Privacy | Nexum

Privacy Statement

1. Introduction

Welcome to Nexum ("we", "our", or "us"). We are committed to protecting your personal data and respecting your privacy in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and applicable national data protection laws.

This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and what rights you have in relation to your data.

2. Data Controller

The data controller responsible for your personal data is the operator of this Nexum application. If you have questions about how your data is processed, you may contact us via the app's recommendation feature or the email address associated with your account.

3. What Data We Collect

We collect the following categories of personal data:

Account data: Your full name and email address, provided when you register or sign in.
Goal & routine data: Goals, routines, progress records, check-ins, journal entries, mantras, and activity notes you create within the app.
Usage data: App interactions such as pages visited, features used, and engagement patterns, collected to improve the service.
Device & technical data: Browser type, operating system, and device identifiers, collected automatically when you use the app.
Preferences: Settings and customisation choices you make within the app (e.g. home page, bottom navigation, reminder preferences), stored locally on your device.

4. Legal Basis for Processing

We process your personal data on the following legal bases (Art. 6 GDPR):

Contract performance (Art. 6(1)(b)): Processing your account and goal data is necessary to provide the Nexum service you have signed up for.
Legitimate interests (Art. 6(1)(f)): We process usage and technical data to maintain security, prevent fraud, and improve app performance.
Consent (Art. 6(1)(a)): Where we request your consent for optional features (e.g. notifications), you may withdraw it at any time.

5. How We Use Your Data

Your data is used exclusively to:

Provide and operate the Nexum application and its features.
Store and synchronise your goals, routines, and progress across sessions.
Generate AI-powered insights, reviews, and suggestions (using anonymised or aggregated prompts).
Send in-app notifications and reminders you have configured.
Improve and debug the application.
Comply with legal obligations.

We do not sell your personal data to third parties.

6. Data Sharing & Third Parties

We may share data with trusted service providers who assist in operating the platform (e.g. cloud hosting, authentication, and AI services). These processors are contractually bound to process data only on our instructions and in compliance with GDPR.

We do not transfer your personal data to countries outside the European Economic Area (EEA) without appropriate safeguards (e.g. Standard Contractual Clauses).

7. Data Retention

We retain your personal data for as long as your account is active or as necessary to provide the service. You may delete your account and all associated data at any time via the Profile → Delete Account & Data option. Upon deletion, your data is permanently and irreversibly removed from our systems within 30 days.

8. Your Rights Under GDPR

As a data subject in the EU/EEA, you have the following rights:

Right of access (Art. 15): Request a copy of the personal data we hold about you.
Right to rectification (Art. 16): Correct inaccurate or incomplete personal data.
Right to erasure (Art. 17): Request deletion of your personal data ('right to be forgotten').
Right to restriction (Art. 18): Request that we restrict processing of your data under certain conditions.
Right to data portability (Art. 20): Receive your data in a structured, machine-readable format.
Right to object (Art. 21): Object to processing based on legitimate interests.
Right to withdraw consent (Art. 7(3)): Withdraw consent at any time where processing is based on consent.
Right to lodge a complaint: File a complaint with your national supervisory authority (e.g. the German Datenschutzbehörde or another EU DPA).

To exercise any of these rights, please use the in-app Recommendations feature or delete your data directly via Profile settings.

9. Cookies & Local Storage

Nexum uses browser local storage to save your preferences (such as home page, navigation settings, and reminder configuration) locally on your device. This data never leaves your device and is not transmitted to our servers. We do not use tracking cookies or third-party advertising cookies.

10. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or destruction, including encrypted data transmission (HTTPS), access controls, and regular security reviews.

11. Children's Privacy

Nexum is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any material changes will be communicated within the app. The date at the top of this page always reflects the latest revision.

If you have any questions about this Privacy Policy, please reach out via the Recommendations page

Privacy Statement

1. Introduction

Welcome to Nexum ("we", "our", or "us"). We are committed to protecting your personal data and respecting your privacy in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and applicable national data protection laws.

This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and what rights you have in relation to your data.

2. Data Controller

The data controller responsible for your personal data is the operator of this Nexum application. If you have questions about how your data is processed, you may contact us via the app's recommendation feature or the email address associated with your account.

3. What Data We Collect

We collect the following categories of personal data:

Account data: Your full name and email address, provided when you register or sign in.

Goal & routine data: Goals, routines, progress records, check-ins, journal entries, mantras, and activity notes you create within the app.

Usage data: App interactions such as pages visited, features used, and engagement patterns, collected to improve the service.

Device & technical data: Browser type, operating system, and device identifiers, collected automatically when you use the app.

Preferences: Settings and customisation choices you make within the app (e.g. home page, bottom navigation, reminder preferences), stored locally on your device.

4. Legal Basis for Processing

We process your personal data on the following legal bases (Art. 6 GDPR):

Contract performance (Art. 6(1)(b)): Processing your account and goal data is necessary to provide the Nexum service you have signed up for.

Legitimate interests (Art. 6(1)(f)): We process usage and technical data to maintain security, prevent fraud, and improve app performance.

Consent (Art. 6(1)(a)): Where we request your consent for optional features (e.g. notifications), you may withdraw it at any time.

5. How We Use Your Data

Your data is used exclusively to:

Provide and operate the Nexum application and its features.

Store and synchronise your goals, routines, and progress across sessions.

Generate AI-powered insights, reviews, and suggestions (using anonymised or aggregated prompts).

Send in-app notifications and reminders you have configured.

Improve and debug the application.

Comply with legal obligations.

We do not sell your personal data to third parties.

6. Data Sharing & Third Parties

We may share data with trusted service providers who assist in operating the platform (e.g. cloud hosting, authentication, and AI services). These processors are contractually bound to process data only on our instructions and in compliance with GDPR.

We do not transfer your personal data to countries outside the European Economic Area (EEA) without appropriate safeguards (e.g. Standard Contractual Clauses).

7. Data Retention

8. Your Rights Under GDPR

As a data subject in the EU/EEA, you have the following rights:

Right of access (Art. 15): Request a copy of the personal data we hold about you.

Right to rectification (Art. 16): Correct inaccurate or incomplete personal data.

Right to erasure (Art. 17): Request deletion of your personal data ('right to be forgotten').

Right to restriction (Art. 18): Request that we restrict processing of your data under certain conditions.

Right to data portability (Art. 20): Receive your data in a structured, machine-readable format.

Right to object (Art. 21): Object to processing based on legitimate interests.

Right to withdraw consent (Art. 7(3)): Withdraw consent at any time where processing is based on consent.

Right to lodge a complaint: File a complaint with your national supervisory authority (e.g. the German Datenschutzbehörde or another EU DPA).

To exercise any of these rights, please use the in-app Recommendations feature or delete your data directly via Profile settings.

9. Cookies & Local Storage

Nexum uses browser local storage to save your preferences (such as home page, navigation settings, and reminder configuration) locally on your device. This data never leaves your device and is not transmitted to our servers. We do not use tracking cookies or third-party advertising cookies.

10. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or destruction, including encrypted data transmission (HTTPS), access controls, and regular security reviews.

11. Children's Privacy

Nexum is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any material changes will be communicated within the app. The date at the top of this page always reflects the latest revision.

If you have any questions about this Privacy Policy, please reach out via the Recommendations page