Privacy Policy

Last updated: May 2026

Introduction

This policy explains what personal data we collect when you use Nitid, why we collect it, who can access it, and the rights you have over it. It applies to the website nitid.app and the application accessed from it.

Data controller

The data controller is NextStride LLC, the operator of the Nitid service. For privacy matters you can reach us at info@nextstridegroup.com.

Data we collect

Account data: name, email, password (hashed), company name, country, language. Billing data: company billing details and payment method, processed by Stripe — we never see your card number. Service data: clients, employees, addresses, appointments and invoices that you enter to operate your business. Technical data: IP address and basic logs needed to keep the service secure and running.

Why we use your data

To provide the service you signed up for, bill you, send transactional emails (welcome, receipts, password reset), prevent fraud and abuse, comply with legal obligations, and improve product reliability.

Lawful basis

Performance of the contract you signed up to (account, billing, service operation). Legitimate interest (security, anti-abuse, basic product analytics performed without identifying users). Legal obligation (tax records). We do not currently process data on the basis of consent.

Subprocessors

We rely on a small set of third parties to run the service: Supabase (database, authentication and storage, hosted in Frankfurt, eu-central-1), Vercel (hosting and CDN), Stripe (payment processing), Resend (transactional email) and Sentry (error and performance monitoring). Each of them processes data only on our instructions under a written agreement.

Retention

We keep account and operational data for as long as your subscription is active and for up to 30 days after you delete your account, after which it is removed from our live systems. Backups are rotated within 30 days. Billing records are kept for the period required by tax law (typically 5 to 10 years).

Your rights

You have the right to access, rectify, erase, restrict or object to the processing of your personal data, and the right to data portability. You may exercise any of these rights by writing to info@nextstridegroup.com. You also have the right to lodge a complaint with the data protection authority of your country.

International transfers

Some of our subprocessors may store data outside the European Economic Area. In those cases the transfer is covered by the European Commission's Standard Contractual Clauses or an equivalent safeguard.

Changes to this policy

We may update this policy from time to time. The date at the top of the page reflects the latest version. If we make material changes we will notify users by email.