Politica de Confidențialitate

At Nervus.io, we believe your personal data deserves the same care you put into organizing your life. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

By using Nervus.io, you agree to the collection and use of information as described in this policy. We will never sell your personal data.

Nervus.io is a personal productivity platform that uses artificial intelligence to help you plan, track, and achieve your goals. We are committed to transparency about our data practices.

We use the data we collect for the following purposes:

• Provide the service — deliver core features like hierarchy management, focus sessions, reviews, and calendar integration.
• AI-powered features — generate personalized suggestions, weekly reviews, coaching insights, and task recommendations based on your content.
• Communications — send essential service emails (password reset, billing confirmations) and optional product updates you can unsubscribe from at any time.
• Error tracking — identify and fix bugs to keep the platform stable and reliable.
• Analytics — understand aggregate usage patterns to prioritize features and improve the user experience. We use privacy-friendly analytics (PostHog, self-hosted where possible).

We never sell, rent, or trade your personal information to third parties for marketing purposes.

We take the security of your data seriously and employ industry-standard measures:

• Database — hosted on Supabase (PostgreSQL) with encryption at rest and in transit.
• File storage — uploaded files are stored in Supabase Storage with access controls tied to your account.
• Encryption — all data transmitted between your browser and our servers is encrypted via TLS 1.3.
• Row Level Security — every database query is scoped to your user ID through PostgreSQL Row Level Security policies, ensuring you can only access your own data.

Nervus.io uses third-party AI providers (OpenAI, Anthropic, Google) to power intelligent features. Here is how we handle your data in the context of AI:

• Your content is sent to AI providers only when you actively use AI features (e.g., generating a weekly review, asking the AI coach a question).
• We send only the minimum context necessary for each AI request — not your entire account data.
• AI providers process your data according to their API data usage policies, which prohibit using API inputs for model training.
• AI-generated content (suggestions, reviews, insights) is stored in your account and treated with the same privacy protections as content you create manually.

We use the following third-party services to operate Nervus.io:

You have the following rights regarding your personal data:

• Access — request a copy of all personal data we hold about you.
• Correction — update or correct inaccurate personal information.
• Deletion — request permanent deletion of your account and all associated data.
• Portability — export your data in a standard, machine-readable format.
• Withdraw consent — opt out of optional data processing (e.g., analytics) at any time.

To exercise any of these rights, contact us at privacy@nervus.io.

Nervus.io uses a minimal number of cookies to operate:

• Essential cookies — authentication session tokens required for the service to function. These cannot be disabled.
• Analytics cookies — anonymous usage tracking via PostHog. You can opt out in your account settings.

We do not use advertising cookies or cross-site tracking pixels. We do not participate in ad networks.

• Active accounts — your data is retained for as long as your account is active.
• Deleted accounts — all personal data is permanently deleted within 30 days of account deletion.
• Backups — encrypted database backups are retained for up to 7 days and then automatically purged.
• Legal obligations — certain records (e.g., billing history) may be retained longer as required by applicable law.

Nervus.io is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us at privacy@nervus.io.

Your data may be processed in countries other than your country of residence, including the United States and the European Union. We ensure appropriate safeguards are in place, including standard contractual clauses where applicable, to protect your data in accordance with this policy.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you via email or a prominent notice within the service.

The "Effective date" at the top of this page indicates when the policy was last revised. Your continued use of the service after changes are posted constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or our data practices, please reach out: