Privacy Policy

Last updated: November 14, 2024

1. Introduction

Welcome to Nudger ("Nudger", "we", "our," or "us"). We are committed to protecting your privacy and handling your data in an open and transparent manner. This privacy policy explains how we collect, use, share, and protect your personal information.

If you do not agree to our use of your personal data in line with this policy, please do not use the Nudger Services.

2. Information We Collect

We adhere to the principle of data minimization, collecting only the information necessary to provide our services. We collect the following types of information:

  • Personal Information: Email address, Google user profile info, and ID (if Google account is used). These are used for log-in, sign-up, and sending email updates.
  • User-Provided Information: Username and optional profile photo.
  • Project-Related Data: Project descriptions, uploaded documents, tasks, subtasks, due dates, subtask statuses, changes made on roadmaps.
  • Usage Data: Information collected by our authentication service provider, Clerk, which may include registration data, IP addresses, and other standard data required for security services.
  • Analytical Data (GTM and GA4): We use Google Tag Manager (GTM) and Google Analytics 4 (GA4) to gather insights into website performance, user behavior, and interaction patterns. This includes information like page views, clicks, session duration, and aggregated usage data. This data is anonymized and does not directly identify individual users.

3. How We Use Your Information

We use your information for the following purposes:

  • To provide and maintain our service.
  • To notify you about changes to our service.
  • To allow you to participate in interactive features of our service when you choose to do so.
  • To provide customer support.
  • To gather analysis or valuable information so that we can improve our service.
  • To monitor the usage of our service, including aggregated data insights from GTM and GA4.
  • To detect, prevent, and address technical issues.

4. Data Storage and Retention

Your data is stored in Supabase, Inc.'s database and is retained as long as reasonably necessary unless you delete the related Project or your user account. Upon deletion, associated data will also be deleted.

Retention Periods: We store:

  • Account and Project-Related Data: As long as your account is active. Upon account deletion, all project data is deleted immediately.
  • Usage and Log Data: Retained for a maximum of 1 month after account deletion for security purposes, after which it is permanently deleted.

5. Sharing of Data

We do not share your personal data with third parties except in the following cases:

  • AI Data Processing: User input related to AI generation is sent to OpenAI or Anthropic's Claude AI to generate requested answers. Both providers comply with strict data protection standards, including GDPR, for data processing. For more on how your data is handled, see Claude's Privacy Policy and OpenAI's Privacy Policy.
  • Authentication Service: Authentication and authorization data is shared with Clerk, our authentication service provider, which also adheres to GDPR and other applicable laws. For details, see Clerk's Privacy Policy.
  • Analytical Data Sharing: Google Tag Manager (GTM) and Google Analytics 4 (GA4) may collect anonymized data on user interactions for analytical purposes. For more, refer to Google's Privacy Policy.
  • Email Service: Your personal email and username is shared with Resend to send service updates and marketing emails. Resend also adheres to GDPR and other applicable laws. For details, see Resend's Privacy Policy.
  • We may also share data if required by law or to protect our rights or the rights of others.

6. User Rights

Under data protection laws, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information. You have the right to:

  • Delete your account at any time.
  • Access your personal data.
  • Rectify inaccurate personal data.
  • Request the erasure of your personal data.
  • Object to processing of your personal data.
  • Request restriction of processing your personal data.
  • Data Portability: Receive a copy of your personal data in a structured, commonly used, and machine-readable format.

To exercise any of these rights, please contact us at getnudger@gmail.com.

Upon account deletion, all your data will be deleted immediately, except for small amounts of data (e.g., registration IP and email) retained for security for 1 month before deletion.

7. Data Security

We implement appropriate technical and organizational measures to maintain the security of your personal information, including:

  • Private user data that is inaccessible to other users or non-users.
  • Middleware authentication to protect user-specific information.
  • Secure API access through Clerk's middleware and authentication.
  • Regular security audits and updates.

8. Cookies

We use cookies and similar tracking technologies to enhance functionality and gather anonymized interaction data. We obtain user consent where required. Our cookies include:

  • Clerk's Authentication Cookies: Used to authenticate users without containing personal information.
  • GTM and GA4 Tracking Cookies: Used to anonymously track user interactions with our site.

For more on cookies and how to control them, refer to the privacy policies of Clerk and Google.

9. Children's Privacy

Our service is not intended for use by children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information as quickly as possible.

10. International Data Transfers

While we do not transfer your personal data outside the country where our servers are located, OpenAI and Anthropic may process AI-related data in various locations. Similarly Resend(Email Service Provider) and Clerk(Authentication Provider) may process your data in various locations. We ensure these providers adhere to GDPR-equivalent standards to maintain data protection regardless of processing location.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by sending an email to the address you have provided and by posting the new Privacy Policy on this page. Notifications will be provided before changes become effective, and the "last updated" date at the top of this policy will be revised.

12. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and the relevant supervisory authority (if required) without undue delay and within the timeframe specified by applicable law. We will provide information on the nature of the breach, likely consequences, and measures taken or proposed to address the breach.

13. AI Usage

Our service utilizes AI technologies provided by OpenAI and Anthropic to generate content based on your input. When you use these AI features:

  • Your input is sent securely to the AI provider, who complies with GDPR standards or equivalent protections.
  • We do not retain user interactions with the AI beyond the requested service. We use this data only to provide requested content unless stated otherwise.

14. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: getnudger@gmail.com

15. Compliance

We strive to comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). If you are a resident of the European Economic Area (EEA) or California, you may have additional rights under these laws.