Effective date: 1 May 2025
We collect: (a) Account data — name, email address, and authentication provider when you sign up; (b) Usage data — pipeline inputs, generated outputs, and quota usage to provide the Service; (c) Payment data — order IDs and plan status (we never store full card numbers; payments are processed by Razorpay); (d) Technical data — IP address, browser type, and access logs for security and abuse prevention.
We use your data to: provide and improve the Service; send transactional emails (account confirmation, payment receipts, plan changes); detect and prevent abuse; comply with legal obligations. We do not use your pipeline inputs for AI training without your explicit consent.
We do not sell your personal data. We share data only with: (a) Infrastructure providers (Vercel, Neon/PostgreSQL, Upstash Redis) necessary to run the Service; (b) Resend for transactional email delivery; (c) Anthropic for AI inference (your prompts are processed per Anthropic's data policies); (d) Razorpay for payment processing; (e) Law enforcement when required by valid legal process.
Account data is retained while your account is active and for 90 days after deletion. Pipeline outputs are stored for 30 days and then purged unless you export or save them. Payment records are retained for 7 years for tax and compliance purposes.
You have the right to: access your personal data; correct inaccurate data; delete your account and associated data; export your data in machine-readable format; opt out of non-essential data processing. To exercise these rights, email support@nexus-os.ai.
We use strictly necessary cookies for session authentication (NextAuth session token). We do not use advertising or tracking cookies. We do not use third-party analytics services that track you across sites.
We use industry-standard measures: TLS in transit, encrypted storage at rest, access controls, and regular security audits. No method of transmission or storage is 100% secure. We will notify you promptly in the event of a data breach affecting your personal data.
The Service is not directed to children under 16. We do not knowingly collect data from children. If you believe a child has provided us with personal data, contact us and we will delete it.
We may update this policy. We will notify you by email or in-app notice at least 14 days before material changes take effect.
For privacy questions or to exercise your rights: support@nexus-os.ai