NexusChat
Back to Home

Legal

Privacy Policy

Effective date: March 22, 2026

NexusChat (“we,” “us,” or “our”) operates the website at https://nexuschat.prateekhacks.in and the NexusChat SaaS platform (the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

Section 01

Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Email address
  • Full name (if provided)
  • Authentication credentials (managed securely by Supabase Auth)
  • OAuth profile data if you sign in via Google or GitHub

1.2 Billing Information

Payment processing is handled entirely by LemonSqueezy (which uses Stripe as its payment processor). We do not store credit card numbers, bank account details, or full payment instrument data on our servers. We receive only:

  • Subscription status and plan tier
  • LemonSqueezy subscription and customer identifiers
  • Transaction timestamps

1.3 Business Content You Upload

When you use the Service, you may upload documents, FAQs, product information, and other business content (“Training Data”) to train your AI chatbot. This data is stored in our database and used solely to generate responses for your chatbot widget.

1.4 End-User Conversation Data

When visitors interact with chatbot widgets deployed on your website, we collect:

  • Conversation messages and timestamps
  • Session identifiers (anonymous, not personally identifiable)
  • Lead capture information (name and email) if voluntarily provided by the visitor

1.5 Automatically Collected Information

  • IP addresses (for rate limiting and security; not stored long-term)
  • Browser type and device information (via standard HTTP headers)
  • Pages visited and feature usage patterns

Section 02

How We Use Your Information

We use the collected information to:

  • Provide, maintain, and improve the Service
  • Process subscriptions and manage billing
  • Train and operate AI chatbots using your uploaded content
  • Send transactional emails (account verification, password resets, billing notifications)
  • Monitor for abuse, fraud, and security threats
  • Enforce our Terms of Service
  • Comply with legal obligations

Section 03

Data Sharing and Third Parties

We share data only with the following categories of service providers:

Supabase

Database hosting, authentication, and file storage

LemonSqueezy / Stripe

Payment processing

Groq

AI inference for chatbot responses

Vercel

Application hosting and edge functions

We do not sell, rent, or trade your personal information to third parties for marketing purposes. We may disclose information if required by law, court order, or governmental regulation.

Section 04

Data Retention

Active accounts

Data is retained for the duration of your account.

Deleted accounts

When you delete your account, all personal data, chatbot configurations, documents, conversations, and leads are permanently deleted. We retain only a minimal audit record (email, account statistics) for fraud prevention and business analytics.

Conversation data

Retained for the duration of the client account that owns the chatbot. End-users may request deletion through the chatbot operator (you).

Section 05

Data Security

We implement industry-standard security measures including:

  • TLS/SSL encryption for all data in transit
  • Row-Level Security (RLS) policies ensuring data isolation between accounts
  • HMAC signature verification for webhook endpoints
  • Secure authentication via Supabase Auth with bcrypt password hashing
  • Rate limiting on public API endpoints
  • Security headers (X-Content-Type-Options, X-Frame-Options, Referrer-Policy, Permissions-Policy)

Section 06

Your Rights (GDPR and International Users)

If you are located in the European Economic Area (EEA), United Kingdom, or similar jurisdiction, you have the right to:

Access

Request a copy of your personal data

Rectification

Correct inaccurate personal data

Erasure

Delete your account and all associated data (available in Settings > Danger Zone)

Portability

Export your data in a structured format

Restriction

Limit how we process your data

Objection

Object to processing based on legitimate interests

To exercise these rights, contact us at privacy@nexuschat.prateekhacks.in.

Section 07

Cookies and Tracking

We use essential cookies only for authentication session management (Supabase Auth tokens). We do not use third-party tracking cookies, advertising pixels, or analytics services that track individual users across websites.

Section 08

Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

Section 09

International Data Transfers

Your data may be processed in countries other than your own, including the United States (where our infrastructure providers operate). By using the Service, you consent to such transfers. We ensure appropriate safeguards are in place through our service providers' data processing agreements and compliance certifications.

Section 10

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the “Effective date” above. Your continued use of the Service after changes constitutes acceptance of the revised policy.

Section 11

Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

Emailprivacy@nexuschat.prateekhacks.in
Webhttps://nexuschat.prateekhacks.in