Privacy Policy

Last updated: March 8, 2026

The protection of your personal data is a priority for NUDGETASK. This Privacy Policy details how we collect, use, and protect your information when using our SaaS platform, in accordance with the General Data Protection Regulation (GDPR).

1. Data Controller

The data controller is NUDGETASK SAS, registered with the RCS of Nanterre under number 999 629 850, with its registered office at 57 rue des Molières, 92000 NANTERRE.

Contact email: [email protected]

2. Data Collected

We only collect data necessary for providing our services:

  • Identity data : Last name, first name, email address.
  • Professional data : Company name, role (optional).
  • Payment data : Credit card information (securely processed by our provider Stripe; NudgeTask does not store your bank details).
  • Usage data : IP address, browser type, connection logs.
  • Service content : Tasks, projects, and prompts (requests) sent to the AI to generate content.
  • Connected social account data : When you connect Instagram, Facebook, Threads, or another social network, we store the account identifiers, usernames, profile images, OAuth access/refresh tokens, selected Pages, post drafts, scheduled posts, published post identifiers, media URLs, captions, comments configured for publishing, and analytics required to provide publishing and reporting features.

3. Purposes and Legal Bases

The processing of your data is based on the following legal grounds:

  • Contract execution : Account creation, subscription management, access to the NudgeTask service, and customer support.
  • Legitimate interest : Improving the platform's usability and securing the service.
  • Consent : Sending newsletters or using non-essential cookies.

4. Special Case: Artificial Intelligence

To operate the "Nudgy Power" features, some of your data (prompts) are transmitted to our AI providers (e.g., OpenAI, Anthropic, Google...).

Important: We use professional application programming interfaces (APIs). Your data is not used by these providers to train their general artificial intelligence models, unless you specifically agree.

5. Data Recipients

Your data is never sold. It is shared only with our essential subcontractors:

  • Hosting : Hetzner (Servers located in Germany).
  • Payment : Stripe (Transaction security).
  • AI Services : Language model (LLM) providers.
  • Social network APIs : Meta APIs for Instagram, Facebook, and Threads, and other connected social network APIs when you choose to publish, schedule, or retrieve analytics. Google/YouTube API data is handled according to this policy and the Google Privacy Policy.

6. Data Retention Period

  • Account data : Retained for the duration of your subscription. In case of cancellation, data is deleted after 12 months of inactivity, unless legally required otherwise.
  • Billing data : Retained for 10 years (French legal requirement).
  • Technical logs : Retained for 1 year.
  • Social integration data : Retained while the social account remains connected or while related scheduled/published posts must be operated, then deleted or anonymized after disconnection unless a legal obligation requires retention.

7. Your Rights

In accordance with the GDPR, you have the following rights:

  • Right of access and rectification : Modify your information at any time.
  • Right to erasure : Request the deletion of your account and data.
  • Right to portability : Retrieve your data in a structured format.
  • Right to object : Object to the use of your data for marketing purposes.

To exercise these rights, contact us at: [email protected].

If you believe your rights are not being respected, you can file a complaint with the CNIL (www.cnil.fr).

Social integrations and data deletion

Social integrations are optional. You can disconnect Instagram, Facebook, Threads, and other connected accounts from your NudgeTask settings at any time.

Disconnecting a social account removes the OAuth tokens and organization sharing links used by NudgeTask. You can also request deletion of your account and integration data by contacting [email protected].

For Meta deletion callbacks, this section is the public status page for confirming that deletion requests are processed for the relevant connected account.

8. Security

NudgeTask implements technical measures (SSL encryption, security protocols) and organizational measures to protect your data against unauthorized access, loss, or alteration.