HomePrivacy Policy

Privacy Policy

Last updated: January 1, 2025

Your privacy matters. We never sell your personal data. This policy explains exactly what we collect, why, and how you can control it.

1. About This Policy

AI Nexus ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, disclose, and safeguard your information when you use our marketplace platform, including when you register an account, browse listings, make purchases, or sell products.

This policy applies to all users of AI Nexus, regardless of location. If you are in the European Economic Area (EEA) or United Kingdom, we act as the data controller for your personal information.

2. Information We Collect

Account Information

Name, email address, password (bcrypt-hashed, never stored in plain text), profile photo, bio, country, and account preferences.

Transaction Data

Purchase history, order records, payment confirmations, and invoice details. Card numbers are processed by Stripe/OPay and never stored by AI Nexus.

Usage Data

Pages visited, search queries, listing views, click patterns, time on page, and other interaction data collected via analytics tools.

Device & Network

IP address, browser type and version, operating system, device identifiers, and country/region derived from IP.

Communications

Messages sent through our platform, support ticket contents, email communications, and any feedback you submit.

We also collect information you voluntarily provide, such as seller verification documents, portfolio links, and social media handles when you apply to become a verified seller.

3. How We Use Your Information

We use your information for the following purposes:

Providing Our Service: To operate the marketplace, process transactions, facilitate buyer-seller interactions, and deliver purchased products.
Account Management: To manage your account, verify your identity, enable security features, and provide account notifications.
Customer Support: To respond to inquiries, resolve disputes, and process refund requests through our support system.
Safety & Security: To detect and prevent fraud, abuse, unauthorized access, and other illegal activities.
Platform Improvement: To analyze usage patterns, test new features, fix bugs, and improve Platform performance.
Marketing (Opt-In): To send newsletters, product updates, and promotional content. You can opt out at any time via the unsubscribe link in any email.
Legal Compliance: To comply with applicable laws, respond to legal process, and enforce our Terms of Service.
Personalization: To show you relevant listings, personalized recommendations, and customized content.

4. Information Sharing & Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We share data only in these limited circumstances:

Sellers

When you purchase from a seller, we share your name and email address so they can provide product support and delivery.

Payment Processors

Stripe and OPay process payments. They receive transaction data necessary to process your payment securely. We never store raw card details.

Infrastructure & Analytics

Supabase (database hosting), Vercel (hosting), and analytics providers receive data to operate and improve our services. All providers are contractually bound to protect your data.

Legal Authorities

When required by law, court order, or to respond to lawful government requests. We will notify you where legally permitted.

Business Transfers

In the event of a merger, acquisition, or sale of all or part of our assets, your data may be transferred. We will notify you via email and prominent notice on the Platform.

Safety

When necessary to protect the rights, property, or safety of AI Nexus, our users, or the public.

5. Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your login session and authentication state
  • Remember your preferences and settings
  • Analyze traffic and usage patterns to improve the Platform
  • Prevent fraud and enhance security

We use only essential and analytics cookies. We do not use third-party advertising cookies. You can configure your browser to block cookies, but this may affect some Platform functionality.

6. Data Security

We implement industry-standard security measures to protect your personal data:

  • All data is encrypted in transit using TLS 1.3
  • Passwords are hashed using bcrypt with a strong salt factor
  • Database-level encryption at rest
  • Regular security audits and penetration testing
  • Strict access controls — only authorized personnel access user data
  • Automated monitoring for suspicious activity

Despite our measures, no system can guarantee absolute security. In the event of a data breach affecting your rights, we will notify you within 72 hours as required by applicable law.

7. Your Rights & Controls

Depending on your location (especially if you are in the EEA/UK), you have the following rights regarding your personal data:

Right to Access

Request a copy of all personal data we hold about you.

Right to Rectification

Correct any inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data (subject to legal retention requirements).

Right to Restriction

Ask us to restrict processing of your data in certain circumstances.

Right to Portability

Receive your data in a structured, machine-readable format.

Right to Objection

Object to processing of your data for direct marketing or based on legitimate interests.

Right to Withdraw Consent

Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact our Data Protection Officer at privacy@ainexus.com. We will respond within 30 days.

8. Data Retention

We retain your personal data for different periods depending on its type:

Data TypeRetention Period
Account dataUntil account deletion + 30 days
Transaction records7 years (legal requirement)
Usage/analytics data24 months, then anonymized
Support tickets3 years after resolution
Communication logs2 years
Security logs90 days

9. International Data Transfers

AI Nexus is a global platform. Your data may be processed in countries other than your own, including the United States and European Union. For transfers from the EEA/UK, we rely on:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions where applicable
  • Your explicit consent in certain circumstances

10. Children's Privacy

AI Nexus is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If we learn we have collected data from a child under 18, we will promptly delete that information and terminate the associated account.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on the Platform at least 14 days before changes take effect. We encourage you to review this policy periodically.

12. Contact Our Privacy Team

Data Protection Officer

Email: privacy@ainexus.com

Response time: Within 30 days for data rights requests

General Contact Form →

Related: Terms of Service · Refund Policy · License Policy