Legal

Privacy Policy

Last updated April 28, 2026 · Effective immediately
NEK respects your privacy. This policy explains what data we collect, why we collect it, and what we do with it. Plain language. No tricks.

1. Information we collect

We collect only what's needed to run the service and improve it.

Account information

When you create an account, we store: your name, email address, password (hashed), and optionally a profile photo. If you sign in with Google, we receive your email, name, and profile picture.

Project data

Your floor plans, designs, materials, and 3D scenes are stored on our servers so you can access them across devices. Your projects are private by default — only you and people you explicitly share with can see them.

Payment information

We don't see your credit card. Stripe processes all payments and stores your card securely. We only receive a token and the last 4 digits.

Usage data

To improve NEK, we collect anonymous usage statistics: which features are used, performance metrics, error reports. This data is not linked to your identity.

2. How we use your data

  • Provide the service. Save your projects, sync them across devices, send you the magic link or password reset emails.
  • Improve the product. Aggregate, anonymized usage data helps us understand which features matter and where things break.
  • Communicate with you. Service updates, security notices, billing reminders. You can opt out of marketing emails.
  • Comply with the law. We may retain certain data to meet tax, legal, or regulatory obligations.

We never sell your personal data. We never use your project files to train AI models without your explicit consent.

3. When we share data

We share data only in these specific cases:

  • Service providers. Companies that help us run NEK — like Stripe (payments), Resend (transactional email), Supabase (database). They only access what they need.
  • Legal compliance. If required by law, court order, or to protect rights and safety.
  • Business transfers. If NEK is acquired or merges with another company, your data may transfer — and you'll be notified beforehand.
  • With your permission. When you explicitly share a project, embed a viewer, or use third-party integrations.

4. Data storage and security

Your data is stored on encrypted servers in the European Union (Frankfurt) and United States (Virginia), depending on your region. We use industry-standard encryption (TLS in transit, AES-256 at rest).

We retain your data for as long as your account is active. If you delete your account, we delete your projects within 30 days, except where law requires longer retention (e.g., billing records — 7 years).

5. Your rights

You can, at any time:

  • Access a copy of all data we hold about you
  • Correct inaccurate information in your account settings
  • Delete your account and all associated data
  • Export your projects in standard formats (GLB, PDF, image)
  • Opt out of marketing emails (one click in any email)
  • Object to specific data uses by contacting us

If you're in the EU, you have additional rights under GDPR. If you're in California, you have rights under CCPA. Email us at privacy@nek.studio to exercise any of them.

6. Cookies

We use cookies for three things:

  • Essential cookies — keep you signed in. Cannot be disabled.
  • Analytics cookies — help us understand how the site is used (anonymous).
  • Preference cookies — remember your language, theme, and settings.

We don't use advertising cookies. We don't track you across other websites.

7. Changes to this policy

We may update this policy as the product evolves. If we make material changes, we'll email you at least 14 days in advance. The "Last updated" date at the top of this page always reflects the current version.

8. Contact us

Questions about your data, this policy, or anything else?

We respond to privacy inquiries within 5 business days.