NexusPrompt

Privacy Policy

Last updated: January 7, 2026

Introduction

NexusPrompt ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI prompt management and generation platform. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site.

Information We Collect

Personal Information

We collect information that you voluntarily provide to us when you:

  • Register for an account (name, email address, password)
  • Sign in with Google OAuth (name, email, profile picture)
  • Subscribe to our Pro plan (billing information via Stripe)
  • Contact us through our contact form (name, email, message)
  • Use our AI Prompt Generator (prompt inputs and generated outputs)
  • Save prompts to your personal vault

Automatically Collected Information

When you access our platform, we automatically collect certain information, including:

  • Device information (browser type, operating system, device identifiers)
  • Usage data (pages viewed, features used, time spent on platform)
  • IP address and geographic location
  • Cookies and similar tracking technologies
  • Analytics data via Google Analytics 4

AI-Generated Content

We store your prompt inputs and AI-generated outputs to:

  • Provide you with access to your generation history
  • Enforce rate limiting (5 generations/day for free users, 100/day for Pro)
  • Improve our AI generation algorithms
  • Ensure service quality and prevent abuse

How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain our platform
  • Process your subscription payments and manage billing
  • Authenticate your identity and manage your account
  • Generate AI prompts based on your inputs
  • Save and organize your prompt library
  • Send you administrative communications (account updates, security alerts)
  • Respond to your inquiries and provide customer support
  • Analyze usage patterns to improve our services
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations and enforce our Terms of Service

Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

Service Providers

  • Stripe: Payment processing and subscription management
  • Google Analytics: Website analytics and usage tracking
  • Google OAuth: Authentication services
  • Abacus.AI: AI model hosting and prompt generation
  • Database Hosting: Secure data storage via PostgreSQL

Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to:

  • Comply with legal processes
  • Protect our rights, privacy, safety, or property
  • Prevent fraud or security threats
  • Enforce our Terms of Service

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you via email and/or prominent notice on our platform before your information becomes subject to a different privacy policy.

Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data transmitted between your browser and our servers is encrypted using SSL/TLS
  • Password Security: Passwords are hashed using bcrypt before storage
  • Secure Authentication: NextAuth.js with JWT tokens for session management
  • Database Security: PostgreSQL with access controls and encryption at rest
  • Payment Security: PCI-compliant payment processing via Stripe (we never store credit card details)
  • Regular Audits: Periodic security assessments and vulnerability testing

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. Specific retention periods:

  • Account Data: Retained until you delete your account
  • Generation History: Retained for the lifetime of your account
  • Saved Prompts: Retained until you manually delete them
  • Contact Form Submissions: Retained for 2 years
  • Payment Records: Retained for 7 years for tax and legal compliance
  • Analytics Data: Retained according to Google Analytics 4 policies (14 months)

After you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or regulatory purposes.

Your Data Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information ("right to be forgotten")
  • Portability: Request a copy of your data in a machine-readable format
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing of your personal information
  • Withdraw Consent: Withdraw consent for data processing at any time

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Essential Cookies: Required for authentication and session management
  • Analytics Cookies: Google Analytics 4 for usage tracking and performance monitoring
  • Preference Cookies: Remember your settings (theme, language)

You can control cookies through your browser settings. However, disabling essential cookies may limit your ability to use certain features of our platform.

Third-Party Links

Our platform may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

Children's Privacy

NexusPrompt is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information from our systems.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using our platform, you consent to the transfer of your information to our facilities and service providers globally.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information held by us
  • Right to opt-out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising your CCPA rights

To exercise your CCPA rights, contact us at [email protected].

European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent
  • Right to lodge a complaint with a supervisory authority

Our legal basis for processing your data includes:

  • Contract: Processing necessary to provide our services
  • Consent: You have given explicit consent for specific processing
  • Legitimate Interest: Processing necessary for our legitimate business interests
  • Legal Obligation: Processing required by law

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

  • Posting the updated policy on this page with a new "Last Updated" date
  • Sending an email notification to registered users
  • Displaying a prominent notice on our platform

Your continued use of NexusPrompt after any changes indicates your acceptance of the updated Privacy Policy.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: [email protected]

Contact Form: nexusprompt.store/contact

Response Time: We aim to respond to all inquiries within 48 hours

By using NexusPrompt, you acknowledge that you have read and understood this Privacy Policy and agree to its terms. If you do not agree with this policy, please discontinue use of our platform.