Privacy Policy

NimbusBrain ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, who we share it with, and what rights you have regarding your data. By using NimbusBrain, you agree to the practices described in this policy.

We collect the following categories of information:

Account information — When you sign up, Clerk (our authentication provider) collects and manages your name, email address, and — if you use social login — tokens from your OAuth provider (e.g., GitHub or Google). We store a Clerk user ID to associate your account with your data.

Workspace content — Everything you create within NimbusBrain: projects, tasks, notes, decisions, knowledge entries, milestones, and AI memory entries.

AI conversation history — Your chat session titles, selected mode (Planner, Researcher, Code, Writer, Analyst), context scope, and the full content of all messages you exchange with the AI assistant.

Billing information — Your subscription plan, subscription status, billing period end date, and customer/subscription identifiers provided by LemonSqueezy. We do not store or process your payment card details — those are handled entirely by LemonSqueezy.

Usage metadata — The timestamp and count of AI messages sent, used to enforce plan rate limits.

We use your information to:

• Provide, operate, and improve the Service. • Power the AI assistant by injecting your workspace data (projects, tasks, notes, decisions, AI memories) as context when processing your queries. • Enforce plan limits (message counts, project caps). • Manage your subscription and process billing events through LemonSqueezy. • Respond to support requests and communicate service updates.

We do not use your content for advertising, and we do not build advertising profiles from your data.

We do not sell your personal data. We share your information only with the following third-party service providers, and only as necessary to operate the Service:

• Clerk — Authentication and identity management. Clerk stores your name, email, and OAuth provider tokens. Clerk's privacy policy applies to data processed by Clerk.

• Neon — Serverless PostgreSQL database provider. All workspace content, chat history, and account metadata is stored in Neon-hosted databases.

• Vercel — Hosting and infrastructure for the NimbusBrain application.

• LemonSqueezy — Payment processing and subscription management. LemonSqueezy handles all payment card data; we only receive subscription status and customer identifiers.

• OpenAI — AI language model provider. When you send a message to the AI assistant, your message and relevant workspace context are transmitted to OpenAI's API for processing. OpenAI's privacy policy and data usage terms apply to data processed by OpenAI. We do not send your data to OpenAI for model training.

All providers are bound by their own privacy policies and applicable data protection laws.

Pro and Pro+ subscribers have access to AI Memory — a feature that allows the AI assistant to retain key insights about your projects across sessions. AI memory entries are stored in our database and are used solely to provide you with more relevant AI responses. Free plan users do not have AI memory enabled.

We retain your data for as long as your account is active. When you delete content within the app (e.g., a project or task), it is soft-deleted — marked with a deletion timestamp but not immediately purged. Soft-deleted records are periodically removed from our database.

When you delete your account, we will permanently delete your workspace content, AI conversation history, and account metadata. Residual copies may remain in database backups for a limited period before they are overwritten.

We implement reasonable technical and organizational measures to protect your data, including secure connections (HTTPS), authentication via Clerk, and access controls on our database. However, no system is completely secure, and we cannot guarantee absolute security. Please notify us immediately at support@nimbusbrain.app if you believe your account has been compromised.

You have the following rights regarding your personal data:

• Access — Request a copy of the data we hold about you. • Correction — Request correction of inaccurate data. • Deletion — Request deletion of your account and associated data. • Portability — Request an export of your workspace content.

To exercise any of these rights, contact us at support@nimbusbrain.app. We will respond within a reasonable timeframe.

NimbusBrain is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will delete it.

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

If you have any questions or concerns about this Privacy Policy or how we handle your data, contact us at support@nimbusbrain.app.