Privacy Policy
Effective Date: March 25, 2026 · Last Updated: March 25, 2026
NudgeBot (“we,” “us,” or “our”) operates the website https://nudgebot.xyz and the NudgeBot application (collectively, the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By accessing or using the Service, you agree to the practices described in this policy.
1. Information We Collect
1.1 Account & User Data
When you create an account or connect your workspace, we collect:
- Full name and email address
- Slack User IDs and Slack Team IDs
- External Project Management account identifiers (e.g., Jira Account ID, Asana User GID, Linear User ID, Trello Member ID, Notion User ID)
1.2 Workspace & Channel Data
We collect Slack Channel IDs, Channel Names, and Team IDs to configure which channels the Service monitors.
1.3 Content Data
We read Slack messages in your monitored channels solely to detect task-related updates (e.g., “done,” “merged,” “completed”). We do not permanently store the full content of Slack messages. We store only:
- Brief excerpts or summaries used to generate signals (task-completion detections)
- Task titles and task IDs from connected Project Management tools
1.4 Billing Data
All payment processing is handled by Stripe. We do not store raw credit card numbers, bank account details, or other sensitive financial information on our servers. We retain only Stripe Customer IDs and Subscription IDs to manage your billing relationship.
1.5 Automatically Collected Data
We may collect standard log data such as IP addresses, browser types, and access timestamps when you interact with our website. This data is used for security, analytics, and improving the Service.
2. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain the Service
- Detect task completions in Slack messages and sync updates to your connected PM tools
- Manage your account, subscriptions, and billing
- Communicate with you about service updates, security alerts, and support
- Improve, personalize, and develop new features
- Comply with legal obligations
3. Third-Party Service Providers
We share your data with the following third-party processors, each of which has its own privacy policy:
| Provider | Purpose |
|---|---|
| Supabase | Database hosting and user authentication |
| Stripe | Payment processing and subscription management |
| Anthropic (Claude) | AI natural language processing to analyze Slack messages for task signals |
| DigitalOcean | Application hosting and infrastructure |
| Slack | Workspace integration (OAuth, Events API, message reading) |
| Asana, Trello, Jira, Notion, Linear | Project Management tool integrations via OAuth |
We do not sell your personal data to third parties. We share data only as necessary for these processors to perform their functions on our behalf.
4. Data Retention
We retain your personal data for as long as your account is active or as needed to provide the Service. When you delete your account or disconnect your workspace, we will delete or anonymize your data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., billing records, legal disputes).
5. Data Security
We implement industry-standard security measures to protect your data, including encryption in transit (TLS/HTTPS), encrypted storage, OAuth token management with automatic refresh, and access controls. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.
6. Your Rights
6.1 General Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Delete your personal data (“right to be forgotten”)
- Export your data in a portable format
- Restrict or object to certain processing activities
- Withdraw consent at any time (where processing is based on consent)
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
6.2 GDPR (European Economic Area)
If you are located in the EEA, our legal basis for processing your personal data includes: (a) performance of a contract (providing the Service), (b) legitimate interests (improving the Service, security), and (c) your consent (where applicable). You have the right to lodge a complaint with your local Data Protection Authority.
6.3 CCPA (California)
If you are a California resident, you have the right to: (a) know what personal information we collect and how it is used, (b) request deletion of your personal information, (c) opt out of the sale of personal information (we do not sell personal data), and (d) non-discrimination for exercising your privacy rights.
7. Cookies
We use essential cookies for authentication and session management. We do not use third-party advertising or tracking cookies. You can configure your browser to reject cookies, but this may affect your ability to use the Service.
8. Children’s Privacy
The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16, we will delete it promptly.
9. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) where required, to protect your data during international transfers.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the “Last Updated” date. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.
11. Contact Us
If you have questions about this Privacy Policy or our data practices, contact us at:
- Email: [email protected]
- Website: https://nudgebot.xyz