nibeat

Privacy Policy

Last updated: January 30, 2026

1. Introduction

Nibeat ("Nibeat," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you access or use the Nibeat website, applications, and all related services (collectively, the "Service").

By accessing or using the Service, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use the Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide to us when you create an account, use the Service, or communicate with us. This includes:

  • Account Information: Email address, username, display name, password, and profile bio.
  • Profile Information: Avatar image, biographical details, and other information you choose to add to your public profile.
  • User Content: Reviews, ratings (thumbs up/down), photographs, comments, and any other content you submit through the Service.
  • Communications: Information you provide when you contact us for support, submit feedback, or otherwise correspond with us.
  • Payment Information: If you purchase Premium Services, we collect billing information such as your name, payment card details, and billing address. Payment processing is handled by our third-party payment processor (Stripe), and we do not store your full payment card details on our servers.

2.2 Information Collected Automatically

When you access or use the Service, we automatically collect certain information, including:

  • Device Information: Device type, operating system, browser type and version, screen resolution, and unique device identifiers.
  • Usage Data: Pages viewed, links clicked, features used, time spent on pages, search queries, and interaction patterns within the Service.
  • Log Data: IP address, access dates and times, referring URLs, and error logs.
  • Location Data: Approximate geographic location based on your IP address, used for serving country-specific content and product availability.

2.3 Information from Third Parties

If you choose to sign in using a third-party authentication provider (such as Google), we may receive certain profile information from that provider, including your name, email address, and profile picture. We only request the minimum information necessary to create and manage your account.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and maintain the Service: Create and manage your account, display your reviews and profile to other users, process ratings, and enable community features such as comments, follows, and collections.
  • Trust and safety: Calculate trust scores and verification tiers, detect and prevent fraud, enforce our Terms of Service, and moderate user-generated content including photo moderation.
  • Improve the Service: Analyze usage patterns and trends, conduct research, test new features, and improve the overall user experience.
  • Communications: Send you account-related notifications (such as password resets and security alerts), respond to your inquiries, and, with your consent, send promotional communications about new features or updates.
  • Personalization: Customize your experience, including personalized product recommendations and content based on your activity and preferences.
  • Legal compliance: Comply with applicable laws, regulations, legal processes, or enforceable governmental requests.
  • Payment processing: Process transactions for Premium Services and manage billing and subscription records.

4. How We Share Your Information

4.1 Public Information

Your username, display name, avatar, profile bio, reviews, ratings, photographs, comments, badges, trust tier, and other community activity are publicly visible to all users of the Service. Please be mindful of the information you choose to share publicly.

4.2 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

  • Hosting and infrastructure: Vercel (hosting), Supabase (database and authentication), Cloudflare (CDN and file storage).
  • Analytics: PostHog (product analytics and usage insights).
  • Error monitoring: Sentry (error tracking and performance monitoring).
  • Payment processing: Stripe (payment and subscription management).
  • Email: Resend (transactional email delivery).
  • Content moderation: Google Cloud Vision (automated photo moderation for safety).

These service providers are contractually obligated to use your information only as necessary to provide their services to us and in accordance with applicable data protection laws.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to: (a) comply with a legal obligation, court order, or legal process; (b) protect and defend the rights or property of Nibeat; (c) prevent or investigate possible wrongdoing in connection with the Service; (d) protect the personal safety of users of the Service or the public; or (e) protect against legal liability.

4.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on the Service of any change in ownership or use of your personal information, as well as any choices you may have regarding your information.

4.5 No Sale of Personal Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and store information about your interactions with the Service. These include:

  • Essential cookies: Required for the Service to function properly, including session management and authentication.
  • Analytics cookies: Help us understand how users interact with the Service, which pages are most popular, and how users navigate between pages.
  • Preference cookies: Remember your settings and preferences, such as display preferences and country selection.

Most web browsers are set to accept cookies by default. You can adjust your browser settings to remove or reject cookies. Please note that disabling cookies may affect the functionality of the Service and your ability to access certain features.

6. Data Security

We implement appropriate technical and organizational security measures designed to protect the confidentiality, integrity, and availability of your personal information. These measures include:

  • Encryption of data in transit using TLS/SSL protocols.
  • Encryption of sensitive data at rest.
  • Access controls that limit access to personal information to authorized personnel who need it to perform their duties.
  • Regular security assessments and monitoring.
  • Secure authentication practices, including password hashing.

However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security. You are responsible for maintaining the security of your account credentials and for any activity that occurs under your account.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you the Service. We may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, and for legitimate business purposes.

When you delete your account, we will delete or anonymize your personal information within a reasonable timeframe, except where retention is required by law or for legitimate business purposes. Publicly posted User Content (such as reviews and comments) may be retained in anonymized form after account deletion, as it forms part of the community record.

8. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal information.
  • Deletion: Request deletion of your personal information, subject to certain exceptions required by law.
  • Portability: Request a copy of your data in a structured, commonly used, machine-readable format.
  • Objection: Object to the processing of your personal information in certain circumstances.
  • Restriction: Request that we restrict the processing of your personal information in certain circumstances.
  • Withdraw consent: Where processing is based on your consent, you may withdraw that consent at any time.

You can exercise many of these rights directly through your account settings. To make a request that cannot be fulfilled through the settings, please contact us through our contact page.

We will respond to your request within the timeframe required by applicable law. We may ask you to verify your identity before processing your request.

9. Communication Preferences

You can manage your notification preferences through your account settings, including:

  • Push notifications for likes, comments, follows, replies, and achievements.
  • Email notifications for weekly digests, product updates, and promotional communications.

Please note that even if you opt out of promotional communications, we may still send you essential transactional and account-related messages, such as security alerts, password resets, and changes to our Terms of Service or Privacy Policy.

10. Children's Privacy

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13 without verification of parental consent, we will take steps to delete that information promptly.

If you are a parent or guardian and believe that your child under 13 has provided us with personal information, please contact us through our contact page so that we can take appropriate action.

11. International Data Transfers

Your information may be transferred to, stored, and processed in countries other than the country in which you reside. These countries may have data protection laws that differ from the laws of your country. By using the Service, you consent to the transfer of your information to the United States and other jurisdictions where we and our service providers operate. We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy.

12. California Privacy Rights

If you are a California resident, you may have additional rights under the California Consumer Privacy Act ("CCPA") and the California Privacy Rights Act ("CPRA"), including:

  • The right to know what personal information we collect, use, disclose, and sell.
  • The right to request deletion of your personal information.
  • The right to opt out of the sale or sharing of your personal information. As stated above, we do not sell your personal information.
  • The right to non-discrimination for exercising your privacy rights.
  • The right to correct inaccurate personal information.
  • The right to limit the use of sensitive personal information.

To exercise your California privacy rights, please contact us through our contact page. You may also designate an authorized agent to make a request on your behalf.

13. European Privacy Rights (GDPR)

If you are located in the European Economic Area ("EEA"), the United Kingdom, or Switzerland, you have certain rights under the General Data Protection Regulation ("GDPR") or equivalent legislation. The legal bases for our processing of your personal information include:

  • Contract performance: Processing necessary to provide the Service and fulfill our obligations to you.
  • Legitimate interests: Processing necessary for our legitimate interests, such as improving the Service, fraud prevention, and marketing, provided those interests are not overridden by your rights.
  • Consent: Where you have given us explicit consent to process your personal information for a specific purpose.
  • Legal obligation: Processing necessary to comply with applicable laws and regulations.

In addition to the rights described in Section 8, you have the right to lodge a complaint with a supervisory authority in the EEA, the UK, or Switzerland if you believe our processing of your personal information violates applicable data protection laws.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of material changes by posting the updated Privacy Policy on the Service with a revised "Last updated" date. For significant changes, we may also provide additional notice, such as an email notification or an in-app banner. Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through our contact page at nibeat.com/contact.