Privacy Policy

Last Updated: November 7, 2025

1. Introduction

XRPLondon Nexus 2025 ("Event") is organized by Nexus Events Ltd. ("we", "us", "our"). We are committed to protecting and respecting your privacy. This policy explains how we collect, process, and protect your personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Who is the Data Controller?

The data controller is Nexus Events Ltd., a company registered in England and Wales (Company Number: 65558900]) with its registered office at 45 Placeholder Street, London, EC1V 1AB, United Kingdom.

We are registered with the Information Commissioner's Office (ICO) under registration number ZB565543.

For any data protection inquiries, you can contact our Data Protection Officer (DPO) at [email protected].

3. What Information We Collect

We may collect and process the following categories of personal data:

  • Identity Data: Full name, job title, company name.
  • Contact Data: Work email address, billing address, and phone number.
  • Registration Data: Ticket type purchased, payment status, and (if you provide it) dietary requirements or accessibility needs.
  • Enquiry Data: Any information you provide when you contact us via our contact form, email, or social media (e.g., for sponsorship or speaking enquiries).
  • Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting, operating system, and platform.
  • Usage Data: Information about how you use our website, collected via cookies (see our Cookie Policy).

4. How We Collect Your Data

  • Directly from you: When you fill out our Google Form for ticket registration, use our website contact form, or email us directly.
  • Automatically: When you interact with our website, we may automatically collect Technical and Usage Data via cookies (subject to your consent for non-essential cookies).

We only use your personal data when the law allows us to. Most commonly, we use it in the following circumstances:

  • Performance of a Contract: To process your ticket registration, send you essential Event information (like confirmations, agenda updates, and venue details), and manage your attendance.
  • Legitimate Interests: To respond to your enquiries, to administer and protect our website (troubleshooting, security, analytics), and to share essential health and safety information with our venue (ExCeL London).
  • Consent: To place non-essential analytics or marketing cookies on your device. You can withdraw this consent at any time via our cookie manager.
  • Legal Obligation: To comply with legal or regulatory obligations (e.g., financial records for tax purposes).

We will **not** send you marketing emails from us or our sponsors unless you explicitly opt-in to receive them.

6. Data Sharing and Third Parties

We do not sell your personal data. We may share your data with trusted third-party service providers (processors) who help us run the Event, including:

  • Google (G Suite / Google Forms): Our processor for ticket registration and email communications.
  • Payment Processor - e.g., Stripe, PayPal: To process your ticket payment. (Replace with your actual processor).
  • Venue (ExCeL London): We may share an attendee list for security, health and safety, and operational purposes.
  • Analytics Providers: Google Analytics (if you consent) to help us understand website traffic.
  • Sponsors: We will **only** share your contact details (Name, Email, Company) with our sponsors if you have given your explicit, affirmative consent (e.G., via a specific checkbox during registration).

7. International Data Transfers

Some of our third-party processors are based outside the UK/EEA (e.g., Google in the USA). When we transfer your data, we ensure a similar degree of protection is afforded to it by:

  • Using services in countries that have been deemed to provide an adequate level of protection by the UK (Adequacy Regulations).
  • Using specific contracts approved by the UK which give personal data the same protection it has in the UK (e.g., Standard Contractual Clauses or the UK's International Data Transfer Agreement).

8. Data Security

We have implemented appropriate technical and organizational security measures to prevent your personal data from being accidentally lost, used, accessed in an unauthorized way, altered, or disclosed.

9. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, including for satisfying any legal, accounting, or reporting requirements. Typically, attendee registration data is retained for up to 12 months after the Event concludes, unless we are required to keep it longer for tax or legal reasons (e.g., financial records for 6 years).

10. Your Data Protection Rights (DSAR)

Under UK GDPR, you have the right to:

  • Request Access to your personal data.
  • Request Rectification of inaccurate data.
  • Request Erasure (deletion) of your personal data.
  • Object to Processing where we rely on legitimate interests.
  • Request Restriction of processing.
  • Request Data Portability (transfer) of your data to another service.
  • Withdraw Consent at any time (e.g., for cookies or marketing).

To exercise any of these rights, please contact our DPO at [email protected]. We will respond to all legitimate requests within one month.

11. Right to Complain

You have the right to lodge a complaint at any time with the **Information Commissioner's Office (ICO)**, the UK's supervisory authority for data protection issues (ico.org.uk).

12. Changes to this Privacy Policy

We may update this policy from time to time. Any changes will be posted on this page, and, where appropriate, notified to you by email.