Nestfy

Privacy Policy

Last updated: March 2026

Overview

Nestfy is committed to protecting your privacy. This policy explains what personal data we collect, why we collect it, how we use and store it, and what rights you have under the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data controller

Nestfy is the data controller responsible for your personal data. If you have questions about how your data is handled, contact us at hello@nestfy.ai.

What we collect

We collect the following personal data when you use Nestfy:

  • Account information — email address and display name, provided at registration
  • Financial information — assets, accounts, residency history, lifestyle costs, and other details you choose to provide during onboarding and ongoing use
  • Usage data — anonymised information about how you interact with the product, collected through privacy-respecting analytics
  • Technical data — browser type, device information, and IP address, collected automatically to maintain service security and performance

We do not connect to your bank accounts, request document uploads, or access data from third-party financial aggregators. You control what financial information you share with Nestfy.

Legal basis for processing

We process your personal data on the following legal bases under the GDPR:

  • Contract performance — to provide the Nestfy service, generate your financial snapshot, outlook projections, and flight plan
  • Legitimate interest — to improve the product, maintain security, and prevent misuse
  • Consent — for optional analytics tracking, which you may opt into or out of at any time

How we use your data

Your data is used to:

  • Generate your financial snapshot, outlook projections, and flight plan
  • Personalise the experience to your residency and tax situation
  • Improve the product through anonymised, aggregated usage analytics
  • Communicate important service updates or changes to these terms

We never sell your personal data. We do not share your financial information with third parties for marketing or advertising purposes.

Analytics

We use privacy-respecting analytics to understand how the product is used and to identify areas for improvement. Analytics data is anonymised and aggregated — it cannot be used to identify you individually.

You can opt out of analytics during onboarding or at any time in your profile settings. Opting out does not affect your access to any Nestfy features.

Data sharing

We may share data with a limited number of trusted service providers who help us operate Nestfy — such as cloud hosting and email delivery. These providers are contractually bound to process data only on our behalf and in compliance with applicable data protection laws.

We do not sell, rent, or trade your personal data. We will disclose information only if required to do so by law or in response to a valid legal request.

Data storage and security

Your data is stored securely using industry-standard encryption in transit and at rest. Authentication uses httpOnly cookies — we do not store sensitive tokens in your browser's local storage.

Access to personal data is restricted to authorised personnel on a need-to-know basis. We regularly review our security practices to ensure they meet current standards.

Data retention

We retain your personal data for as long as your account is active or as needed to provide the service. If you delete your account, your personal data will be permanently removed within 30 days, except where retention is required by law.

Anonymised, aggregated data that cannot be used to identify you may be retained indefinitely for product improvement purposes.

International data transfers

Your data may be processed in countries outside your country of residence. Where data is transferred outside the European Economic Area, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

Your rights

Under the GDPR and applicable data protection laws, you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — correct any inaccurate or incomplete personal data
  • Erasure — request deletion of your personal data
  • Restriction — request that we limit how we process your data
  • Portability — receive your data in a structured, machine-readable format
  • Objection — object to processing based on legitimate interest
  • Withdraw consent — withdraw consent for analytics at any time without affecting the lawfulness of prior processing

To exercise any of these rights, contact us at hello@nestfy.ai. We will respond to all requests within 30 days.

You also have the right to lodge a complaint with your local data protection supervisory authority.

Cookies

Nestfy uses essential cookies required for authentication and service functionality. These cannot be disabled without breaking the service. We do not use third-party advertising or tracking cookies.

If you have opted into analytics, a small number of analytics cookies may be set. These are removed if you opt out.

Changes to this policy

We may update this privacy policy from time to time. Material changes will be communicated via email or in-app notification. The "last updated" date at the top of this page reflects the most recent revision.

Questions about your privacy? Contact us at hello@nestfy.ai.