Privacy Policy

Privacy by Design: Nezlu is built with a local-first architecture. Your Stripe data is stored locally on YOUR device. Your API keys are stored in YOUR system's secure keychain. We cannot access your Stripe data or API keys because they never leave your computer.

STRIPE DISCLAIMER: Nezlu is an independent third-party application. We are NOT affiliated with, endorsed by, or connected to Stripe, Inc. in any way. This Privacy Policy covers only data processed by Intelliquinte L.L.C. through the Nezlu service. Your use of Stripe is governed by Stripe's own Privacy Policy.

1. Introduction

Intelliquinte L.L.C. ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Nezlu application and website (collectively, the "Service").

Please read this Privacy Policy carefully. By using the Service, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

2. Who We Are

Nezlu is a desktop application developed and operated by:

Intelliquinte L.L.C.
Raleigh, North Carolina
United States
Email: privacy.nezlu@intelliquinte.com

For the purposes of applicable data protection laws, Intelliquinte L.L.C. is the "data controller" of your personal information collected through our website and authentication services.

Important: For data stored locally on your device through the Nezlu desktop application (including your Stripe data and API keys), YOU are the data controller. We do not have access to this locally-stored data.

3. Information We Collect

3.1 Information You Provide to Us

Category	Data Elements	Purpose
Account Information	Email address, encrypted password hash	Account creation, authentication, communication
Billing Information	Payment method details (processed by Stripe), billing address, invoice history	Processing subscription payments
Support Information	Communications with our support team, feedback, bug reports	Providing customer support, improving the Service

3.2 Information Collected Automatically

Category	Data Elements	Purpose
Device Information	Operating system, app version, device type	Technical support, compatibility, updates
Usage Data	License validation requests, feature usage (anonymized)	License enforcement, product improvement
Log Data	IP address, access times, error logs	Security, troubleshooting, fraud prevention
Website Analytics	Pages visited, referral source, session duration	Website improvement, marketing analysis

3.3 Information Stored Locally on Your Device

The following data is stored locally on YOUR device and is NOT accessible to us:

Category	Data Elements	Storage Location
Stripe API Keys	Your Stripe secret or restricted API keys	Operating system keychain (encrypted)
Stripe Data	Products, customers, invoices, subscriptions, etc.	Local SQLite database (AES-256 encrypted)
Application Settings	Preferences, PIN hash, theme settings	Local encrypted storage
Backup Files	Database backups you create	Local file system (optionally encrypted)

4. Information We Do NOT Collect

Privacy is Core to Nezlu: We designed Nezlu specifically to NOT collect sensitive business data. The following information is NEVER transmitted to or stored on our servers.

We do NOT collect:

Your Stripe API Keys: These are stored exclusively in your device's secure keychain and never transmitted to us
Your Stripe Business Data: Products, prices, customers, invoices, subscriptions, orders, payment information, etc.
Your Customer Information: Names, emails, addresses, or any personally identifiable information about YOUR customers
Transaction Data: Payment amounts, transaction histories, or financial records
Bank Account Information: Bank accounts, payout information, or financial credentials
Your PIN: Your local PIN is hashed and stored only on your device
Local File Contents: Any files, backups, or exports you create locally

4.1 Verification of Our Privacy Claims

You can verify our privacy claims by:

Using network monitoring tools to observe that Stripe data is only transmitted between your device and Stripe's servers
Reviewing that API calls go directly to api.stripe.com, not to our servers
Examining the local database location on your device
Testing the application while offline (it works because data is stored locally)

5. How We Use Your Information

5.1 Primary Purposes

We use the information we collect to:

Provide the Service: Create and manage your account, authenticate your access, process your subscription
Process Payments: Charge your payment method, manage billing, send invoices and receipts
License Validation: Verify your subscription status when you use the desktop application
Communication: Send service-related emails, respond to support requests, notify you of updates
Security: Detect, prevent, and address fraud, unauthorized access, and other illegal activities
Improvement: Analyze usage patterns to improve the Service, fix bugs, and develop new features
Legal Compliance: Comply with legal obligations, respond to legal requests, protect our rights

5.2 We Do NOT Use Your Information To:

Sell your personal information to third parties
Share your data for third-party advertising purposes
Profile you for automated decision-making
Access or analyze your Stripe business data
Contact you for marketing without your consent

6. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data based on the following legal grounds:

Processing Activity	Legal Basis
Account creation and management	Performance of contract
Payment processing	Performance of contract
License validation	Performance of contract
Service-related communications	Performance of contract / Legitimate interests
Security and fraud prevention	Legitimate interests
Analytics and service improvement	Legitimate interests
Marketing communications	Consent (where required)
Legal compliance	Legal obligation

7.1 We Do NOT Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

7.2 Service Providers

We may share your information with trusted third-party service providers who assist us in operating the Service:

Stripe, Inc.: Payment processing for subscriptions
Supabase: Authentication and database services
Email Service Providers: Sending transactional and support emails
Analytics Providers: Website analytics (anonymized data only)
Cloud Infrastructure: Hosting and content delivery

These service providers are contractually bound to protect your data and may only use it to provide services to us.

7.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

Valid legal process (subpoenas, court orders, legal requests)
Government or regulatory agency requests
To protect the rights, property, or safety of Intelliquinte L.L.C., our users, or others
To enforce our Terms of Service
To detect, prevent, or address fraud, security, or technical issues

7.4 Business Transfers

If Intelliquinte L.L.C. is involved in a merger, acquisition, or sale of all or a portion of its assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership and your choices regarding your information.

7.5 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

8. Third-Party Services

8.1 Stripe

Nezlu integrates with Stripe's API using YOUR API credentials. When you connect your Stripe account:

Your API key is stored locally on your device, not on our servers
Data flows directly between your device and Stripe's servers
We do not intercept, store, or have access to this data
Your use of Stripe is governed by Stripe's Privacy Policy

8.2 Payment Processing

We use Stripe to process subscription payments. When you subscribe:

Your payment information is collected directly by Stripe
We do not store your full credit card number or CVV
We receive only limited information (last 4 digits, expiry, card type) for display purposes
Stripe's payment processing is governed by their Privacy Policy

8.3 Analytics

We may use analytics services on our website. These services may collect:

Pages visited and time spent
Referral sources
Browser and device information
Geographic location (country/region level)

This data is used in aggregate form and is not linked to your personal account.

9. Data Security

9.1 Security Measures

We implement comprehensive security measures to protect your information:

Security Measure	Implementation
Encryption in Transit	TLS 1.3 for all communications
Encryption at Rest (Cloud)	AES-256 encryption for stored data
Encryption at Rest (Local)	AES-256-GCM for local database
Password Security	Bcrypt hashing with salt
API Key Storage	Operating system keychain (macOS Keychain, Windows Credential Manager)
Access Controls	Role-based access, principle of least privilege
PIN Protection	Local PIN authentication with secure hash
Session Management	Secure session tokens, automatic timeout

9.2 No Absolute Security

While we implement industry-standard security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data. You acknowledge and accept this inherent risk.

9.3 Your Security Responsibilities

You are responsible for:

Keeping your account credentials confidential
Keeping your local PIN secure
Maintaining the security of your device
Logging out of shared or public devices
Notifying us immediately of any unauthorized access

9.4 Data Breach Notification

In the event of a data breach that affects your personal information, we will:

Notify affected users within 72 hours of discovery (where required by law)
Provide information about the breach and steps we are taking
Notify relevant regulatory authorities as required
Take immediate steps to mitigate the breach and prevent future occurrences

10. Data Retention

10.1 Retention Periods

Data Type	Retention Period
Account Information	Duration of account + 30 days after deletion request
Billing Records	7 years (legal/tax requirements)
Support Communications	3 years after last interaction
Server Logs	90 days
Website Analytics	26 months (anonymized)
Local Data (on your device)	Until you delete it

10.2 After Retention Period

After the retention period expires, we will securely delete or anonymize your personal information, unless longer retention is required by law.

11. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

11.1 Universal Rights

Access: Request a copy of the personal information we hold about you
Correction: Request correction of inaccurate or incomplete information
Deletion: Request deletion of your personal information (subject to legal retention requirements)
Data Portability: Request your data in a machine-readable format
Withdraw Consent: Withdraw consent for processing based on consent
Opt-Out of Marketing: Unsubscribe from marketing communications

11.2 Exercising Your Rights

To exercise any of these rights, contact us at privacy.nezlu@intelliquinte.com. We will respond within 30 days (or sooner if required by law). We may need to verify your identity before processing your request.

11.3 Account Deletion

To delete your account:

Cancel your subscription through your dashboard
Email privacy.nezlu@intelliquinte.com requesting account deletion
We will process your request within 30 days
Locally stored data on your device must be deleted by you

12. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

12.1 Right to Know

You have the right to request that we disclose:

Categories of personal information collected
Categories of sources of personal information
Business purpose for collecting personal information
Categories of third parties with whom we share personal information
Specific pieces of personal information collected

12.2 Right to Delete

You have the right to request deletion of personal information we have collected, subject to certain exceptions.

12.3 Right to Correct

You have the right to request correction of inaccurate personal information.

12.4 Right to Opt-Out of Sale/Sharing

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.

12.5 Right to Non-Discrimination

We will not discriminate against you for exercising your privacy rights.

12.6 Authorized Agents

You may designate an authorized agent to submit requests on your behalf. We may require verification of the agent's authority.

12.7 How to Submit a Request

California residents may submit requests by:

Email: privacy.nezlu@intelliquinte.com
Include "California Privacy Request" in the subject line

We will respond within 45 days (extendable by an additional 45 days if necessary).

12.8 Categories of Information Collected

In the past 12 months, we have collected the following categories of personal information:

Identifiers (email address)
Commercial information (subscription history)
Internet activity (usage data, logs)

12.9 "Do Not Sell or Share My Personal Information"

We do not sell or share personal information as defined under CCPA/CPRA. No opt-out is necessary, but you may still contact us to confirm.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

13.1 Your GDPR Rights

Right of Access (Article 15): Obtain confirmation of processing and access to your data
Right to Rectification (Article 16): Correct inaccurate personal data
Right to Erasure (Article 17): Request deletion ("right to be forgotten")
Right to Restriction (Article 18): Restrict processing in certain circumstances
Right to Data Portability (Article 20): Receive your data in a structured format
Right to Object (Article 21): Object to processing based on legitimate interests
Rights Related to Automated Decision-Making (Article 22): We do not engage in automated decision-making

13.2 Data Protection Officer

For GDPR-related inquiries, contact our privacy team at privacy.nezlu@intelliquinte.com.

13.3 Supervisory Authority

You have the right to lodge a complaint with a supervisory authority in your country of residence if you believe we have violated your privacy rights.

14. International Data Transfers

14.1 Data Location

Our servers are located in the United States. If you are accessing the Service from outside the United States, your information may be transferred to, stored, and processed in the United States.

14.2 Transfer Mechanisms

For transfers from the EEA, UK, or Switzerland, we rely on:

Standard Contractual Clauses (SCCs) approved by the European Commission
Data Processing Agreements with our service providers
Your consent to the transfer when you use the Service

14.3 Local Processing

Your Stripe data is processed locally on your device and transmitted directly to Stripe's servers. This data does not pass through our servers.

15. Children's Privacy

The Service is not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy.nezlu@intelliquinte.com. If we learn that we have collected personal information from a child under 18, we will delete that information promptly.

16. Cookies and Tracking Technologies

16.1 What We Use

Type	Purpose	Duration
Essential Cookies	Authentication, security, session management	Session / 30 days
Preference Cookies	Remember your settings and preferences	1 year
Analytics Cookies	Understand how visitors use our website	26 months

16.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the Service.

16.3 Desktop Application

The Nezlu desktop application does not use tracking cookies. It stores only essential data locally for functionality purposes.

17. Do Not Track

Some browsers offer a "Do Not Track" (DNT) feature. We currently do not respond to DNT signals because there is no industry standard for DNT. We will update this policy if a standard is established.

18. Changes to This Privacy Policy

18.1 Updates

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

Posting the new Privacy Policy on this page
Updating the "Last Updated" date
Sending an email notification for material changes
Displaying a notice in the application

18.2 Review

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes constitutes acceptance of the updated policy.

19. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Inquiries:
Email: privacy.nezlu@intelliquinte.com

General Inquiries:
Email: nezlu@intelliquinte.com

Support:
Email: support.nezlu@intelliquinte.com

Billing:
Email: billing.nezlu@intelliquinte.com

Mailing Address:
Intelliquinte L.L.C.
Attn: Privacy Team - Nezlu
Raleigh, North Carolina
United States

We will respond to your inquiry within 30 days.

This Privacy Policy was last updated on January 20, 2026. Thank you for trusting Nezlu with your business.