Nexus One Nexus One
TRUST & SECURITY

Trust & Security for the Businesses That Run on Nexus One

Nexus One is designed to help businesses manage operations, customer data, automation, AI workflows, integrations, and internal teams with stronger visibility, access control, and data protection practices.

Security Command Center Active
Brand Works LLC / Nexus One
Account Access
Role-Based Controls
Data Protection
Backup Practices
AI Handling
Anonymized Improvement
Integrations
Permission-Based
Enterprise Review
Available
Status
Active
Access Control

Manage who can view, edit, approve, and operate business workflows.

Data Protection

Customer data is handled through structured hosting, backup, and retention practices.

AI Transparency

AI features assist workflows while anonymized improvement practices protect customer identity.

Enterprise Review

Qualified customers may request DPA, subprocessor, and security review materials.

Trust & Security

Last Updated: July 9, 2026
Table of Contents
IMPORTANT NOTICE

Security controls may vary by plan, configuration, deployment, enabled modules, integrations, and written agreement. Businesses with regulated-data, healthcare, financial, government, education, or high-sensitivity requirements should request an enterprise security review before deployment.

Nexus One is operated by Brand Works LLC and is designed to support businesses that need stronger visibility, access control, data protection, automation governance, AI transparency, and operational reliability. This page explains our general approach to security. It is not a guarantee of compliance certification, uninterrupted service, or complete protection from all risks. For enterprise security questions, contact security@nexusoneapp.com or Byronguerrero@brandworks.app.

Security Overview

Nexus One helps businesses manage websites, CRM, sales, invoices, accounting workflows, projects, inventory, point of sale, bookings, HR, marketing, automation, dashboards, AI tools, documents, communications, and integrations.

Because these workflows can involve sensitive business information, Nexus One is designed with security-minded practices around access control, data handling, integration permissions, backups, privacy requests, AI data handling, and enterprise review.

Nexus One security practices are built around four principles:

  • Protect customer business data
  • Limit access based on user roles and permissions
  • Provide visibility into important business workflows
  • Support enterprise privacy and security review where required
Access Controls

Nexus One supports access management practices designed to help businesses control who can access information and perform actions inside the platform.

Access controls may include:

  • User accounts and role-based permissions
  • Admin controls and module-level access settings
  • Menu and feature visibility controls
  • User invitation and removal workflows
  • Integration permission review
  • IP whitelisting where available by plan or configuration
  • Activity visibility and approval workflows where configured
Data Protection

Nexus One is designed to help businesses store and manage operational data. Depending on customer configuration, this may include customer records, leads, invoices, quotes, projects, tasks, employee data, inventory, documents, communications, website submissions, calendar events, bookings, and automation workflows.

Our data protection approach may include:

  • Structured account access and permission-based user access
  • Hosting and infrastructure controls
  • Backups and recovery practices
  • Administrative safeguards and security monitoring where available
  • Data retention and deletion practices
  • Privacy request handling
  • Vendor and subprocessor review for enterprise customers
AI Security & Privacy
Enterprise available

Nexus One may include AI features, including Bellum AI, business intelligence agents, automation assistants, chat tools, workflow builders, reporting assistants, sales assistants, marketing assistants, and AI-generated recommendations. AI features are designed to assist business workflows, not replace human review.

AI security and privacy practices may include:

  • Customer-controlled use of AI features
  • Human review recommended before relying on AI outputs
  • Anonymized, de-identified, aggregated, or transformed data use for product improvement where applicable
  • Enterprise restrictions available by written agreement
  • AI outputs should be reviewed before being sent, published, approved, or used for business decisions
  • AI features are not a substitute for legal, tax, accounting, medical, compliance, financial, insurance, or professional advice
Infrastructure

Nexus One may operate through cloud-hosted infrastructure, third-party service providers, open-source components, proprietary Brand Works LLC modules, and customer-connected integrations.

Infrastructure practices may include:

  • Cloud hosting configuration and secure server setup
  • Access control for administrative systems
  • Monitoring, maintenance, and software updates
  • Database and application backups
  • Logging and troubleshooting tools
  • Environment separation where appropriate
  • Vendor review for enterprise customers
Backups & Recovery

Nexus One may maintain backups for business continuity, disaster recovery, security review, troubleshooting, and operational reliability.

Backup and recovery practices may include:

  • Scheduled backups where configured
  • Recovery processes for supported environments
  • Limited backup retention windows
  • Account data retention practices
  • Deletion and support where available
  • Enterprise backup and retention terms by written agreement
Third-Party Integrations

Nexus One may connect with third-party services such as Google, Microsoft, QuickBooks, HubSpot, Twilio, payment processors, email providers, calendar providers, shipping providers, analytics platforms, CRM tools, telephony providers, AI providers, hosting providers, and other business systems.

Integration security depends on:

  • Permissions granted by the customer
  • API keys and credentials
  • Third-party terms and privacy policies
  • Connected account security and customer configuration
  • Third-party service availability and API behavior
Customer Responsibilities

Security is a shared responsibility between Nexus One and the customer. Customers are responsible for:

  • Managing user access and protecting login credentials
  • Assigning appropriate roles and permissions
  • Reviewing connected integrations and maintaining third-party account security
  • Providing accurate business information and obtaining required consents for data they upload
  • Complying with laws that apply to their business
  • Reviewing AI outputs before use
  • Exporting important records when needed
  • Notifying Nexus One of suspected security issues
Regulated Industries & Compliance Review
Enterprise available

Nexus One is a general business platform and may not be configured for all regulated industries by default. Businesses in healthcare, finance, insurance, government, education, legal services, banking, or other regulated industries should request a security and compliance review before storing regulated or high-sensitivity information in Nexus One.

Enterprise customers may request:

  • Data Processing Addendum and subprocessor list
  • Security overview and privacy review
  • Custom retention terms
  • Custom access control and deployment review
  • Written compliance support terms
  • Security questionnaire support
Incident Response

If we become aware of a security issue affecting customer data, we will take reasonable steps to investigate, contain, and respond to the issue. Depending on the nature of the issue and applicable obligations, response steps may include:

  • Investigating suspicious activity and reviewing logs and affected systems
  • Restricting access where necessary
  • Working with infrastructure or vendor partners
  • Notifying affected customers where required
  • Taking corrective action and updating systems or procedures where appropriate
Enterprise Security Review
Enterprise available

For qualified Enterprise customers, Nexus One can support a security review before deployment. Enterprise review may include:

  • Security overview and DPA request
  • Subprocessor and access control review
  • Integration review
  • Backup, retention, and AI data handling discussion
  • Custom written terms
  • Security questionnaire support and deployment planning
Contact Security

For security questions, enterprise reviews, suspected security issues, legal requests, or privacy concerns, contact Brand Works LLC / Nexus One at security@nexusoneapp.com or Byronguerrero@brandworks.app.

Please include your name, business name, account email, description of the concern, and any relevant screenshots, logs, timestamps, or affected systems.

Need a Security Review Before Deployment?

Enterprise customers can request our security overview, Data Processing Addendum, subprocessor information, AI data handling details, and custom deployment review.