Security & Quality

At Nexxiot, we are dedicated to keep your data safe, secure and private.  

Data Privacy

Nexxiot claims no ownership over customer data and the customer retains all intellectual property and other rights to their data. The privacy of customer data is protected and Nexxiot will never make those data publicly available without permission. Nexxiot is committed to the Federal Act on Data Protection (FADP) of Switzerland and the General Data Protection Regulation of the EU 2016/679 (GDPR). Nexxiot stores and processes the personal data of cloud customers. In doing so, there are several additional obligations that are fulfilled. Nexxiot’s policies are aligned with ISO/IEC 27018 – Code of Practice for Protection of Personally Identifiable Information (PII) in Public Clouds acting as PII Processors, which recommends specific enhancements to ISO/IEC 27001 controls. Nexxiot ensures the security and privacy of customer data by using up to 256-bit encrypted connection via TLS 1.2 and a world-class certificate provider for all data transfers between user devices and the Nexxiot Cloud Platform. At Nexxiot, we also use encryption at rest (AES-256 or stronger) to protect the secrecy of all data. 

Quality and Compliance Certifications

Nexxiot has implemented a Quality and Information Security Management System in accordance with ISO/IEC 9001, ISO/IEC 27001 and the rules and regulations that are part of Information Technology Act, 2000 also known as IT Act. Nexxiot holds the full ISO/IEC 9001 and ISO/IEC 27001 certifications since 2018 and the effective implementation is validated by an independent third party, a Registered Certification Body (RCB). 

Nexxiot ISO 27001

Reg. no. H44412

Nexxiot ISO 9001

Reg. no. H60212

Nexxiot IQNet

Reg. no: CH-H60212

Reg. no: CH-H44412

Security and Availability

One of Nexxiot’s top priorities is the security of customer data and with dedicated experts, Nexxiot secures systems, processes, and controls. They securely backup all systems and customer data and uses industry-standards for replication and failover.  The industry’s leading providers of secure cloud computing infrastructure are powering the Nexxiot Cloud Platform and have the following certifications, among others: 
  • FIPS 
  • GDPR 
  • ISO 27001 
  • ISO 27017 
  • ISO 27018 
  • NIST 
  • SOC 2 

Customer can securely access the Nexxiot Cloud Platform at any time and from any device or location, and Nexxiot offers a 99.5% uptime guarantee. Additionally, Nexxiot is permanently working on increasing the overall availability of the Nexxiot Cloud Platform towards 99.9%. The Nexxiot Connect Cloud Platform is a globally available cloud service hosted in Germany (Frankfurt) and the Unites States of America (Ohio). However, the customer can choose in which of these countries he wants to store his data. 

Identity and Access Control

Nexxiot follows security best practices and protects customer data by using the principle of least privilege access. A role-based permissions system allows administrators to manage access to data owned by the account.  Nexxiot Connect Cloud Platform support federated identities using customer specific OpenID Connect providers.