Nexus

Privacy Policy

Last updated: March 14, 2026

1. Introduction

Nexus ("we", "us", "our") operates the Nexus platform, an AI-powered LinkedIn growth tool for B2B sales teams. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

By using Nexus, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

  • Email address and name (provided during signup)
  • Organization name and team member information
  • Password (stored as a secure hash, never in plaintext)

2.2 LinkedIn Data

  • LinkedIn profile information (name, headline, profile URL) obtained via LinkedIn OAuth
  • LinkedIn post content you create or publish through Nexus
  • Post analytics (impressions, likes, comments, reposts) synced from LinkedIn
  • ICP (Ideal Customer Profile) account public post data collected for engagement monitoring

2.3 Usage Data

  • Feature usage patterns and interaction data
  • Error logs and performance data (via Sentry)
  • Browser type, IP address, and device information

2.4 Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers. We retain Stripe customer IDs and subscription status for billing purposes.

2.5 Integration Data

  • API keys and webhook URLs you provide for third-party integrations (HubSpot, Dripify, Slack, Microsoft Teams, Zoom)
  • Lead and contact data synced to your connected CRM
  • Chat platform user IDs for notification delivery

3. How We Use Your Information

  • Provide and operate the Nexus platform
  • Generate AI-powered LinkedIn post drafts using your input and brand voice settings
  • Monitor ICP accounts for engagement opportunities
  • Send notifications via your connected chat platform
  • Sync lead data to your connected CRM and outreach tools
  • Process payments and manage subscriptions
  • Diagnose technical issues and improve service reliability
  • Communicate product updates and support responses

4. Data Sharing and Disclosure

We do not sell your personal data. We share information only with:

  • Service providers: Supabase (database/auth), Stripe (payments), Anthropic (AI generation), Vercel (hosting), Sentry (error tracking), Phantombuster (LinkedIn data collection)
  • Your connected integrations: Data is sent to services you explicitly connect (HubSpot, Dripify, Slack, Teams, Zoom) based on your configuration
  • Legal requirements: When required by law, subpoena, or to protect our rights

5. LinkedIn Data Compliance

In accordance with the LinkedIn API Terms of Use:

  • LinkedIn data is refreshed regularly and not retained beyond 30 days without refresh
  • We do not sell, rent, or distribute LinkedIn member data to third parties
  • LinkedIn data is used solely to provide Nexus platform features to you
  • You may revoke LinkedIn access at any time through your LinkedIn account settings or the Nexus integrations page

6. Data Retention

  • Account data: Retained while your account is active. Deleted within 30 days of account deletion request.
  • LinkedIn data: Post analytics refreshed periodically. ICP signal data retained for up to 30 days.
  • Payment records: Retained as required for tax and legal compliance.
  • Error logs: Automatically purged after 90 days.

7. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption in transit (TLS/HTTPS) and at rest
  • Row-Level Security (RLS) ensuring multi-tenant data isolation
  • API keys stored as SHA-256 hashes
  • Integration credentials stored encrypted in our database
  • CRON endpoints protected with timing-safe secret validation
  • Security headers (CSP, HSTS, X-Frame-Options) on all responses

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate personal data
  • Deletion: Request deletion of your personal data
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing of your personal data
  • Withdraw consent: Revoke previously given consent at any time

To exercise these rights, contact us at privacy@nexus.app.

9. Cookies

Nexus uses essential cookies only for authentication and session management. We do not use advertising or tracking cookies. No cookie consent banner is currently required as we only use strictly necessary cookies.

10. International Data Transfers

Your data may be processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.

11. Children's Privacy

Nexus is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of Nexus after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

privacy@nexus.app

Terms of ServiceSign In