← Back to home

Privacy Notice

Last updated: May 27, 2026

1. Who we are

Nirvaaq is operated by Jay Pipalia ("we", "us"). We act as the data controller for personal data we collect through nirvaaq.com and the Nirvaaq service.

2. Data we collect

  • Account data — name, email, password hash, organization.
  • Service data — produce images and check results you submit, audit logs.
  • Support data — messages you send to support, contact form submissions.
  • Usage and telemetry — page views, feature usage, error logs.
  • Device data — IP address, browser type, device identifiers.

3. How we use your data

  • To create and operate your account (contract performance).
  • To provide the freshness verification service and store your check history (contract performance).
  • To prevent fraud, abuse, and protect the Service (legitimate interests).
  • To improve the Service and train internal quality models (legitimate interests).
  • To respond to support requests (contract performance / legitimate interests).
  • To send service announcements and, with your consent, marketing communications.

4. Who we share it with

  • Service providers / subprocessors — cloud hosting, database, AI inference providers, analytics, email delivery.
  • Paddle.com — our Merchant of Record. Paddle processes payments, manages subscriptions, handles tax compliance and invoicing on our behalf.
  • Professional advisers — legal and accounting advisers where necessary.
  • Authorities — when required by law or to protect our rights.

We do not sell your personal data.

5. International transfers

Some of our service providers operate outside your country of residence. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions to protect transferred data.

6. Retention

We keep your personal data for as long as your account is active and as needed to provide the Service. After account closure we delete or anonymize personal data within a reasonable period, except where we are required to retain it for legal, tax, or accounting purposes.

7. Your rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you;
  • Request correction or deletion;
  • Restrict or object to certain processing;
  • Receive your data in a portable format;
  • Withdraw consent at any time;
  • Lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us. We aim to respond within one month.

8. Security

We use appropriate technical and organizational measures — including encryption in transit, access controls, and audit logging — to protect personal data. No method of transmission or storage is completely secure, but we work to minimize risk.

9. Cookies

We use essential cookies to keep you signed in and to keep the Service working. We may also use limited analytics cookies to understand usage. You can manage cookies through your browser settings.

10. Changes

We may update this notice from time to time. Material changes will be communicated through the Service or by email.

11. Contact

Questions about this notice? Contact us.