Privacy Policy

We collect information you provide directly (name, email, organization details), information generated by your use of NexoFlow (drafts, published content, scheduling activity, and usage metrics), and technical information (IP address, browser type, device identifiers) collected automatically when you use our services.

We do not collect your social media passwords. Channel connections use OAuth and we store only the access tokens needed to publish on your behalf.

We use your information to provide and improve the NexoFlow service, send transactional emails (account confirmation, billing receipts), communicate product updates if you have opted in, monitor and debug service reliability, and comply with legal obligations.

We do not sell your personal data to third parties. We do not use your content to train AI models.

We share data with service providers who help us operate NexoFlow (infrastructure, email delivery, payment processing). These providers are contractually bound to use your data only to perform services for us.

We may disclose information when required by law, to protect rights and safety, or in connection with a merger or acquisition (you will be notified before data is transferred to a new entity under different privacy terms).

We retain your account data for as long as your account is active. When you delete your account, your personal data is deleted within 30 days, except where retention is required by law or legitimate business purposes (e.g., billing records).

Published content sent to third-party channels (WordPress, social platforms) is not deleted from those platforms when you delete your NexoFlow account - you must manage deletion directly with each platform.

Depending on your jurisdiction, you may have the right to access, correct, or delete your personal data; object to or restrict certain processing; and data portability. To exercise these rights, contact us at [email protected].

If you are located in the European Economic Area, you have additional rights under GDPR, including the right to lodge a complaint with a supervisory authority.

We use essential cookies to operate the service (authentication session tokens) and analytics cookies to understand aggregate usage patterns. We do not use advertising cookies. You can manage cookies through your browser settings.

We implement industry-standard security measures including encryption at rest and in transit, access controls, and regular security reviews. No system is completely secure - if you discover a vulnerability, please report it responsibly to [email protected].

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by a prominent notice on the site before they take effect. The date at the top of this page reflects the most recent update.

Questions about this Privacy Policy? Contact us at [email protected]. We will respond within 10 business days.