Privacy Policy

1 Overview

Nudge Inc. ("Nudge," "we," "us") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

By using Nudge, you agree to the collection and use of information as described here. This policy applies to all users of the Nudge platform, website, and related services.

2 Data We Collect

Category	Examples	Source
Account Data	Name, email, password (hashed)	You, at signup
Business Profile	Business name, type, tone preference, services	You, during onboarding
Usage Data	Replies generated, pages visited, feature usage	Automatically collected
Input Content	Customer messages you paste into Nudge	You, during use
Payment Data	Billing plan, last 4 digits of card (via Stripe)	Stripe (we don't store raw card data)
Device & Log Data	IP address, browser type, OS, timestamps	Automatically collected
Cookies	Session tokens, preferences	Automatically set

3 How We Use Your Data

We use collected data to:

Provide and improve the Nudge Service
Authenticate your account and maintain security
Generate AI replies tailored to your business profile
Process payments and manage your subscription
Send transactional emails (receipts, password resets, plan alerts)
Analyze aggregate usage patterns to improve performance
Comply with legal obligations

We do not sell your personal data. We do not use your data to train AI models without explicit consent.

4 AI Processing & Third-Party Services

How AI Replies Work When you generate a reply, the customer message and your business context are sent to a third-party AI provider (currently OpenAI) via a secure server-side API call. This data is subject to OpenAI's usage policies.

We use the following third-party services that may process your data:

OpenAI — AI reply generation (input text is sent; not stored permanently by Nudge)
Stripe — Payment processing (governed by Stripe's Privacy Policy)
Cloudflare — Hosting, CDN, and security
Google — Fonts, optional Google OAuth

We recommend you avoid entering customer names, sensitive personal information, or confidential business data beyond what is necessary to generate a reply.

5 Data Sharing

We do not sell, rent, or trade your personal information. We share data only in the following limited circumstances:

Service Providers: Third-party vendors who help us operate the Service (hosting, payments, AI) under strict data processing agreements
Legal Requirements: When required by law, court order, or to protect the rights and safety of Nudge and its users
Business Transfers: In connection with a merger, acquisition, or sale of assets, with advance notice to you
With Your Consent: For any other purpose with your explicit consent

6 Data Retention

We retain your account data for as long as your account is active. After account deletion, we retain anonymized usage data for analytics and legal compliance for up to 36 months.

Reply history is stored for up to 12 months on paid plans and 30 days on free plans, after which it is automatically purged.

You may request deletion of your data at any time by contacting privacy@nudgeapp.io.

7 Security

We implement industry-standard security measures including:

Encrypted data transmission (TLS 1.3)
Hashed and salted password storage (bcrypt)
JWT-based session authentication
Regular security audits and vulnerability assessments
Cloudflare DDoS protection

No system is 100% secure. In the event of a data breach, we will notify affected users within 72 hours as required by applicable law.

8 Your Privacy Rights

Depending on your location, you may have the following rights:

Access: Request a copy of your personal data
Correction: Update inaccurate or incomplete data
Deletion: Request erasure of your personal data ("right to be forgotten")
Portability: Receive your data in a machine-readable format
Objection: Opt out of certain data processing activities
Withdraw Consent: Where processing is consent-based

To exercise any right, email privacy@nudgeapp.io. We respond to verifiable requests within 30 days.

9 Cookies

We use cookies and similar technologies to maintain your session, remember preferences, and analyze usage. See our full Cookie Policy for details on what we set and how to manage them.

10 Children's Privacy

Nudge is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will delete it promptly.

11 Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or in-app notification at least 7 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision.

12 Contact Us

Privacy questions or data requests:

Email: privacy@nudgeapp.io
General Support: support@nudgeapp.io
Address: Nudge Inc., 1209 Orange Street, Wilmington, DE 19801