Numi Privacy Policy

Last Updated: Apr-20-2025

This Privacy Policy describes how Numi ("we", "our", or "us") collects, uses, discloses, and protects your personal data when you use our application ("App"). By using Numi, you agree to the practices described in this policy.

1. Information We Collect

We may collect and process the following categories of personal data:

- Identification Data: Such as your name and email address.
- Transaction and Order Information: Such as license keys, order numbers, purchase history, and billing information provided during purchase (note: sensitive payment details like full credit card numbers are typically handled directly by our payment processors).
- Communication Data: Such as support requests, feedback, survey responses, and other communications you send to us.
- Technical and Usage Data: Such as your IP address, approximate location derived from IP address, operating system version, device type, App version, crash reports, session duration, feature usage frequency, and other interaction data with the App.

Under the CCPA/CPRA, these may correspond to categories such as: Identifiers, Customer Records information, Commercial Information, and Internet or other electronic network activity information.

This data is collected directly from you (e.g., when you purchase a license, contact support) or indirectly via our trusted partners and service providers (e.g., payment processors, analytics services).

2. How We Use Your Information

We use the collected personal data for the following purposes:

- To activate, manage, and validate your software license.
- To verify and process your transactions and prevent fraudulent activity.
- To provide customer support, respond to your inquiries, and fulfill your requests.
- To analyze technical and usage data to understand usage patterns, diagnose technical problems, ensure the security of our services, and improve the App’s functionality, performance, and user experience.
- To communicate with you regarding your license, important service updates, security notices, and changes to our terms or policies.
- To send you feature announcements, tips, and promotional offers via email, where permitted by law. You may opt out of marketing communications at any time via the unsubscribe link provided in the email or by contacting us directly at mail@numi.app.
- To comply with applicable legal obligations, court orders, or governmental regulations.
- To enforce our terms of service and protect our rights and property.

3. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), Switzerland, or the UK, we process your personal data based on the following legal grounds:

- Performance of a Contract: Processing necessary to provide the licensed software and services you requested (e.g., activating your license, processing payments, providing support).
- Compliance with Legal Obligations: Processing necessary to comply with our legal requirements (e.g., financial record-keeping).
- Legitimate Interests: Processing based on our legitimate interests, provided these are not overridden by your rights and interests. This includes operating and improving our App, providing customer support, preventing fraud, ensuring network and information security, and for direct marketing communications (where permitted, with appropriate opt-out mechanisms).
- Consent: Where required by law (e.g., for certain types of marketing communications or cookies), we will rely on your consent. You can withdraw your consent at any time.

4. Your Privacy Rights

Depending on your jurisdiction (e.g., EEA under GDPR, California under CCPA/CPRA), you may have certain rights regarding your personal data. These may include the right to:

- Access: Request access to the personal data we hold about you.
- Correction (Rectification): Request correction of inaccurate or incomplete data.
- Deletion (Erasure): Request deletion of your personal data, subject to certain exceptions (e.g., legal obligations).
- Object to Processing: Object to processing based on legitimate interests or for direct marketing.
- Restrict Processing: Request restriction of how we process your data in certain circumstances.
- Data Portability: Receive your data in a structured, commonly used, machine-readable format (GDPR).
- Withdraw Consent: Withdraw your consent at any time where processing is based on consent.
- Opt-Out of Sale/Sharing (CCPA/CPRA): We do not "sell" or "share" your personal data as those terms are defined under the CCPA/CPRA.
- Limit Use and Disclosure of Sensitive Personal Information (CPRA): If we were to collect SPI, you would have the right to limit its use (as noted in Section 1, we generally do not collect SPI directly).
- Non-Discrimination: Not be discriminated against for exercising your privacy rights (CCPA/CPRA).
- Lodge a Complaint: File a complaint with a relevant data protection supervisory authority (GDPR).

To exercise these rights, please submit a verifiable request via email to mail@numi.app. We may need to verify your identity before processing your request. We will respond to your request within the timeframes required by applicable law (e.g., typically 30 days for GDPR and 45 days for CCPA/CPRA, subject to permitted extensions).

California residents may designate an authorized agent to make requests on their behalf, subject to verification requirements.

5. Data Sharing and Third Parties

We do not sell or share (for cross-context behavioral advertising) your personal data. We may disclose your personal data to the following categories of recipients for the purposes described in this policy:

- Cloud Service Providers: Hosting providers like AWS, DigitalOcean, Linode for data storage and application hosting.
- CDN and Infrastructure Providers: Services like Bunny CDN, Cloudflare for content delivery and security.
- Payment Processors and Resellers: To process your payments securely.
- Analytics Providers: To help us understand app usage (data is often aggregated or pseudonymized).
- Authorized Contractors and Affiliated Companies: Individuals or entities under common ownership or control, engaged to help us provide or improve the service, subject to confidentiality obligations.
- Legal and Regulatory Bodies: Law enforcement, government authorities, or courts when required by law, subpoena, or other legal process, or to protect our rights or the safety of others.

We enter into contracts with our Service Providers and Contractors where required, which restrict their use of your personal data and require them to maintain confidentiality and implement appropriate security measures. For example, Identifiers and Transaction Information may be shared with payment processors; Technical and Usage Data may be processed by our cloud hosting and analytics providers.

6. International Transfers

Your personal data may be transferred to, stored, and processed in countries outside of your country of residence, including the United States, where our servers or service providers may be located. Data protection laws in these countries may differ from those in your jurisdiction. We ensure that appropriate safeguards are in place for such transfers as required by applicable law, such as Standard Contractual Clauses (SCCs) approved by the European Commission or UK authorities, or reliance on adequacy decisions.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, as outlined in this policy, and to comply with our legal obligations. For example, data linked to your license may be kept while the license is active and for a reasonable period thereafter for support, record-keeping, and potential license reactivation. Transaction data may be retained longer to comply with legal or financial obligations (e.g., tax laws). Technical and usage data is typically retained only as long as necessary for service improvement and security, often in aggregated or anonymized form after a certain period.

8. Security

We implement industry-standard administrative, technical, and physical security measures designed to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction. However, please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

9. Children's Privacy

The App is not intended for individuals under the age of 16 (or the relevant age of consent in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child, we will take steps to delete such information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The updated version will be indicated by a revised "Last Updated" date. We encourage you to review this Privacy Policy periodically. Your continued use of the App after the effective date of the updated policy constitutes your acceptance of the changes.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

Email: mail@numi.app
Website: https://numi.app