Privacy Policy

Company Information

Name: Nuenki
Country: United Kingdom
Contact Email: [email protected]

Data We Collect

  • Email Address: Collected during signup for account creation and communication.
  • Password (Hashed): Stored securely for account authentication.
  • Payment Information: User and subscription IDs, as well as the currency used for payments via Stripe. Your full payment details are handled by Stripe and inaccessible to Nuenki.
  • Translation Data: Text sent for translation is cached anonymously on our server in Helsinki.
  • Analytics Data: Anonymised data collected via Posthog.
  • Source Log: Information about what website you came from (sourced from the HTTP referrer header and utm_source url parameter) and what page you first visit is stored when you first load Nuenki. It is anonymously sent as analytics data at that first point, and non-anonymously sent to the server when you signup - but only after agreeing to the privacy policy and terms of service. This data is stored alongside your user account in order to determine the success of various marketing sources.

Purpose of Data Collection

  • Service Provision: To provide and maintain our browser extension service.
  • Payment Processing: To manage payments and subscriptions via Stripe.
  • Service Improvement: To analyse usage patterns through Posthog and the aforementioned Source Log system in order to improve and market our service.

Legal Basis for Processing

  • Contractual Necessity: Processing is necessary for the performance of the service you have requested.
  • Legitimate Interests: We process anonymised analytics data to improve our service.
  • Consent: We rely on your consent for account creation and data processing, which can be withdrawn by deleting your account.

Data Sharing

We share data with the following third-party services:

Translation Services

Nuenki uses multiple translation services depending on the situation. The data sent for translation isn't linked to the user who requested the translation.

  • DeepL handles primary, very-low-latency translation processing. Data is handled in accordance with their privacy policy, available here.
  • Groq handles secondary, low-latency translation processing using Large Language Models. Groq's privacy policy is available to read here. Groq&aposs privacy policy includes, as of 2025-02-10, that &quotWe do not retain your data [...] Prompts and context provided via our LLM APIs are not retained.&quot and &quotWe do not train on your data&quot.
  • Amazon Bedrock handles tertiary, high-latency translation processing via the Claude 3.5 model. Amazon Bedrock has a no-logging, no-sharing, no-training policy with regards to user queries.
  • Anthropic handles quaternary, very-high-latency translation processing via the Claude 3.5 model. Anthropic's privacy policy is available to read here.

Other Services

  • Cloudflare: We utilise Cloudflare for two main purposes:
    • Content Delivery Network (CDN): All data exchanged between your device and our servers passes through Cloudflare's network. Cloudflare decrypts this data, then re-encrypts it before sending it to our servers, facilitating bot protection, DDoS protection, performance enhancements through caching, and other technical services. This data is processed in line with Cloudflare's Terms of Service and Privacy Policy. You can view their privacy policy here.
  • Posthog: Posthog collects anonymised data about website usage.
  • Stripe: Manages payment processing. Stripe handles all payment details, including storage and charging. Nuenki itself never accesses your payment information. You can view their privacy policy here.
  • Postmark: Nuenki uses Postmark to deliver password reset emails and alert developers to abnormal billing errors. You can view their privacy policy here.
  • Tuta: Nuenki uses Tuta, a privacy-focused email service, for direct correspondence. You can view their privacy policy in English here or the original German here.

International Data Transfer

All personal data processing occurs within the European Economic Area (EEA). Our servers are situated in Helsinki, Finland. Some translation services (Anthropic; Amazon Bedrock) involve transfer of translation requests to the United States. These translation requests are not associated with the user who requested them; they are anonymised. Their privacy policies are stated above.

Data Retention

  • Account Data: Kept until account deletion. Account data may persist within logs until they are automatically removed within 14 days.
  • Analytics Data: Anonymised and stored indefinitely.
  • Translation Data: Cached indefinitely, subject to change based on usage. The extensive translation cache is necessary in order to make Nuenki economically viable. Nuenki does not store who translated what; all cache entries are anonymous. Cached translations remain after account deletion - because your translations are not associated with your account, it&aposs not possible to delete them when you delete your account.

Data Security Measures

We employ robust security measures to safeguard your data, including:

  • Password Hashing: All passwords are securely hashed.
  • Secure Cloud Servers: Utilising SSH keys, firewalls, and access controls.
  • Regular Penetration Testing: Conducting routine penetration testing of our code.
  • Security-focused design: Nuenki’s technical architecture, design choices, and code have been planned and implemented with security in mind.

User Rights

  • Access and Rectification: Contact us at [email protected] to access or correct your data.
  • Erasure: You can delete your account via the website's account page, which will erase your data.
  • Consent Withdrawal: Withdraw your consent by deleting your account.

Cookies

We use the following cookies for basic functionality, not for tracking purposes. Cloudflare also uses functional cookies, as described in their documentation.

NamePurposeDuration
tokenThis is a session token that authenticates your logged-in status, ensuring you remain logged in as you navigate the site.Until logout
signup-tokenAllows you to bypass the login process once after signing up.Until used

Data Analytics

Nuenki uses Posthog in privacy-friendly (no consent required) mode. No data is stored to cookies or local storage, nor are users tracked between sessions.

Local Storage

Nuenki stores the HTTP referrer header and utm_source URL attribute in local storage, submitting the data upon user signup in order to track approximately how users are finding Nuenki. This is part of the aforementioned Source Log.

Children's Privacy

Our service isn't intended for individuals under 18. We enforce this through our Terms of Service and by requiring valid payment methods. If you believe we might hold information relating to a child you're responsible for, please contact [email protected].

Data Breach Response

In the event of a data breach, we will:

  • Contain the Breach: Immediately halt unauthorised access.
  • Assess the Impact: Determine the breach's scope.
  • Notify Affected Users: Inform users via email about the breach and steps taken.

Data Protection Officer

We do not have a designated Data Protection Officer.

Updates to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on our website.

Contact Information

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at [email protected].