NxtLure

Last updated · May 25, 2026

Privacy Policy

Short version: we store the minimum we need to run your scans and bill you. We don’t sell data. We don’t track you across the web.

1. What we collect

  • Account info: email address, encrypted password (via Supabase Auth)
  • Brand info: brand name, website domain, keywords, competitor domains (you provide these)
  • Scan data: the queries we send to AI engines + the responses we receive, mention rates, visibility factor scores
  • Billing info: handled entirely by Stripe; we store only a Stripe customer ID + subscription status. We never see your card details.
  • Usage analytics: via PostHog — page views, signup completions, scan triggers (anonymized IDs, no personal content)
  • Error reports: via Sentry — stack traces from bugs (we redact PII before sending)

2. What we don't collect

We don’t use third-party advertising trackers, don’t share data with ad networks, don’t fingerprint your browser, and don’t buy data about you from brokers.

3. How we use it

  • To run scans and deliver scoring reports
  • To bill you for one-time scans or your subscription
  • To email weekly digests (Monday mornings, opt-out anytime)
  • To improve the product (aggregated, anonymized usage data only)
  • To debug issues (Sentry error reports with PII redacted)
We do not use your brand data to train AI models.

4. Third parties we use

  • Supabase — database, authentication, file storage
  • Vercel — hosting + edge functions
  • Stripe — payment processing
  • Resend — transactional email
  • OpenAI, Anthropic, Google, SerpAPI — AI engine queries for your scans (we send your keywords + brand name, not your account info)
  • Sentry — error tracking
  • PostHog — product analytics
Each has its own privacy policy. We’ve picked them for security track records, not low cost.

5. Where data is stored

Database and backups: AWS US-East (via Supabase). Hosting: Vercel global edge. Email: Resend (US). Most data stays in the United States. EU/UK users: your data may be transferred to the US under standard contractual clauses.

6. How long we keep it

  • Account + scan data: as long as your account is active
  • After account deletion: removed within 30 days (some backups may persist up to 90 days)
  • Billing records: retained for 7 years for tax compliance

7. Your rights

You can:
  • Access all data we have on you — email us
  • Correct your account info from the Settings page
  • Delete your account anytime — email us, removed within 30 days
  • Export your scan data — email us, we’ll send CSV/JSON
  • Opt out of marketing/digest emails via the unsubscribe link in every email
If you’re in the EU/UK, you have additional GDPR rights including the right to lodge a complaint with your data protection authority.

8. Cookies

We use first-party session cookies for authentication (set by Supabase). Analytics cookies are first-party PostHog. We do not use third-party advertising cookies.

9. Children

NxtLure is not for users under 18. We don’t knowingly collect data from minors. If we learn we have, we’ll delete it.

10. Changes to this policy

Material changes will be emailed to you at least 14 days before taking effect.

11. Contact

Privacy questions, data requests, or complaints: nathaniel@pryce.solutions. General support: nathaniel@pryce.solutions.