Privacy Policy | Nestora

Plain-Language Summary

For ease of understanding, below is a simple summary of key points. This summary does not replace the legal terms below it.

Nestora processes your emails, calendar events, documents, and tasks only on your device.
We do not upload or store your email content, calendar titles, document text, contacts, or personal content on our servers.
We only send the minimal structured data required to enable features like reminders, availability dashboards, anonymized usage analytics, and app performance monitoring.
We do not sell your data, share personal content with advertisers, or use your personal content to train AI models.
You maintain control over your data and may request deletion of any cloud-stored operational data tied to your account.
For Gmail integrations, Nestora complies with Google API Limited Use requirements.

The complete legal policy is below.

This Privacy Policy explains how Piggybank Ventures LLC d/b/a Nestora ("Nestora," "we," "our," or "us") collects, uses, stores, and protects personal information in connection with the Nestora mobile application and related services (the "App").

Nestora is committed to privacy-by-design. Our architecture minimizes data collection and processes personal content primarily on the user's device, not on Nestora servers.

This Privacy Policy applies to users located in the United States and Canada. Nestora is not marketed or intended for use within the European Union or other jurisdictions requiring GDPR-level compliance.

If you do not agree to this Privacy Policy, you must discontinue use of the App.

Information We Collect and Process

Stays on Your Device

Information Processed Locally on Your Device (Not Sent to Nestora)

Nestora performs most analysis and feature generation directly on your device. The following information may be accessed locally but is never transmitted to Nestora servers:

Calendar event titles, descriptions, locations, participants
Email subject lines and bodies
Document and file contents, attachments, and scanned images
Photos you choose to analyze
Notes, memos, and user-entered tasks
Contact names, email addresses, and phone numbers
Raw timestamps, time-of-day information, and scheduling metadata
Educational platform content (where applicable)

This information remains exclusively on your device and is not visible to Nestora.

Minimal Cloud Data

Information Transmitted to Nestora Servers (Minimal, Structured Only)

We transmit only what is necessary to enable essential cloud-based features.

Calendar Availability (Dashboards & Insights)

We may collect de-identified availability data, such as:

"Busy" or "Free" time blocks
Anonymous event identifiers
Anonymous user/family member identifiers
Optional category labels (e.g., Kids, Errands, Travel)

We do NOT send: event titles, descriptions, participants, locations, attachments, or precise timestamps.

Reminders & Notifications

To deliver reminders even when the App is closed or not running:

Anonymous reminder tokens
Reminder trigger times
Reminder type (e.g., "10 minutes before")

We do NOT send: reminder titles, personal notes, or underlying content.

Basic Usage Analytics (Non-Content)

Collected automatically unless restricted by OS settings:

App open frequency
Navigation patterns and screen flows
Feature engagement (e.g., "created a reminder")
Device and performance diagnostics

This does not include any user-generated text or personal content.

Aggregated AI/ML Telemetry (Non-Personal)

To improve suggestions and app intelligence, we may collect:

Acceptance/rejection patterns of suggestions
High-level behavioral trends (e.g., morning vs. evening task completion)
Category-level engagement (Kids, Health, Bills, etc.)

We do not collect raw content, free text, or identifiable information for AI training. All telemetry is aggregated and de-identified.

How We Use Information

We use collected information to:

Provide personalized organization features (tasks, reminders, dashboards)
Improve App performance, reliability, and personalization
Analyze anonymized user patterns to enhance machine learning
Maintain security and compliance
Send reminders and time-based notifications
Provide customer support

Nestora does NOT

Sell personal information
Share personal content with third-party advertisers
Use personal content to train machine learning models
Build marketing profiles or use personal content for advertising

Sharing of Information

We do not sell or rent your information. We only share data in the following situations:

Service Providers

We may share minimal operational data with third-party vendors that support our infrastructure (e.g., cloud hosting). Vendors only receive anonymized or non-content operational data necessary for their function.

Legal Requirements

We may disclose information if required by applicable law, subpoena, court order, or regulatory request.

Google API Limited Use Disclosure

If you connect a Gmail account, Nestora's use of Gmail data is strictly limited per Google API Services User Data Policy.

We do not

Use Gmail content for advertising or profiling
Share Gmail content with third parties (except as needed for core functionality or required by law)
Permit humans to read Gmail content unless explicitly consented to, required for security/abuse investigations, required by law, or aggregated and anonymized for internal operations

Access to Gmail is limited to what is necessary for the App to function. Nestora complies with all Google API Limited Use requirements.

Data Retention

On-device data: Retained until the user deletes the App or clears local storage.
Cloud-stored operational data: Retained while the account is active and deleted upon user request or account closure.
Aggregated analytics: Retained indefinitely in fully de-identified form.

We retain minimal data for as long as needed to provide services. You may request deletion at any time.

Data Security

We use commercially reasonable safeguards to protect data, including:

TLS encryption for data in transit
Encrypted cloud storage where applicable
Access controls, logging, and monitoring

No system is 100% secure. You accept the inherent risks of transmitting information electronically.

Your Rights and Choices

Depending on your jurisdiction, you may have rights to:

Access and obtain a copy of your personal data
Request deletion of cloud-stored operational data
Withdraw consent for certain data uses
Opt out of analytics collection via device privacy settings

To exercise any of these rights, contact hello@nestora.ai.

Third-Party Services

The App integrates with services including Google (Gmail, Calendar), Apple (CalDAV, notifications), and Microsoft (Outlook). These services are governed by their own privacy policies. We are not responsible for their data handling practices.

Children's Privacy

Nestora is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will promptly delete it.

Apple Platform Requirements

The App uses Apple's privacy-preserving technologies, including:

App Tracking Transparency (ATT): We do not track users across apps or websites.
Privacy Nutrition Labels: Our App Store listing accurately reflects our data practices.
On-Device Processing: Core features use on-device AI (where supported).

You may adjust privacy permissions through your iOS Settings.

Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via in-app notification, email, or banner message. Continued use of the App following any update constitutes your acceptance of the revised policy.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, please contact:

Piggybank Ventures LLC d/b/a Nestora

Email: hello@nestora.ai