POPIA compliance

Nexus Desk is aligned with the Protection of Personal Information Act, 2013 (POPIA). We collect only the personal information necessary to provide the service, keep it secure, and delete it on your request where we have no further legal obligation to retain it.

Information officer

The information officer is the named director of the operating company. Contact details are listed in the site footer.

How we secure your data

• TLS in transit for all dashboard and API traffic.
• Private file storage outside the document root; access only through authenticated stream endpoints.
• Administrators cannot open user files; all access attempts are audited.
• Regular database backups with restricted retention.

Cross-border processing

Primary hosting is located in South Africa. Where third-party processors are used (for example PayFast for payments or an SMTP provider for notifications), we use providers with equivalent protections.