Legal

Privacy Policy

Effective Date: April 19, 2026 · Last Updated: April 19, 2026

At Nexus Designs AI, we take your privacy seriously. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information. We believe in being direct and clear — no unnecessary jargon.

Contents

Information We Collect
How We Use Your Information
How We Store and Protect Your Data
Who We Share Data With
Data Retention
Your Rights and Choices
Cookies and Tracking
Children's Privacy
Changes to This Policy
Contact Us

1. Information We Collect

Information You Provide

Data Type	Examples	When Collected
Account information	Name, email address, company name, city, state	During registration
Payment information	Credit card details, billing address	At checkout — processed by Stripe, not stored by us
Project data	Chat messages, uploaded documents, scopes of work, budgets	During platform use
Labor and pricing settings	Labor rates, margin minimums set by office managers	In Office Settings
Communications	Emails you send to our support address	When you contact us

Information Collected Automatically

Data Type	Purpose
Login timestamps	Account security and activity monitoring
Feature usage	Which modes are used (SOW, Budget, etc.) for product improvement
Error logs	Diagnosing and fixing technical issues

We do not collect precise geolocation data, biometric data, or any sensitive personal information beyond what is listed above.

2. How We Use Your Information

We use the information we collect for the following purposes:

Providing the Service — Processing your account, delivering AI-generated outputs, storing your projects
Processing payments — Handling subscriptions and one-time purchases through Stripe
Account management — Sending account confirmations, password resets, and billing notifications
Team management — Enabling office managers to invite and manage team members under Retainer plans
AI personalization — Using your office labor rate and margin settings to tailor budget outputs
Service improvements — Analyzing anonymized usage patterns to improve platform features
Legal compliance — Meeting applicable legal obligations and enforcing our Terms of Service

We do not sell your data. We do not use your project data to train AI models shared with other customers. Your project information is used solely to provide the Service to you.

3. How We Store and Protect Your Data

Your data is stored in a managed PostgreSQL database hosted on Render.com, a SOC 2 compliant infrastructure provider. We implement the following security measures:

All data transmitted between your browser and our servers is encrypted via TLS/SSL
Passwords are hashed using bcrypt with a minimum cost factor of 10 — we never store plain-text passwords
Authentication uses JSON Web Tokens (JWT) with expiration limits
The database is not publicly accessible — only our application server can connect to it
Team data is firewalled — office users can only access their own projects, not other team members' data

While we take security seriously and implement industry-standard practices, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

4. Who We Share Data With

We do not sell, rent, or trade your personal information. We share data only with the following trusted service providers who help us operate the platform:

Service Provider	Purpose	Data Shared
Stripe	Payment processing	Name, email, payment details (Stripe handles and stores all payment data — we do not store card numbers)
Anthropic (Claude API)	AI chat processing	Chat messages are processed by Claude API. Anthropic's data handling policies apply to API usage.
OpenAI (GPT-4o API)	Partner Finder AI processing	Chat messages for the Partner Finder feature are processed by OpenAI's API.
Resend	Transactional email delivery	Email address and message content for account notifications
Render.com	Cloud hosting and database	All application data is stored on Render's infrastructure

We may also disclose information if required by law, court order, or to protect the rights, property, or safety of our users or the public.

5. Data Retention

Active Accounts

We retain your account data and project history for as long as your account is active. You can request deletion at any time.

Retainer Plan Cancellation

Upon cancellation of a Retainer subscription, your data is retained for 90 days before permanent deletion. You may download your data at any time during this window.

Single Project Plans — 24-Month Policy

Project files for Single Project purchases are stored for 24 months from the date of purchase. You will receive a 30-day warning email before archiving. After archiving:

Your data is moved to cold storage and is no longer immediately accessible
Retrieval is available for a fee within an additional 12-month window
After 36 months total, data is permanently deleted
You may download your full project history at any time before archiving at no charge

Deleted Accounts

When you request account deletion, we permanently delete your personal data within 30 days. Some information may be retained in anonymized form for legal compliance or aggregate analytics.

6. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal data:

Access — Request a copy of the personal data we hold about you
Correction — Request correction of inaccurate or incomplete data
Deletion — Request deletion of your account and associated data
Portability — Request your project data in a downloadable format
Opt-out of marketing — Unsubscribe from any non-transactional communications at any time

To exercise any of these rights, contact us at nexusdesignsai@gmail.com. We will respond within 30 days.

Note: We will always send transactional emails (account confirmations, billing receipts, password resets, archive warnings) regardless of marketing opt-out preferences, as these are essential to the Service.

7. Cookies and Tracking

We use minimal cookies and tracking:

Session tokens — Stored in your browser's sessionStorage to keep you logged in during a session. These are cleared when you close your browser or sign out.
No third-party advertising cookies — We do not use advertising networks, retargeting pixels, or behavioral tracking tools.
No Google Analytics — We do not use Google Analytics or similar third-party analytics services on the platform.

The landing page (nexusdesigns-avls.com) does not use tracking cookies. The application (nexusdesigns-avls.com/app) uses only functional session tokens necessary to operate the Service.

8. Children's Privacy

Nexus Designs AI is a professional platform intended for users 18 years of age and older. We do not knowingly collect personal information from anyone under 18. If you believe we have inadvertently collected information from a minor, please contact us immediately at nexusdesignsai@gmail.com and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. When we make material changes, we will:

Update the "Last Updated" date at the top of this page
Send an email notification to registered users
Display a notice within the platform for 30 days after the change

Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Nexus Designs AI
Email: nexusdesignsai@gmail.com
Website: nexusdesigns-avls.com

We are committed to resolving privacy concerns promptly and transparently.