Privacy Policy
Last updated: June 18, 2026
This policy explains how Nestor Code Crafters UG processes personal data when you visit nestornotes.com, create a Nestornotes account, connect sources, use our product, contact us, or interact with our APIs and integrations.
1. Controller and Contact
Nestor Code Crafters UG, Kolonnenstr. 8, 10827 Berlin, Germany, is the controller for personal data processed through Nestornotes unless another role is stated in a separate agreement.
Privacy questions and requests can be sent to info@nestornotes.com.
2. Data We Process
Depending on how you use Nestornotes, we may process:
- account data, such as your name, email address, login method, profile settings, workspace settings, and authentication identifiers;
- billing data, such as plan, subscription status, customer identifier, invoices, and payment events from our payment provider;
- source and content data, such as forwarded emails, newsletters, articles, RSS items, videos, podcasts, links, metadata, summaries, tags, bookmarks, archive status, and connected-source identifiers;
- usage data, such as pages viewed, product actions, searches, subscriptions, API requests, credit usage, logs, device information, browser type, approximate location from IP address, and timestamps;
- communication data, such as messages you send through contact forms, support requests, emails, or feedback channels;
- cookie and analytics data, as described in the cookie section below.
3. Where Data Comes From
We collect data directly from you, from your device, from the product actions you take, from sources you choose to connect, and from service providers that help us run Nestornotes. For example, an authentication provider may tell us that you logged in, a payment provider may tell us that your subscription changed, and a connected feed or integration may provide content you asked Nestornotes to process.
We may also process public or third-party source metadata when it is needed to support discovery, subscriptions, search, or source previews inside the product.
4. Connected Sources and User Content
Nestornotes is built to process information that you choose to bring into the product. When you connect a source, subscribe to a feed, forward content, upload material, or use an integration, we process that content so the product can store it, organize it, summarize it, search it, and display it back to you.
You are responsible for choosing which sources to connect and what content to submit. If connected content contains personal data about other people, we process it as part of providing the service to you.
5. How We Use Data
We use personal data to:
- provide, secure, maintain, and improve Nestornotes;
- create and manage accounts, sessions, subscriptions, and billing;
- import, parse, summarize, classify, index, retrieve, and display content that you add or connect;
- power search, recommendations, digests, API access, usage limits, and credit accounting;
- respond to support, contact, and sales messages;
- detect abuse, protect accounts, troubleshoot issues, and prevent fraud or misuse;
- understand product usage, measure performance, and improve user experience;
- send product, account, support, onboarding, and marketing communications, where allowed;
- comply with legal, accounting, tax, and security obligations.
6. AI Processing
Some features use AI providers to create summaries, embeddings, labels, search results, or other generated output. When you use those features, the relevant content and prompts may be sent to an AI provider so the feature can work.
We do not intentionally send more content than needed for the requested feature. AI output may be stored in your Nestornotes account so you can view, search, and reuse it later.
7. Legal Bases
Where the GDPR or similar law applies, we rely on the following legal bases:
- contract, when processing is needed to provide Nestornotes or paid features you request;
- legitimate interests, such as securing the service, improving the product, preventing abuse, and understanding aggregate usage;
- consent, where we ask for it, such as for optional cookies or certain communications;
- legal obligation, where records or disclosures are required by law.
8. Service Providers and Sharing
We share personal data with service providers only as needed to operate Nestornotes. These providers may include hosting and database providers, authentication services, payment processors, email providers, AI providers, analytics tools, error monitoring, storage providers, and customer communication tools.
We may also disclose data if required by law, to protect rights and security, to investigate misuse, to respond to legal process, or as part of a merger, acquisition, financing, restructuring, or sale of assets. We do not sell personal data.
9. International Transfers
Nestornotes may use providers located outside your country. When personal data is transferred internationally, we use safeguards required by applicable law, such as contractual protections or transfer mechanisms approved for the relevant jurisdictions.
10. Retention
We keep personal data for as long as needed to provide Nestornotes, maintain your account, comply with legal obligations, resolve disputes, prevent abuse, and keep appropriate business records.
Some information may remain in backups, logs, billing records, security records, or audit trails for a limited period after account deletion or termination. We delete or anonymize data when it is no longer needed.
11. Your Rights
Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to the processing of your personal data. You may also have the right to withdraw consent where processing is based on consent.
To make a privacy request, contact info@nestornotes.com. We may need to verify your identity before completing a request. If you are in the EU or another jurisdiction with a data protection authority, you may also have the right to lodge a complaint with that authority.
If you receive marketing emails from us, you can opt out using the unsubscribe link in the email or by contacting us. We may still send non-marketing messages such as security notices, billing messages, and service updates.
12. Additional Regional Rights
Some privacy laws provide additional rights, including rights to know categories of data collected, request deletion, correct inaccurate data, receive a portable copy, opt out of certain disclosures, or appeal a denied request. If those rights apply to you, you can exercise them by contacting us at the address above.
We will not deny service, charge a different price, or provide a different level of service because you exercised privacy rights, except where a requested change makes it impossible to provide a feature or where the law permits a different outcome.
13. Security
We use technical and organizational measures designed to protect personal data, including access controls, authentication, transport security, provider controls, and operational monitoring. No online service can guarantee absolute security, so you should protect your account credentials and API keys carefully.
If a security incident creates a notification obligation, we will handle notices and regulator communications as required by applicable law.
14. Children
Nestornotes is not intended for children. Do not use Nestornotes if you are not old enough to form a binding agreement or if using the service would require parental consent under the laws that apply to you.
15. Cookies and Similar Technologies
We use cookies and similar technologies to operate the site, keep users signed in, remember preferences, measure performance, understand product usage, and protect the service from abuse.
Essential Cookies
Essential cookies are needed for authentication, security, routing, session management, billing flows, and other core functionality. The service may not work correctly without them.
Preference Cookies
Preference cookies help remember choices such as theme, consent state, session preferences, and other settings that make the site behave consistently for you.
Analytics and Measurement
We may use analytics and performance tools to understand how the website and product are used. These tools help us measure page views, product events, performance, and errors so we can improve Nestornotes.
Marketing and Attribution
We may use marketing or attribution technologies to understand which pages, campaigns, or referrals lead people to Nestornotes. Where consent is required for these technologies, we rely on that consent.
Cookie Choices
You can control cookies through your browser settings. Blocking or deleting cookies may affect login, preferences, checkout, analytics choices, or other product behavior.
Some browsers send Do Not Track signals. Our site is not currently configured to respond to those signals because there is no consistent industry standard for them.
16. Third-Party Websites
Nestornotes may link to third-party websites, sources, or platforms. Their privacy practices are controlled by them, not by us. Review their privacy notices before using those services or connecting them to Nestornotes.
17. Changes to This Policy
We may update this policy as the product, law, or our data practices change. If an update is material, we will use a reasonable notice method, such as updating this page, showing an in-product notice, or sending an email.
18. Related Terms
Your use of Nestornotes is also governed by our Terms of Service.