top of page

Privacy Policy

Nessie Privacy Policy

This Privacy Policy explains how MKS DESIGN TECH LTD ("MKS DTECH", "we", "us", "our") collects, uses, stores and protects personal data in connection with the Nessie platform and related services.

MKS DESIGN TECH LTD
Forma House, 40 Bowling Green Lane, London, England, EC1R 0NE
Email: info@mksdtech.com

 

1. Scope

This Privacy Policy applies to the Nessie platform, related websites, plugins, onboarding, support, and customer communications.

Nessie is a business software service intended for organisations and professional users.

 

2. Personal Data We Process

Depending on how Nessie is used, we may process the following personal data:

Account and Identity Data

  • name

  • work email address

  • organisation name

  • Microsoft Entra tenant identity details

  • user role and permissions

Usage and Operational Data

  • login sessions

  • synchronisation activity

  • user actions within the platform

  • timestamps

  • support diagnostics

  • technical logs

Customer Content Data

Where entered by customers, project records may incidentally contain personal data.

Nessie is primarily designed to manage project and operational metadata rather than personal data.

 

3. Data We Do Not Intentionally Collect

We do not intentionally collect:

  • special category personal data

  • consumer profile data

  • advertising data

  • behavioural analytics for marketing

  • personal chat messages through the platform

 

4. How We Use Personal Data

We use personal data only where necessary to:

  • provide access to Nessie

  • authenticate users

  • manage permissions

  • operate and maintain the platform

  • synchronise data with plugins and integrations

  • troubleshoot issues

  • provide customer support

  • maintain security

  • communicate important service or product updates to customers

  • comply with legal obligations
     

We do not sell personal data.

We do not use personal data for advertising profiling.

 

5. Legal Bases for Processing

Where UK GDPR / EU GDPR applies, our legal bases may include:

  • performance of a contract

  • legitimate interests in operating and securing the service

  • compliance with legal obligations

  • consent, where specifically required

 

6. Authentication

Nessie may use Microsoft Entra ID for customer-controlled authentication.

Access to Nessie is managed through the customer organisation’s approved identity environment.

 

7. Cookies and Similar Technologies

Nessie uses essential cookies or session storage only as necessary to maintain authenticated user sessions and core functionality.

We do not use advertising cookies.

We do not run analytics tracking on Nessie pages.

 

8. Sharing of Personal Data

We share data only where necessary with trusted service providers supporting the platform, such as:

  • Microsoft Azure (hosting, database, infrastructure)

  • Microsoft Entra ID (identity services)

We may also disclose data where required by law or to protect legal rights.

 

9. International Transfers

Some infrastructure providers may process data in locations outside the United Kingdom or European Economic Area.

Where required, we rely on appropriate safeguards such as contractual protections or legally recognised transfer mechanisms.

 

10. Data Security

We use reasonable technical and organisational measures designed to protect data, including access controls, role permissions, authentication controls, and managed infrastructure security features.

No system can guarantee absolute security.

 

11. Retention

We retain personal data only as long as reasonably necessary for the service relationship, legal obligations, backup cycles, or legitimate operational needs.

Where a customer requests deletion after termination, we aim to delete active tenant data promptly, subject to limited residual backup retention.

 

12. Customer-Controlled Data

Where we process personal data on behalf of an organisational customer, that customer may act as controller and MKS DTECH may act as processor.

In such cases, the customer determines how Nessie is used and what data is entered into the platform.

 

13. Your Rights

Depending on applicable law, individuals may have rights to:

  • access personal data

  • correct inaccurate data

  • request deletion

  • restrict processing

  • object to certain processing

  • data portability

  • lodge a complaint with a supervisory authority

Requests may be sent to: info@mksdtech.com

 

14. Confidential Projects and Access Controls

Nessie may support confidential project settings and role-based permissions so that access can be restricted by customer administrators.

Customers are responsible for assigning user permissions appropriately.

 

15. Changes to This Policy

We may update this Privacy Policy from time to time.

Updated versions become effective when published or otherwise notified.

 

16. Contact

MKS DESIGN TECH LTD
Forma House, 40 Bowling Green Lane, London, England, EC1R 0NE

Email: info@mksdtech.com

  • Instagram

Digital AEC © 2019 - 2026 MKS DESIGN TECH LTD

info@mksdtech.com

Terms and Conditions

Privacy Policy

License Agreement MKS BEAM

License Agreement RHINO SYNC

Terms and Conditions NESSIE

Privacy Policy NESSIE

Data Processing NESSIE

Security and Trust NESSIE

bottom of page