Log inGet started

Trust

Trust & security

This page summarizes how NextGen approaches access control and data stewardship at a high level. It supports internal reviews, procurement questionnaires, and conversations with IT—not a substitute for your legal agreements or a full technical security white paper.

Introduction

NextGen is delivered as a software-as-a-service web application. Protecting customer data and ensuring only authorized users can access the right workzones, frames, and administrative functions is central to the product design.

Specific security controls, subprocessors, certifications, and contractual commitments belong in your order form, data processing addendum, and any vendor security documentation your organization maintains.

Identity and authentication

Users authenticate with credentials issued during registration or invitation. Sessions are intended to bind a user’s actions to their identity so audit and accountability remain meaningful across frames and administration.

If your organization later integrates single sign-on or additional identity providers, those details will be governed by your deployment and contract—not this overview.

Authorization and roles

Access within the application is role-aware. Typical distinctions include separation between everyday frame contributors, frame-level roles (such as owner or editor), and organization administrators who manage users and settings.

The principle of least privilege applies: grant the minimum role necessary for a person’s responsibilities, and elevate access only when required. Administrative capabilities should be limited to a small, accountable set of users.

Data handling

Customer content—including items, column values, comments, and attachments stored through the product—should be treated as confidential business data. Retention, backup, export, and deletion expectations depend on your subscription tier and the terms you agree to.

For regulated industries, complete your own risk assessment and map NextGen’s processing to your policies. Do not rely on this marketing summary alone for compliance decisions.

Availability and operations

Like any cloud service, NextGen depends on infrastructure and scheduled maintenance. Uptime targets, incident communication, and support response times should be defined in your service agreement or support plan—not inferred from this page.

Enterprise reviews

For vendor security questionnaires, provide your standard security pack, penetration test summaries, and subprocessors list under NDA as appropriate. This overview is intended to align stakeholders on product intent; it does not replace questionnaire answers or contractual commitments.

For a product-focused walkthrough, see How it works. For implementation guidance, see Getting started.

Evaluate NextGen with your team.

Get startedLog in