Privacy Policy

Last updated: April 14, 2026

1. Introduction

NEXUS ("we," "our," or "us") operates the NEXUS financial intelligence platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including our website, dashboard, AI agents, and related services (collectively, the "Service").

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree with the terms, please do not access the Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: When you register, we collect your email address and password (securely hashed). You may optionally provide your full name.
  • Portfolio Data: Investment holdings, asset quantities, purchase prices, and notes you voluntarily add to the platform.
  • Watchlists & Alerts: Asset symbols and price thresholds you configure.
  • Communications: Messages you send through the Support Agent chat and any support requests.

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, search queries, and interaction timestamps.
  • Device Information: Browser type, operating system, screen resolution, and IP address.
  • Cookies: Session cookies for authentication. We do not use tracking or advertising cookies.

2.3 Information From Third Parties

  • Market Data Providers: We fetch publicly available market data from CoinGecko, Alpha Vantage, NewsAPI, Finnhub, FRED, and CoinMarketCap. This data is not personal information.
  • Authentication Providers: If you sign in via third-party providers (e.g., Google), we receive your email and profile name as permitted by your provider settings.

3. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve the Service
  • Generate personalized AI agent reports and portfolio analysis
  • Process price alerts and notifications
  • Respond to support inquiries via the Support Agent
  • Monitor and prevent abuse or unauthorized access
  • Comply with legal obligations

We do not sell, rent, or trade your personal information to third parties.

4. AI Agent Data Processing

Our AI agents (Market Analyst, News Curator, Risk Monitor, Portfolio Advisor, Content Writer, and Support Agent) process data as follows:

  • Public Agents: Market Analyst, News Curator, Risk Monitor, and Content Writer analyze publicly available market data. Their outputs are visible to all users.
  • Personalized Agents: The Portfolio Advisor analyzes your individual portfolio holdings to provide tailored recommendations. This data is processed through OpenAI's API and is subject to OpenAI's data usage policies.
  • Support Agent: Conversations are processed in real-time through OpenAI's API. Chat history is stored locally in your browser session and is not permanently saved on our servers.

5. Data Storage & Security

  • Infrastructure: Data is stored on Supabase (PostgreSQL) with row-level security (RLS) policies ensuring users can only access their own data.
  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
  • Authentication: Passwords are hashed using bcrypt. Sessions use secure, HTTP-only tokens.
  • Access Control: Our team employs least-privilege access. No employee can access your portfolio data without explicit authorization.

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law. Anonymized, aggregated analytics data may be retained indefinitely.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access and receive a copy of your personal data
  • Rectify inaccurate personal data
  • Request deletion of your personal data
  • Restrict or object to processing of your data
  • Data portability (receive your data in a structured format)
  • Withdraw consent at any time

To exercise these rights, contact us at privacy@nexus.app.

8. Third-Party Services

We use the following third-party services:

  • Supabase: Database and authentication infrastructure
  • OpenAI: AI model processing for agent intelligence
  • Vercel: Application hosting and deployment
  • Stripe: Payment processing (when applicable)

Each provider maintains its own privacy policy and data processing standards.

9. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover such data has been collected, we will delete it immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at:

  • Email: privacy@nexus.app