1. Who we are
Nexus is a business automation marketplace that helps businesses discover, preview, buy, request, and set up automation products for recurring business problems. The platform includes marketplace listings, custom requests, buyer accounts, developer profiles, product reviews, checkout flows, messaging, admin review, and guided setup workflows.
In this Privacy Policy, "Nexus," "Nexus," "we," "us," or "our" refers to the operator of the Nexus website and marketplace.
This policy is written for launch readiness, but it should still be reviewed by a qualified legal professional, especially for payments, developer revenue share, and data processing obligations.
2. Scope of this policy
This Privacy Policy applies to personal information processed through:
- The Nexus website and marketplace.
- Marketplace product browsing, preview, checkout, and setup preparation.
- Contact forms and custom automation request forms.
- Developer waitlist and developer profile forms.
- Admin-managed reviews and public developer/operator profiles.
- Buyer accounts, developer accounts, payments, messages, and guided setup flows.
This policy does not apply to third-party websites, tools, payment pages, or external services that have their own privacy policies.
3. Personal information we collect
We collect information you provide directly, information generated through your use of the platform, and information needed to operate the marketplace.
| Category | Examples | Source |
|---|---|---|
| Contact details | Name, email address, company name, website, phone number, message content. | Contact forms, checkout forms, setup forms, developer waitlist forms. |
| Business information | Company type, workflow needs, setup notes, automation requirements, integration needs. | Forms, custom automation requests, guided install requests. |
| Developer/operator information | Display name, handle, bio, skills, website, support email, banner image, profile details. | Developer profile setup and admin profile management. |
| Marketplace activity | Product viewed, checkout intent, selected setup method, selected customization, submitted requests. | Marketplace, checkout, and setup flows. |
| Review information | Reviewer name, company, role, rating, review text, product or developer reviewed. | Buyer review forms, developer review forms, and admin review management. |
| Technical information | IP address, browser type, device type, pages visited, approximate location, cookies, logs. | Hosting, analytics, security, and infrastructure providers. |
| Payment information | Payment status, transaction reference, billing details, purchase details. | Checkout, payment provider records, invoices, orders, refunds, and billing support. Card data should be handled by the payment provider, not stored by Nexus. |
4. How we use personal information
We use personal information to operate Nexus, provide marketplace functionality, respond to requests, prepare automation setup, and improve the platform.
- To operate, maintain, and improve the Nexus website and marketplace.
- To display marketplace products, developer profiles, reviews, and setup options.
- To respond to contact messages, business inquiries, and custom automation requests.
- To manage developer waitlist submissions and developer onboarding.
- To save checkout, order, setup, and custom request records.
- To process purchases, invoices, refunds, and payment confirmations.
- To prepare self-serve setup or Nexus guided setup requests.
- To prevent fraud, spam, abuse, unauthorized access, and security issues.
- To comply with legal, tax, accounting, and regulatory obligations.
- To analyze usage and improve product quality, marketplace trust, and user experience.
5. Legal bases for processing
Depending on your location and the type of data involved, we may rely on one or more legal bases to process personal information:
| Legal basis | When it may apply |
|---|---|
| Contract or pre-contract steps | When you request a product, checkout, guided setup, or marketplace service. |
| Legitimate interests | Operating the marketplace, improving products, preventing abuse, responding to business inquiries. |
| Consent | Marketing emails, optional cookies, waitlist updates, or optional information you choose to provide. |
| Legal obligation | Tax, accounting, regulatory, payment, security, and compliance recordkeeping. |
6. Automation setup and customer data
Some automations may require customers to provide business data, account access, API keys, files, knowledge base content, or integration details. Nexus collects setup information, guided setup requests, messages, and dashboard records needed to help configure and support products.
If an automation requires access to customer systems, we will aim to request only the data needed to configure and run that automation. Customers should not submit highly sensitive data unless it is necessary for the automation and the setup path clearly explains how it will be handled.
Do not ask customers to paste passwords, unrestricted API keys, private customer databases, payment card numbers, health records, government IDs, or other sensitive data unless you have proper security, contracts, access controls, and a clear business need.
7. How we share information
We do not sell personal information. We may share personal information only when needed to operate Nexus, provide services, process payments, support automations, comply with law, or protect the platform.
- Service providers: hosting, database, authentication, email, analytics, payment, security, and infrastructure providers.
- Payment processors: Stripe or another payment provider when payments are enabled.
- Automation providers or developers: only when needed to provide support, setup, or operate a product, and only according to the product setup model.
- Legal and safety reasons: when required by law, legal process, fraud prevention, security investigation, or enforcement of platform terms.
- Business transfers: if Nexus is involved in a merger, acquisition, financing, reorganization, or sale of assets.
Developers should not directly receive customer data through the public marketplace unless Nexus routes a support or setup request to them or the product setup path clearly explains developer involvement.
8. Payments and billing
Nexus uses or may use Stripe or another trusted payment provider for checkout and payments. Payment details are processed directly by the payment provider. Nexus should not store full payment card numbers on its own servers.
We may store payment status, product purchased, customer name, email, company name, billing reference, invoice information, and order history where needed for support, tax, fraud prevention, and accounting.
9. Cookies and similar technologies
We may use cookies, local storage, and similar technologies to operate the website, remember preferences, support authentication, improve security, and understand website performance.
For example, Nexus may use local storage to remember currency preferences such as USD or THB. If analytics, advertising pixels, or non-essential tracking tools are used, Nexus should provide a cookie banner or consent system where required by law.
Essential cookies and local storage may be used for login, preferences, checkout, security, and basic platform operation. Non-essential analytics or advertising tools should only be added with the right consent and disclosure controls.
10. Data retention
We keep personal information only for as long as reasonably necessary for the purposes described in this policy, unless a longer retention period is required or permitted by law.
| Data type | Suggested retention |
|---|---|
| Contact messages | Up to 24 months after last interaction, unless needed for business records. |
| Developer waitlist submissions | Until developer onboarding closes, the applicant requests deletion, or the data is no longer needed. |
| Checkout preparation records | Up to 24 months, or longer if connected to an order, dispute, tax, or accounting record. |
| Order and payment records | As required for tax, accounting, fraud prevention, and legal obligations. |
| Admin-managed reviews | Until removed, hidden, replaced, or no longer relevant. |
| Technical logs | Usually short-term unless needed for security, debugging, abuse prevention, or legal reasons. |
11. Security
We use reasonable technical, administrative, and organizational measures designed to protect personal information from unauthorized access, loss, misuse, alteration, or disclosure.
These measures may include access controls, role-based admin access, Supabase Row Level Security, password-protected admin areas, HTTPS hosting, limited internal access, secure payment processors, and monitoring for errors or unauthorized activity.
No method of transmission or storage is completely secure. Users should avoid sending unnecessary sensitive data through contact forms, setup notes, or public-facing forms.
12. International data transfers
Nexus may use service providers located in different countries. This means personal information may be processed or stored outside your country of residence. Where required, we will use appropriate safeguards for international transfers, such as contractual protections or service provider data processing terms.
13. Your privacy rights
Depending on your location, you may have rights over your personal information, including the right to:
- Request access to the personal information we hold about you.
- Request correction of inaccurate or incomplete information.
- Request deletion of personal information where legally permitted.
- Object to or restrict certain processing.
- Withdraw consent where processing is based on consent.
- Request a copy of your data in a portable format where applicable.
- Complain to a data protection authority where applicable.
To make a privacy request, contact us using the details in the Contact section below. We may need to verify your identity before fulfilling a request.
14. Children's privacy
Nexus is intended for business users and is not directed to children. We do not knowingly collect personal information from children. If you believe a child has provided personal information to Nexus, contact us and we will take reasonable steps to delete it.
15. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. When we make changes, we will update the "Last updated" date at the top of this page. If changes are material, we may provide additional notice through the website or by email where appropriate.
16. Contact us
If you have questions about this Privacy Policy, want to exercise privacy rights, or want to ask how Nexus handles data, contact us:
Privacy contact details, payment handling, developer payout terms, and hosted automation data handling should be reviewed whenever Nexus changes how the platform operates.