Privacy Policy
Company Information
Name: Nuenki
Country: United Kingdom
Contact Email: [email protected]
Data We Collect
- Email Address: Collected during signup for account creation and communication.
- Password (Hashed): Stored securely for account authentication.
- Payment Information: User and subscription IDs, as well as the currency used for payments via Stripe. Your full payment details are handled by Stripe and inaccessible to Nuenki.
- Translation Data: Text sent for translation is cached anonymously on our server in Helsinki.
- Analytics Data: Anonymised data collected via Cloudflare Analytics.
- Source Log: Information about what website you came from (sourced from the HTTP referrer header and utm_source url parameter) and what page you first visit is stored when you first load Nuenki. It is anonymously sent as analytics data at that first point, and non-anonymously sent to the server when you signup - but only after agreeing to the privacy policy and terms of service. This data is stored alongside your user account in order to determine the success of various marketing sources.
Purpose of Data Collection
- Service Provision: To provide and maintain our browser extension service.
- Payment Processing: To manage payments and subscriptions via Stripe.
- Service Improvement: To analyse usage patterns through Cloudflare Analytics.
Legal Basis for Processing
- Contractual Necessity: Processing is necessary for the performance of the service you have requested.
- Legitimate Interests: We process anonymised analytics data to improve our service.
- Consent: We rely on your consent for account creation and data processing, which can be withdrawn by deleting your account.
Data Sharing
We share data with the following third-party services:
Translation Services
Nuenki uses multiple translation services depending on the situation. The data sent for translation isn't linked to the user who requested the translation.
- DeepL handles primary, low-latency translation processing. Data is handled in accordance with their privacy policy, available here.
- Anthropic handles tertiary, very-high-latency translation processing via the Claude 3.5 model. Anthropic's privacy policy is available to read here.
Other Services
- Cloudflare: We utilise Cloudflare for two main purposes:
- Content Delivery Network (CDN): All data exchanged between your device and our servers passes through Cloudflare's network. Cloudflare decrypts this data, then re-encrypts it before sending it to our servers, facilitating bot protection, DDoS protection, performance enhancements through caching, and other technical services. This data is processed in line with Cloudflare's Terms of Service and Privacy Policy. You can view their privacy policy here.
- Analytics: We employ Cloudflare Analytics to gather anonymised data about website usage. This information helps us improve our services and doesn't include personal identifiers.
- Stripe: Manages payment processing. Stripe handles all payment details, including storage and charging. Nuenki itself never accesses your payment information. You can view their privacy policy here.
- Postmark: Nuenki uses Postmark to deliver password reset emails and alert developers to abnormal billing errors. You can view their privacy policy here.
- Tuta: Nuenki uses Tuta, a privacy-focused email service, for direct correspondence. You can view their privacy policy in English here or the original German here
International Data Transfer
All data processing occurs within the European Economic Area (EEA). Our servers are situated in Helsinki, Finland.
Data Retention
- Account Data: Kept until account deletion.
- Analytics Data: Anonymised and stored indefinitely.
- Translation Data: Cached indefinitely, subject to change based on usage.
Data Security Measures
We employ robust security measures to safeguard your data, including:
- Password Hashing: All passwords are securely hashed.
- Secure Cloud Servers: Utilising SSH keys, firewalls, and access controls.
- Regular Penetration Testing: Conducting routine penetration testing of our code.
User Rights
- Access and Rectification: Contact us at [email protected] to access or correct your data.
- Erasure: You can delete your account via the website's account page, which will erase your data.
- Consent Withdrawal: Withdraw your consent by deleting your account.
Cookies
We use the following cookies for basic functionality, not for tracking purposes. Cloudflare also uses functional cookies, as described in their documentation.
Name | Purpose | Duration |
---|
token | This is a session token that authenticates your logged-in status, ensuring you remain logged in as you navigate the site. | Until logout |
signup-token | Allows you to bypass the login process once after signing up. | Until used |
Data Analytics
Nuenki uses Posthog and Google Analytics in privacy-friendly (no consent required) mode.
Local Storage
Nuenki stores the HTTP referrer header and utm_source
URL attribute in local storage, submitting the data upon user signup in order to track approximately how users are finding Nuenki. This is part of the aforementioned Source Log.
Children's Privacy
Our service isn't intended for individuals under 18. We enforce this through our Terms of Service and by requiring valid payment methods. If you believe we might hold information relating to a child you're responsible for, please contact [email protected].
Data Breach Response
In the event of a data breach, we will:
- Contain the Breach: Immediately halt unauthorised access.
- Assess the Impact: Determine the breach's scope.
- Notify Affected Users: Inform users via email about the breach and steps taken.
Data Protection Officer
We do not have a designated Data Protection Officer.
Updates to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on our website.
Contact Information
If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at [email protected].