Legal

Security

Last updated: February 8, 2026

This page provides a high-level overview of how we protect NexEd ERP and your data. For detailed questionnaires or compliance documentation, contact our team.

1. Security Program Overview

  • We maintain a security program designed to protect customer data across our web platform, mobile apps, and supporting infrastructure.
  • Security controls are reviewed and improved continuously based on risk assessments and evolving threats.

2. Encryption

  • Data is protected in transit using TLS for client-to-server communications.
  • Sensitive data is encrypted at rest where appropriate using industry-standard encryption.

3. Access Controls

  • We restrict internal access to production systems and customer data using role-based access control and authentication safeguards.
  • Administrative access is logged and monitored.

4. Application and Infrastructure Security

  • We apply secure development practices and perform vulnerability management.
  • We use monitoring and alerting to detect anomalous activity and potential abuse.

5. Incident Response

  • We maintain incident response procedures to investigate, contain, and remediate security incidents.
  • If a confirmed incident impacts customer Personal Data, we will notify the customer organization as described in our Privacy Policy and DPA.

6. Responsible Disclosure

  • If you believe you have found a security vulnerability, please report it to security@nexederp.com.
  • Do not publicly disclose vulnerabilities or access data beyond what is necessary to demonstrate the issue.