Privacy Policy

Last updated: February 19, 2026

1. What Nudge Does

Nudge is a SaaS tool that helps software companies recover revenue from expiring free trials. It connects to your database, syncs trial user data, and sends automated reminder emails to users whose trials are about to expire.

2. Information We Collect

Account Information

When you sign up, we collect your email address and name through our authentication provider (Clerk). We also store your plan type, subscription status, and usage metrics.

Database Credentials

To sync trial users, you provide database connection details (host, port, username, password, database name). These credentials are encrypted using AES-256-GCM before storage and are only decrypted when performing sync operations. We require read-only database access.

Trial User Data

We sync and store data about your trial users, including: email addresses, names, trial expiration dates, conversion status, and any custom metadata fields you configure in your query settings. This data is used solely to send reminder emails and provide analytics to you.

Email Interaction Data

We track whether reminder emails are delivered, opened, and clicked. This data is collected via our email provider's webhooks and is used to show you conversion analytics in your dashboard.

Payment Information

Payment processing is handled entirely by Polar. We do not store credit card numbers or bank details. We only store your Polar customer ID and subscription status.

3. How We Use Your Information

  • To connect to your database and sync trial user data on your configured schedule
  • To send automated reminder emails to your trial users on your behalf
  • To provide analytics on trial conversions, email delivery, and user status
  • To manage your account, subscription, and usage limits
  • To communicate with you about your account (service emails only)

4. Third-Party Services

We use the following third-party services to operate Nudge:

  • Clerk — Authentication and user management
  • Resend — Email delivery for trial reminder emails
  • Polar — Payment processing and subscription management

Each of these services has their own privacy policies. We only share the minimum data necessary for each service to function.

5. Data Security

  • Database credentials are encrypted at rest using AES-256-GCM with per-record random IVs
  • Encryption keys are stored separately from the database and never logged
  • All connections use HTTPS/SSL
  • We enforce read-only access to your databases
  • Authentication uses JWT tokens with short expiration windows

6. Data Retention

Sync logs are retained for 30 days. Trial user data is retained as long as your project exists. When you delete a project, all associated trial user data, sync logs, reminder history, and encrypted credentials are permanently deleted. When you delete your account, all projects and associated data are removed.

7. Your Rights

You can at any time:

  • Access and export your data from the Nudge dashboard
  • Delete individual projects and all their associated data
  • Delete your entire account
  • Revoke database access by deleting your connection credentials

8. Cookies

We use essential cookies for authentication (managed by Clerk). We do not use advertising or tracking cookies.

9. Changes to This Policy

We may update this privacy policy from time to time. If we make significant changes, we will notify you by email or through a notice in the dashboard.

10. Contact

If you have questions about this privacy policy or how we handle your data, contact us at support@nudge.dev.