Privacy Policy

Welcome to niceform.ai ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered form creation platform and services (collectively, the "Service").

By accessing or using niceform.ai, you agree to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

1.1 Information You Provide

• Account Information: Email address, name, and authentication credentials when you create an account
• Form Content: Forms you create, including questions, descriptions, and customization settings
• Response Data: Information submitted by respondents through your forms
• Payment Information: Billing details processed securely through our payment processor (Stripe). We do not store your full credit card information
• Communications: Messages you send us through support channels, feedback forms, or email
• Customization Data: Branding preferences, themes, logos, and styling choices

1.2 Information Collected Automatically

• Usage Data: Information about how you interact with our Service, including pages viewed, features used, and actions taken
• Device Information: IP address, browser type and version, operating system, device identifiers, and general location data (country/city level)
• Cookies and Tracking: We use cookies and similar technologies to maintain sessions, remember preferences, and analyze usage patterns. You can control cookie settings through your browser
• Analytics Data: We may use third-party analytics services (such as Google Analytics) to understand how users interact with our Service
• Log Data: Server logs that may include access times, error messages, and system activity

1.3 AI Processing Data

When you use our AI-powered features, we process your prompts and instructions through third-party AI providers (currently Anthropic and OpenAI, but this may change based on service requirements and cost optimization). These providers may temporarily process your data according to their own privacy policies and data processing agreements.

We use the information we collect for the following purposes:

• Service Delivery: To provide, maintain, and improve our form creation platform and AI-powered features
• Account Management: To create and manage your account, authenticate users, and provide customer support
• AI Form Generation: To process your requests and generate forms using artificial intelligence
• Data Analytics: To analyze form responses, track completion rates, and provide insights through dashboards
• Communication: To send you service-related notifications, updates, security alerts, and support messages
• Payment Processing: To process subscription payments and manage billing through Stripe
• Security: To detect, prevent, and address fraud, abuse, security issues, and technical problems
• Legal Compliance: To comply with legal obligations, enforce our terms, and protect our rights
• Service Improvement: To understand usage patterns and improve features, functionality, and user experience
• Marketing: With your consent, to send promotional communications about new features, updates, or offers (you can opt out at any time)

3.1 Data Storage

Your data is stored securely using Supabase infrastructure located in Frankfurt, Germany (EU region). All data at rest is encrypted, and we employ industry-standard security measures to protect your information.

3.2 Data Retention

We retain your data according to your subscription plan:

• Free Plan: 3 months data retention
• Pro Plan: 12 months data retention
• Enterprise Plan: Custom data retention as agreed

After your subscription ends or data retention period expires, your data will be permanently deleted within 30 days unless required by law to retain longer.

3.3 Security Measures

• Enterprise-grade encryption for data in transit (TLS/SSL) and at rest
• Regular security audits and vulnerability assessments
• Access controls and authentication mechanisms
• Automated backups and disaster recovery procedures
• Monitoring and logging of system access and activities

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

• Supabase: Database and authentication services (data stored in Frankfurt, Germany)
• Stripe: Payment processing and billing management
• AI Providers: Anthropic and OpenAI for AI-powered form generation (providers may change based on service needs)
• Analytics Services: Google Analytics or similar services for usage analytics (when implemented)

These service providers are contractually obligated to protect your data and use it only for the purposes we specify.

4.2 Legal Requirements

We may disclose your information if required by law, court order, government request, or when we believe disclosure is necessary to:

• Comply with legal obligations
• Protect our rights, property, or safety
• Prevent fraud or security issues
• Respond to emergencies

4.3 Business Transfers

If niceform.ai is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

5.1 GDPR Rights (EU Users)

If you are located in the European Union, you have the following rights under GDPR:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restriction: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing of your data for certain purposes
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

5.2 CCPA Rights (California Users)

If you are a California resident, you have the following rights under CCPA:

• Right to Know: Request information about data collection and use
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the sale of personal information (we do not sell your data)
• Right to Non-Discrimination: Not receive discriminatory treatment for exercising your rights

5.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at contact@niceform.ai. We will respond to your request within 30 days as required by applicable law. You may also:

• Update your account information through your dashboard settings
• Delete your account through account settings
• Opt-out of marketing communications via unsubscribe links in emails
• Control cookie preferences through your browser settings

While your data is primarily stored in the EU (Frankfurt, Germany), our Service is accessible worldwide. When you use our Service, your information may be transferred to and processed by service providers located in different countries, including the United States (AI providers). We ensure that all international data transfers comply with applicable data protection laws through:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions by relevant data protection authorities
• Other appropriate safeguards as required by law

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at contact@niceform.ai, and we will delete such information.

We use cookies and similar tracking technologies to:

• Essential Cookies: Required for authentication and security
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Understand how you use our Service (when analytics is implemented)
• Performance Cookies: Improve Service performance and functionality

You can control cookie preferences through your browser settings. Note that disabling certain cookies may affect Service functionality.

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any information to them.

In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law within 72 hours of discovering the breach. Notifications will be sent via email to your registered email address.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated policy on this page with a new "Last Updated" date
• Sending an email notification to your registered email address
• Displaying a prominent notice on our Service

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: