address, timezone and username. This data is required to provide the Services to you.

How do I delete my personal data from Nextup?

You may also submit a request that we delete the personal information that we maintain about you by contacting us via email at privacy@nextup.ai.  

If you choose to email a request to us, please include your name and email address.  If the information that you provide to us matches the information that we have on file, we will automatically generate an email to you, requesting that you confirm your deletion request.  Once confirmed, we will carry out your deletion request and provide notice that it has been completed.

Where is my data stored?

Nextup is hosted with Amazon Web Services and the default location is AWS US. The data centre hosting location applicable to each Nextup customer can vary if an organization uses our data residency feature. Data residency for Nextup allows global teams to choose the region where certain types of data at rest are stored.

To learn more, visit Data residency for Nextup.

To support delivery of our Services, Nextup may engage Sub-processors. A current list of Sub-processors for the Services, including the identities of those Sub-processors and their country of location, to learn more, visit Nextup Sub-processors.

You can also find information regarding data transfers in the following resources:

How secure is my data on Nextup?

Nextup is committed to ensuring our infrastructure is secure and reliable and we utilize 3rd parties to confirm our practices in our annual SOC reports which can be requested to help your team understand our security model and approach.

We are proud to exceed the industry standard when it comes to protecting your organization and we've outlined many of our security practices and certifications on our website.

Is my data encrypted?

Yes, Nextup provides data encryption in transit and at rest. Read more about our approach to security.

Does the GDPR require EU personal data to stay in the EU?

The GDPR does not require EU data to reside in the European Union. Nextup's Data Processing Addenda and the European Union’s Model Clauses (Standard Contractual Clauses) will continue to ensure compliance for EU personal data transfers outside of the EU. Our Data Processing Addenda are available to all customers regardless of the Nextup plan or product they are using.

How does Nextup handle cross-border data transfers?

When it comes to transferring data, we offer standard contractual clauses through our Data Processing Addendum (DPA). Our Data Processing Addendum supplements the Customer Terms of Service or any MSA and is available to all of our customers on free or paid plans.

While we do not rely on the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield for the transfer of personal data, we do self-certify to both programs.

Does Nextup adhere to GDPR, CCPA and privacy regulations?

We adhere to the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and other applicable global regulations. Read up on Slack’s commitments and review our latest certifications on our Compliance Page.