Privacy Policy

1. Who we are

nuonum.com is operated jointly by Martin Frič, Michal Búci & Táňa Poláková — an independent team based in the Slovak Republic (EU). Together we are the joint data controllers for the personal data described here.

For any privacy question, or to exercise your rights, contact us at hello@nuonum.com.

2. What data we collect

We collect only what we need to give you an account and deliver the service:

• Account data — your email address and a securely hashed password (handled by our authentication provider). We never store your password in plain text.
• Preferences — your chosen language and account settings.
• Communications — emails you send us, and our records of the transactional emails we send you (e.g. sign-up confirmation, pick alerts).
• Technical data — basic server logs (IP address, browser type, timestamps) generated automatically when you use the site, used for security and to keep the service running.

3. Why we use it (legal basis)

Under the GDPR we rely on these legal bases: performance of our contract with you (to create your account and provide the service), your consent (for optional emails and any future analytics), and our legitimate interests (to secure the platform, prevent abuse, and improve the product). You can withdraw consent at any time.

4. Who we share it with

We do not sell your data. We share it only with the service providers (sub-processors) that make nuonum work, each bound to process it on our instructions:

• Supabase — authentication and database (stores your account and preferences).
• Resend — sending transactional and notification emails.
• Vercel — hosting and content delivery for the website.
• Discord — only if you choose to join our community server (optional).
• Stripe — payment processing, used only if and when paid subscriptions are enabled.

5. Cookies

We use only strictly necessary cookies: a session cookie that keeps you signed in, and a preference cookie that remembers your language. We do not use advertising or third-party tracking cookies. If we add analytics in the future, we will ask for your consent first.

6. How long we keep it

We keep your account data for as long as your account exists. When you delete your account (or ask us to), we remove your personal data from our active systems, except where we must retain limited records to meet legal obligations. Server logs are kept only for a short period.

7. Your rights

Under the GDPR you have the right to access, correct, delete, or export your data, to restrict or object to processing, and to withdraw consent at any time. To exercise any of these, email us and we will respond within the statutory time limits.

You also have the right to lodge a complaint with your supervisory authority. In Slovakia this is the Office for Personal Data Protection (Úrad na ochranu osobných údajov SR).

8. International transfers

Some of our providers process data on servers outside the EU (for example in the United States). Where that happens, the transfer is covered by appropriate safeguards such as the EU Standard Contractual Clauses.

9. Security

We use industry-standard measures — encryption in transit, hashed passwords, and access controls — to protect your data. No system is perfectly secure, but we work to keep risks low and to act quickly if anything goes wrong.

10. Children

nuonum is not intended for anyone under 18. We do not knowingly collect data from minors.

11. Changes to this policy

We may update this policy as the service evolves. We will change the "last updated" date above and, for material changes, notify you by email or in the app.