Privacy Policy
Effective: 1 April 2025 · Last updated: 4 April 2026
Nudji ("we", "us", or "our") operates https://nudji.in. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and the rights you have. We do not sell your data — ever.
1. Who We Are (Data Controller)
The data controller responsible for your personal data is Nudji, Chennai, India. For all privacy enquiries, contact us at hello@nudji.in.
2. Information We Collect
Account information. When you sign up, we collect your email address and, optionally, your full name and profession. This is used to operate your account and communicate with you.
Proposal data. You may upload PDF files and associated metadata (proposal title, client name, client email, client phone). This data is stored securely and used only to provide the Service to you. Client personal data you provide is Customer Data — see Section 3 (Legal Bases) and our Terms of Service Section 8 for your obligations as data controller of that data.
Viewer engagement data. When a recipient opens a proposal tracking link, we record the following:
- Timestamp, page numbers viewed, and time spent on each page
- An anonymised session identifier — a one-way SHA-256 hash of the viewer's IP address with a server-side salt. The raw IP address is never written to our database.
- Device type (desktop, mobile, or tablet), derived from the User-Agent header
- Approximate country and city, retrieved from a third-party geo-lookup service using the viewer's IP address — see Section 5 for details. This helps you understand where your clients are viewing from.
- Viewer name, if the viewer voluntarily types it into the name prompt before opening the proposal. Entering a name is entirely optional.
We do not identify individual recipients beyond their session data. We do not cross-reference viewer sessions with advertising profiles or external databases.
Usage and server logs. We collect standard server logs — including hashed IP addresses, browser type, pages visited, and timestamps — to operate, secure, and improve the Service. These are retained for up to 90 days in operational systems.
Payment data. Payments are processed by Razorpay. We do not store card numbers or payment credentials. We receive only your subscription status, plan tier, billing email, and Razorpay customer identifier.
Notification preferences. We store the alert preferences you configure — such as quiet hours, cooldown settings, and per-proposal overrides — to deliver the notification experience you have set up.
3. Legal Bases for Processing (GDPR Article 6)
For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on the following legal bases:
| Processing activity | Legal basis |
|---|---|
| Creating and managing your account | Art. 6(1)(b) — performance of contract |
| Storing and serving your proposals | Art. 6(1)(b) — performance of contract |
| Recording viewer engagement data | Art. 6(1)(b) — performance of contract |
| Sending transactional emails (alerts, receipts, password reset) | Art. 6(1)(b) — performance of contract |
| Processing payments via Razorpay | Art. 6(1)(b) — performance of contract |
| Storing notification preferences | Art. 6(1)(b) — performance of contract |
| Server logs and usage analytics | Art. 6(1)(f) — legitimate interests: operating and improving the Service, detecting abuse |
| Anonymised security audit logs | Art. 6(1)(f) — legitimate interests: security and fraud prevention |
| Error monitoring via Sentry | Art. 6(1)(f) — legitimate interests: diagnosing and fixing bugs |
Where we rely on legitimate interests, we have conducted a balancing test and determined that our interests do not override your fundamental rights. You may object to processing based on legitimate interests — see Section 10 (Your Rights).
4. How We Use Your Information
- To provide, operate, and maintain the Service
- To send transactional emails — account confirmation, password reset, proposal engagement alerts, and billing receipts
- To enforce plan limits and process billing through Razorpay
- To detect and prevent abuse, fraud, and security incidents
- To diagnose errors and improve the Service based on aggregated, anonymised usage data
- To comply with applicable legal obligations
We do not sell, rent, or share your personal data with third parties for advertising, marketing, or profiling purposes.
5. Third-Party Services & Sub-Processors
We rely on the following sub-processors to deliver the Service. Each is bound by a data processing agreement that requires them to protect your data and process it only for the purposes described below.
| Provider | Purpose | Data processed | Location |
|---|---|---|---|
| Supabase | Database & file storage | Account data, proposals, analytics | US (AWS) |
| Resend | Transactional email | Email address, email content | US |
| Razorpay | Payment processing | Billing info, subscription status | India |
| Vercel | Hosting & CDN | Server logs, hashed IP addresses | US / Global CDN |
| Sentry | Error monitoring | Anonymised error traces — Sentry is configured to scrub PII from stack traces before transmission | US |
| ip-api.com | Geo-location lookup (viewer country & city) | Viewer IP address is sent to resolve approximate location. Note: the free tier uses HTTP, not HTTPS, and has no GDPR DPA. We intend to replace this with a local geo database (e.g. MaxMind GeoLite2) to eliminate this transfer. | Unknown |
We will notify you at least 14 days before engaging any new sub-processor that will handle personal data, giving you the opportunity to raise objections as described in our Terms of Service.
6. International Data Transfers
Our sub-processors are primarily based in the United States. If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, your personal data is transferred to, and processed in, the United States and other countries that may not provide the same level of data protection as your home jurisdiction.
We ensure that such transfers are made lawfully by relying on:
- Standard Contractual Clauses (SCCs) — the European Commission's approved SCCs (2021/914/EU), or UK-specific International Data Transfer Agreements (IDTAs), as applicable, are incorporated into our agreements with each US-based sub-processor.
- Sub-processor compliance — each sub-processor independently maintains GDPR-compliant transfer mechanisms. Supabase, Vercel, Resend, Razorpay, and Sentry all publish their transfer mechanisms in their respective privacy and compliance documentation.
By using the Service, you acknowledge that your personal data may be transferred and processed in countries outside your jurisdiction, subject to the safeguards described above.
7. Data Retention
We retain your personal data for as long as your Account is active. If you delete your Account — from Settings → Delete account — all associated data, including proposals, analytics, Customer Data, and notification history, is permanently and immediately deleted. This action cannot be undone.
For security and fraud prevention, we retain anonymised audit logs of significant account events (such as login attempts and plan changes) for up to 12 months after account deletion. All personally identifiable fields in these logs are hashed or removed before retention. This is a legitimate interest under GDPR Article 6(1)(f) and is standard industry practice.
8. Cookies
Strictly necessary cookies keep you logged in and remember your cookie preferences. These are required for the Service to function and cannot be disabled.
With your consent, we may also use:
- Analytics cookies (Vercel Analytics) — Vercel Analytics is privacy-first and cookieless by default. It does not use cross-site tracking or fingerprinting and is designed to comply with GDPR without requiring consent in most configurations. We use it only for aggregate, anonymised usage patterns.
- Error monitoring (Sentry) — Sentry may set session identifiers to correlate error reports. Error data is anonymised before transmission and does not include personally identifiable information from your proposals.
You can review and update your cookie preferences at any time via the cookie banner. We do not use advertising, retargeting, or cross-site tracking cookies of any kind.
9. Security
- All data encrypted in transit using TLS and encrypted at rest using industry-standard encryption, provided by our infrastructure partners (Supabase, Vercel)
- Row-level security in our database — only you can access your proposals and analytics
- Proposal viewer links use cryptographically secure random tokens generated with
crypto.getRandomValues()— they cannot be guessed or enumerated - Strict Content Security Policy (CSP) headers with per-request nonces, preventing cross-site scripting attacks
- Rate limiting on all API endpoints to protect against brute-force and abuse
- Regular access control reviews and prompt application of security patches
No system is completely immune to security incidents. If you discover a vulnerability, please report it responsibly to hello@nudji.in. If we experience a personal data breach affecting your data, we will notify you without undue delay and no later than 72 hours after becoming aware of it, as required by GDPR Article 33.
10. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data. To exercise any of them, email hello@nudji.in. We will respond within 30 days (most requests are handled faster). We may ask you to verify your identity before processing a request.
- Access (Art. 15 GDPR). Request a copy of the personal data we hold about you.
- Correction (Art. 16 GDPR). Ask us to correct inaccurate or incomplete data.
- Erasure (Art. 17 GDPR). Request deletion of your personal data. You can also delete your Account directly from Settings for immediate deletion.
- Portability (Art. 20 GDPR). Request your data in a structured, commonly used, machine-readable format (JSON or CSV).
- Restriction (Art. 18 GDPR). Ask us to restrict processing of your data in certain circumstances.
- Objection (Art. 21 GDPR). Object to processing based on legitimate interests. We will stop unless we can demonstrate compelling legitimate grounds that override your interests.
- Withdraw consent. Where processing is based on your consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of prior processing.
- Supervisory authority complaint. You have the right to lodge a complaint with a data protection supervisory authority, in particular in the EU/EEA member state of your habitual residence, your place of work, or the place of the alleged infringement. In the UK, the relevant authority is the Information Commissioner's Office (ICO). In the EU, find your national authority at edpb.europa.eu.
11. Children
The Service is not directed at anyone under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us immediately and we will delete it without delay.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For material changes — such as new categories of data collection or new processing purposes — we will notify you by email at least 14 days before the changes take effect. Continued use of the Service after that date constitutes acceptance of the updated policy.
13. Contact
Privacy enquiries: hello@nudji.in
Address: Chennai, India