Privacy Policy

Last updated: February 3, 2026

1. Introduction

Little Nudge ("we", "our", or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, business name, phone number
  • Billing Information: Payment details (processed securely by Stripe)
  • Business Information: Review URLs, business location, branding (logo)
  • Customer Data: Customer names, email addresses, phone numbers you upload

2.2 Information We Collect Automatically

  • Usage Data: Pages visited, features used, time spent
  • Device Information: IP address, browser type, device type
  • Cookies: We use cookies for authentication and analytics
  • Review Request Data: Open rates, click rates, sentiment responses

2.3 Information from Third Parties

  • Google Business Profile: If connected, we access your business data and performance metrics
  • Review Platforms: Publicly available review data from Google and Facebook

3. How We Use Your Information

We use your information to:

  • Provide and maintain the Service
  • Send review requests on your behalf via SMS and email
  • Process your payments and manage subscriptions
  • Provide customer support
  • Analyze usage to improve the Service
  • Send important service updates and notifications
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

4. How We Share Your Information

We may share your information with:

4.1 Service Providers

  • Stripe: Payment processing
  • Twilio: SMS delivery
  • Resend: Email delivery
  • Vercel: Hosting and infrastructure
  • Neon: Database hosting
  • Clerk: Authentication services

4.2 Legal Requirements

We may disclose your information if required by law, court order, or to protect our rights or the rights of others.

4.3 We Do NOT

  • Sell your personal data to third parties
  • Use your customer data for our own marketing
  • Share your data with competitors

5. Data Security

We implement appropriate security measures to protect your data:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest for sensitive data
  • Regular security updates and monitoring
  • Access controls and authentication
  • Secure payment processing (PCI-DSS compliant via Stripe)

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your data:

  • Account Data: Until you delete your account, plus 30 days
  • Customer Data: Until you delete it or close your account
  • Usage Logs: Up to 90 days for security and analytics
  • Billing Records: As required by law (typically 7 years)

7. Your Rights

Depending on your location, you have rights including:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate or incomplete data
  • Deletion: Request deletion of your data ("right to be forgotten")
  • Portability: Export your data in a machine-readable format
  • Objection: Object to processing of your data
  • Withdrawal: Withdraw consent at any time

To exercise these rights, contact us at hello@littlenudge.io

8. Cookies and Tracking

We use cookies for:

  • Essential Cookies: Authentication and security (required)
  • Analytics Cookies: Understanding how you use the Service
  • Preference Cookies: Remembering your settings (dark mode, etc.)

You can control cookies through your browser settings, but this may affect Service functionality.

9. International Data Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable
  • Service providers certified under relevant frameworks

10. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect data from children. If you believe we have collected data from a child, please contact us immediately.

11. Your Customer Data Obligations

When you use our Service to contact your customers, you are the data controller. You must:

  • Obtain proper consent from your customers
  • Comply with applicable privacy laws (GDPR, CCPA, etc.)
  • Provide customers with a way to opt out
  • Have a valid legal basis for contacting customers

Little Nudge is a data processor for your customer data. You retain responsibility for compliance.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. Your continued use after changes constitutes acceptance.

13. Contact Us

For questions about this Privacy Policy or to exercise your rights, contact us at:

Email: hello@littlenudge.io
Website: https://www.littlenudge.io

14. Regional Information

For EU/EEA Users (GDPR)

Our legal basis for processing your data includes: contract performance, legitimate interests, and your consent where required. You have the right to lodge a complaint with your supervisory authority.

For California Users (CCPA)

You have the right to know what personal information we collect, request deletion, and opt out of sale (we do not sell personal information). Contact hello@littlenudge.io to exercise these rights.