1. Introduction
Welcome to Nudge ("App"), operated by Eleetra ("Company," "we," "us," or "our"). This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our mobile application and related services.
By using Nudge, you agree to the practices described in this policy. If you do not agree, please do not use the App.
2. Information We Collect
We collect only the information necessary to provide and improve Nudge. Here is what we collect:
2.1 Account Information
- Name - provided when you create an account
- Email address - used for authentication and communication
- Passwords are never stored by Nudge - authentication is handled entirely by Supabase Auth
2.2 Authentication Providers
You may sign in using:
- Email and password
- Google Sign-In
- Apple Sign-In
When you use a third-party sign-in provider, we receive your name and email address as authorized by that provider. We do not receive your password or other sensitive credentials.
2.3 Subscription Data
Nudge is a manually operated subscription tracker. You enter your own subscription information, which may include:
- Service name (e.g., Netflix, Spotify)
- Subscription amount and currency
- Billing date and frequency
- Category or label
- Personal notes
This data is provided entirely by you and is stored to power your subscription dashboard and reminders.
2.4 Payment History
When a billing date passes, Nudge automatically generates a payment history entry for tracking purposes. This is derived from the data you entered - no external payment data is accessed.
2.5 Device Information & Push Tokens
To deliver reminder notifications, we collect:
- Device type and operating system version
- Push notification tokens (used exclusively with Firebase Cloud Messaging)
Push tokens are used only to send you the reminders you have configured within the App.
2.6 App Usage Analytics
If analytics are enabled, we may collect anonymous usage data such as screen views, feature usage, and crash reports. This data is aggregated and cannot be used to identify you personally.
2.7 Currency Exchange Rates
Nudge fetches live currency exchange rates to display multi-currency totals. These requests are made to third-party APIs (such as exchangerate-api.com) and do not include any personal information.
2.8 Brand Logos
To display subscription logos, Nudge retrieves images from third-party services (Logo.dev, Clearbit) using only the service domain name you provide (e.g., "netflix.com"). No personal data is sent in these requests.
3. Email Scanning (Future Feature)
We plan to offer optional email scanning as a Pro feature. This section describes our planned implementation and will take effect once the feature launches.
3.1 How It Will Work
- Email scanning is entirely optional and requires your explicit authorization
- We plan to support Microsoft Outlook via the Microsoft Graph API using the
Mail.Readscope (read-only access with user consent) - We may add Gmail support in the future via Google OAuth using
gmail.metadataand/orgmail.readonlyscopes (read-only, with user consent) - You can revoke email access at any time from the app's settings
3.2 What We Process
- Only billing and subscription-related emails are processed
- We extract: service name, amount, and billing date
- Raw email content is never stored permanently
3.3 Data Security
- Email access tokens are stored securely on our server-side infrastructure
- Tokens are never exposed to the client app
- You may revoke access at any time from app settings
4. How We Store Your Data
- All data is stored in Supabase (PostgreSQL database) hosted on AWS (US East)
- Row-Level Security (RLS) is enforced, ensuring that you can only access your own data
- Passwords are never stored by Nudge - all authentication is handled by Supabase Auth
5. Third-Party Services
Nudge integrates with the following third-party services:
- Supabase - database hosting and authentication
- Firebase Cloud Messaging (FCM) - push notification delivery
- RevenueCat - subscription and in-app purchase management
- Logo.dev / Clearbit - brand logo retrieval (domain names only, no personal data)
- exchangerate-api.com - currency conversion rates (no personal data)
- Microsoft Graph API - (future) optional email scanning
- Google OAuth / Gmail API - (future) optional email scanning
Each service operates under its own privacy policy. We encourage you to review their respective policies.
6. Your Rights
You have full control over your data:
- Access - view all data Nudge stores about you
- Export - download your subscription data at any time
- Delete - permanently remove your account and all associated data
- Revoke - disconnect any third-party account (Google, Microsoft) from settings
To exercise these rights, use the in-app settings or contact us at contact@eleetra.com.
7. Data Retention
- Your data is retained as long as your account is active
- When you delete your account, all associated data is purged within 30 days
- Backup copies may exist in encrypted form for up to 90 days for disaster recovery purposes
8. Children's Privacy
Nudge is not directed at children under the age of 13 (under COPPA) or under 16 (under GDPR). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us immediately and we will delete it.
9. GDPR Rights (EU Users)
If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR):
- Right of access - request a copy of the personal data we hold about you
- Right to rectification - request correction of inaccurate data
- Right to erasure - request deletion of your personal data
- Right to restrict processing - request that we limit how we use your data
- Right to data portability - receive your data in a structured, machine-readable format
- Right to object - object to our processing of your data
- Right to withdraw consent - withdraw consent at any time without affecting the lawfulness of prior processing
To exercise any of these rights, contact us at contact@eleetra.com.
10. CCPA Rights (California Users)
If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the following rights:
- Right to know - request disclosure of the categories and specific pieces of personal information we have collected about you
- Right to delete - request deletion of your personal information
- Right to opt out - we do not sell your personal information, so there is nothing to opt out of
- Right to non-discrimination - we will not discriminate against you for exercising your CCPA rights
To exercise your CCPA rights, contact us at contact@eleetra.com.
We do not sell personal information and have not done so in the preceding 12 months.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or an in-app notification. The "Last updated" date at the top of this page reflects the most recent revision.
12. Contact Us
If you have questions about this Privacy Policy or how we handle your data, please contact us:
- Email: contact@eleetra.com
- Website: nudge.eleetra.com