deBarral, Inc. (“deBarral,” “we,” “us,” or “our”) operates the Nick Says platform at app.nicksays.com and the marketing website at nicksays.com. Nick Says is a product of deBarral. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our services.
1. Information We Collect
We collect the following categories of information:
- Account information: your name, email address, company or entity name, and professional role, provided during registration.
- Payment information: billing details such as credit card numbers and billing addresses are collected and processed exclusively by our payment processor, Stripe. We do not store payment card data on our servers.
- Usage data: information about how you interact with the platform, including pages visited, features used, timestamps, and device or browser metadata.
- Communication data: any information you provide when contacting us via email or through in-app support channels.
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Nick Says platform and its fair value compliance features.
- Process subscription payments and manage your account billing through Stripe.
- Communicate with you about your account, service updates, and renewal notices.
- Respond to your inquiries and provide customer support.
- Detect, prevent, and address security issues, fraud, or technical problems.
3. Data Storage and Security
Your data is stored on infrastructure provided by Supabase, which utilizes enterprise-grade cloud hosting with encryption at rest and in transit. Sensitive data fields, including phone numbers, are encrypted at the application level. We support and encourage two-factor authentication (2FA) via one-time passwords (OTP) for all user accounts.
Nick Says is SOC 2 Type I compliant, ensuring that our security controls, availability practices, and data handling procedures meet rigorous industry standards. We implement administrative, technical, and physical safeguards designed to protect your data from unauthorized access, alteration, or destruction.
4. Payment Processing
All payment transactions are processed by Stripe, Inc., a PCI DSS Level 1 compliant payment processor. When you subscribe to Nick Says, your payment card information is transmitted directly to Stripe and is never stored on or passed through our servers. For details on how Stripe handles your data, please refer to Stripe's Privacy Policy.
5. Data Retention
We retain your personal information and account data for as long as your account remains active or as needed to provide you with our services. If you cancel your subscription, we will retain your data for 30 days to allow for reactivation or data export, after which it will be permanently deleted unless retention is required by law.
6. Account Deletion
You may request deletion of your account and all associated data at any time by contacting us at info@nicksays.com. Upon receiving a verified deletion request, we will permanently remove your account and personal data within 30 days. Certain anonymized or aggregated data that cannot be linked back to you may be retained for analytical purposes.
7. Third-Party Services
We use the following third-party services to operate the Nick Says platform:
- Supabase: authentication, database hosting, and data storage.
- Stripe: subscription billing and payment processing.
We do not sell, rent, or share your personal information with third parties for their marketing purposes. Data is shared with third-party service providers only to the extent necessary to operate our platform.
8. Cookies
Nick Says uses only essential cookies required for authentication and session management. These cookies are set by our authentication provider (Supabase Auth) and are necessary for the platform to function. We do not use tracking, advertising, or analytics cookies. For more information, see our Cookie Notice.
9. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal information we hold about you and receive a copy of that data.
- Request correction of inaccurate or incomplete personal information.
- Request deletion of your personal information, subject to legal retention obligations.
- Request portability of your data in a structured, commonly used format.
- Object to or restrict certain processing of your personal information.
To exercise any of these rights, please contact us using the information below.
10. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through a notice on our platform at least 14 days before the changes take effect. Your continued use of Nick Says after the effective date constitutes your acceptance of the updated policy.
11. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at: