NextPlane helps organizations connect collaboration platforms through customer-hosted GCP Private Instance deployments while respecting the privacy, security, and compliance expectations of enterprise customers and their users.
At a glance
We use information to provide, secure, support, and improve NextPlane services.
We do not sell personal information to advertisers.
Enterprise customers host and control the GCP infrastructure where their NextPlane Private Instance deployment runs.
Questions and rights requests can be sent to privacy@nextplane.net.
Scope of this policy
This Privacy Policy explains how NextPlane, Inc. (“NextPlane,” “we,” “us,” or “our”) collects, uses, shares, stores, and protects information when you visit our websites, use NextPlane products or services, communicate with us, request support, attend events, or otherwise interact with us.
NextPlane provides customer-hosted GCP Private Instance enterprise interoperability services, including solutions that connect users across collaboration platforms such as Microsoft Teams, Google Workspace, Slack, and other supported services. In this deployment model, the customer hosts the NextPlane Private Instance in the customer’s own Google Cloud Platform infrastructure and typically controls the deployment environment, connected systems, user accounts, access policies, and data retention settings. Where NextPlane processes personal information under a contract with your employer or another organization, that organization is typically the controller or administrator of the information, and NextPlane acts as a service provider or processor as described in the applicable agreement.
Note to end users: If your use of NextPlane is provided by your employer or another organization, please direct privacy requests related to your account or workspace data to that organization first.
Information we collect
The information we collect depends on how you interact with NextPlane. We may collect the following categories of information:
Collaboration metadata
For customer-hosted GCP Private Instance deployments, NextPlane may collect and process the following metadata as needed to provide, operate, troubleshoot, and support the service:
- Sender address
- Receiver address
- Message type, such as IM, presence, audio call, or video call
- Time and date of the message
- Error or response code
NextPlane’s public privacy materials state that OpenHub does not keep or record instant messages, voice calls, or video calls, and that server log entries contain metadata rather than message content. Product-specific processing practices may vary by product, integration, and customer agreement.
How we use information
We use information for operations, usage tracking, and troubleshooting.
Legal bases for EEA, UK, and similar users
Where applicable privacy laws require a legal basis, NextPlane processes personal information as necessary to provide, operate, secure, support, and troubleshoot the services under our agreement with the enterprise customer. For customer-hosted GCP Private Instance deployments, the customer hosts the deployment in the customer’s Google Cloud Platform infrastructure and typically determines how personal information is processed within that environment. NextPlane processes personal information only as instructed by the customer, as required to perform our contractual obligations, comply with applicable law, protect the security and integrity of the services, or as otherwise permitted by the applicable agreement.
How we share information
NextPlane is not in the business of selling personal information to advertisers. We may share information in the following limited circumstances:
- With enterprise customers and administrators to provide, administer, secure, and support the services they have configured.
- With connected collaboration platforms as necessary to deliver interoperability between authorized systems.
- With service providers that help us host, secure, analyze, support, communicate, bill, or otherwise operate our business, subject to appropriate contractual obligations.
- For legal, safety, and compliance reasons when required by law or when we believe disclosure is necessary to protect rights, safety, security, or the integrity of our services.
- In business transactions such as a merger, acquisition, financing, reorganization, or sale of assets, subject to appropriate safeguards.
- With your consent or direction when you or your organization instructs us to share information.
Retention and security
For customer-hosted GCP Private Instance deployments, data retention is determined by each customer. Because the deployment runs in the customer’s own Google Cloud Platform infrastructure, the customer controls retention settings, storage locations, backup policies, log retention, deletion practices, and related administrative controls, subject to the customer’s agreement with NextPlane and applicable law.
We use technical and organizational measures designed to protect information against unauthorized access, loss, misuse, alteration, and disclosure. These measures may include access controls, logging, encryption in transit, network protections, monitoring, and administrative safeguards.
No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Enterprise customer data
NextPlane services are intended for organizations. For customer-hosted GCP Private Instance deployments, the customer hosts the deployment in the customer’s own Google Cloud Platform infrastructure and controls user accounts, service configuration, connected platforms, policies, retention settings, infrastructure access, and the information processed through the deployment.
Administrators may be able to access, configure, export, delete, or restrict information according to their agreement with NextPlane and their own internal policies.
NextPlane is not responsible for the privacy or security practices of customer organizations or third-party collaboration platforms. Please review your organization’s policies and the privacy terms of any connected services you use.
Your rights and choices
Depending on where you live and how you interact with NextPlane, you may have rights to request access, correction, deletion, portability, restriction, objection, or withdrawal of consent. You may also have the right to opt out of certain processing or to lodge a complaint with a data protection authority.
To exercise privacy rights, contact us at privacy@nextplane.net. We may need to verify your identity and, where information is controlled by your employer or another organization, we may direct your request to that organization.
California privacy notice
California residents may have additional rights under applicable California privacy laws, including the right to know, access, correct, delete, and opt out of certain disclosures.
NextPlane does not sell personal information as the term is commonly understood. Where applicable, we will not discriminate against you for exercising privacy rights.
Cookies and communications
You can configure your browser to reject or delete cookies, though some website features may not work as intended.
You may opt out of marketing communications by using the unsubscribe link in those messages or contacting us. We may still send service, security, legal, or transactional communications.
Children
NextPlane services are intended for enterprise and business use by customer organizations. User access is provisioned and controlled by the customer, and the service is not offered directly to individual consumers or children.
If a customer permits a minor to use a connected collaboration platform or account, the customer is responsible for ensuring that such use complies with applicable laws, consent requirements, and the customer’s own policies.
Changes to this policy
We may update this Privacy Policy from time to time. When we make changes, we will update the effective date above.
If changes are material, we may provide additional notice, such as by posting a notice on our website or sending a notification where appropriate.
Contact us
If you have questions or concerns about this Privacy Policy or how NextPlane handles personal information, please contact us:
NextPlane, Inc.
950 Tennessee Street, Unit 403
San Francisco, CA 94107
Email: privacy@nextplane.net
