Purposeful Conversations in 20 Minutes or Less

Nectly is a cloud-based platform that enables structured, 20-minute professional conversations—paid or donated. We are deeply committed to your privacy and data security.

We only request the minimum necessary permissions for seamless scheduling and session management. Internally, data access is granted strictly on a need-to-know basis.

2. Data Encryption

All communication between your device and Nectly is encrypted using TLS SHA-256 with RSA.
All stored data is encrypted at rest.
We do not store your passwords.

3. PCI Compliance

All payment processing is handled by Stripe, a PCI-DSS Level 1 compliant provider. Your payment data never touches Nectly’s servers.

4. GDPR & PII Compliance

We comply fully with GDPR and similar international laws. Our privacy program protects Personally Identifiable Information (PII) through:

Data minimization
Transparent processing
User control over data

5. Integrations and Access Limits

When you connect services like Stripe, we only access:

Your connected account ID
The account’s capabilities list

No broader access is requested.

6. Security Architecture

AWS Fargate containers isolate memory, file systems, and services
Host-based firewalls prevent local cross-talk between services
Continuous vulnerability scanning of repositories and infrastructure

7. Privacy Notice Overview

This Privacy Notice describes how Nectly, s.r.o. collects, uses, and shares personal data. It applies to all websites and platforms under the Nectly brand.

8. Applicability of This Notice

This Notice applies when Nectly controls your data. When a customer uses Nectly to collect data, Nectly acts as a data processor on their behalf.

9. Information We Collect

Directly from You

Name, email, and account credentials
Billing data (processed via Stripe)
Survey or feedback responses

Automatically

Log and device data (IP, OS, browser)
Cookie and tracking data
Usage data (e.g., session types, frequency)

From Third Parties

SSO providers
Marketing sources

10. How We Use Your Information

Deliver and maintain our services
Respond to support inquiries
Communicate essential updates
Improve the platform through usage analysis
Prevent fraud and secure accounts
Comply with legal obligations

11. Sharing Your Information

We share data with:

Service providers (e.g., Stripe, AWS, analytics)
Affiliates and subsidiaries
Legal or regulatory authorities as required

12. Subprocessors

Name	Activity	Location
Amazon Web Services	Infrastructure	EU, USA
Google	Analytics, Email	EU, USA

13. Data Retention Policy

Account data: Duration of account + 12 months post-deletion
Analytics: Cookie duration or until opt-out
Billing info: As required by law

14. Your Rights and How to Exercise Them

Depending on where you live and applicable data protection laws (such as GDPR or CCPA), you may have specific rights regarding your Personal Data. These rights generally include:

Right to Know and Access: You can ask to see what Personal Data we've collected about you, including its categories, sources, collection purposes, and how it's been used, disclosed, sold, or shared.
Right to Correction: You can request that we correct any inaccurate Personal Data we hold about you.
Right to Deletion: Under certain conditions, you can ask us to delete your Personal Data.
Right to Opt-Out of Sale/Sharing: You can choose to opt out if your Personal Data is "sold" or "shared" as defined by applicable laws, particularly for purposes like targeted advertising.
Right to Object to Processing: You can object to or opt out of specific types of processing, such as targeted advertising, direct marketing, profiling, and automated decision-making.
Right to Restrict Processing: You can ask us to limit how we process your Personal Data under certain circumstances.
Right to Data Portability: You can request a copy of your Personal Data in an accessible, machine-readable format.
Right to Withdraw Consent: In situations where we rely on your consent for processing your Personal Data, you have the right to withdraw that consent at any time.
Right to Lodge a Complaint: You have the right to file a complaint with your relevant data protection supervisory authority if you believes your rights have been violated. For EU residents, you can find contact information for these authorities on the European Data Protection Board's website or other public sources.

To exercise these rights, please contact us at privacy@nectly.io. We may need to verify your identity before fulfilling your request.

15. Cookies & Tracking Technologies

You can control cookies via:

Your browser settings
Our website footer (“Cookie Settings”)
Account settings

Nectly uses a consent management platform to comply with GDPR and CCPA.

16. Data Transfers & International Users

If you’re outside the U.S., your data may be transferred to and processed in the U.S. or other countries. Transfers are governed by:

EU-U.S. Data Privacy Framework

17. Security and Breach Notification

While no system is immune to risks, Nectly employs industry-standard practices to minimize threats. In case of a breach, we notify affected users and regulators as legally required.

18. Children's Privacy

Nectly is not intended for individuals under 18. We do not knowingly collect data from minors. If such data is discovered, it will be deleted immediately.

19. CCPA Notice for California Residents

We do not sell personal information. However, depending on cookie preferences, some data may be shared for cross-context behavioral advertising. California users can:

Request access, correction, or deletion of their data
Opt out of such sharing via our cookie settings

20. Updates to This Notice

We may update this Privacy Notice periodically. Material changes will be posted with a new “Effective Date.”

21. Contacting Us

Email: privacy@nectly.io

For EU/UK users: Our data protection representatives’ contact details are available upon request.