How it worksFeaturesPricingStoriesDownload free →
Legal

Privacy Policy

Last updated: 29 April 2025

Nomp Inc. (“Nomp”, “we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the “Service”).

1. Information We Collect

1.1 Information you provide directly

  • Account information — email address, display name, username, and optional profile details (bio, occupation, date of birth, phone number).
  • Profile photo — if you choose to upload an avatar.
  • Financial data — payment method details processed by Stripe. Nomp does not store full card numbers or bank details.
  • Session content — session names, goals, and buddy interactions you create inside the app.

1.2 Information collected automatically

  • Device and usage data — device type, OS version, app version, IP address, crash reports.
  • Location data — approximate location (city-level) if you grant permission, used for buddy matching.
  • Interaction data — features you use, session durations, streak activity.
  • Push notification tokens — to deliver session reminders and buddy alerts.

2. How We Use Your Information

  • To create and manage your account.
  • To operate accountability sessions and buddy matching.
  • To process wallet top-ups and pledge transactions via Stripe.
  • To send push notifications for session reminders, buddy activity, and streak alerts.
  • To improve and personalise the Service.
  • To detect, prevent, and respond to fraud, abuse, or violations of our Terms of Service.
  • To comply with applicable law and respond to lawful requests.

3. Sharing Your Information

We do not sell your personal data. We share information only in these circumstances:

  • Buddies you connect with — your display name and avatar are visible to users you pair with for sessions.
  • Service providers — Supabase (database hosting), Stripe (payments), Resend (transactional email), and Apple (push notifications). Each is bound by data-processing agreements.
  • Legal requirements — if required by law, court order, or to protect the rights and safety of Nomp or its users.
  • Business transfers — in the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify you beforehand.

4. Data Retention

We retain your account data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymise your personal data within 30 days, except where retention is required by law (e.g., financial transaction records may be retained for up to 7 years).

5. Your Rights

Depending on your jurisdiction you may have the right to:

  • Access — request a copy of the data we hold about you.
  • Correction — request we fix inaccurate data.
  • Deletion — request we delete your data (“right to be forgotten”).
  • Portability — request your data in a machine-readable format.
  • Objection / restriction — object to or restrict certain processing.
  • Withdraw consent — where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at privacy@mynomp.com.

6. Cookies and Tracking

Our website uses minimal cookies — primarily for session management and analytics. We do not use third-party advertising cookies. You can control cookie settings through your browser.

7. Children's Privacy

Nomp is not directed at children under 16. We do not knowingly collect personal data from children under 16. If we become aware that a child under 16 has provided personal data, we will delete it promptly.

8. Security

We implement industry-standard safeguards including encryption in transit (TLS), encryption at rest, and role-based access controls. No system is 100% secure; if you suspect unauthorised access to your account, contact us immediately.

9. International Transfers

Your data may be processed in the United States or other countries where our service providers operate. We ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses for EEA transfers).

10. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via in-app notification or email at least 14 days before the change takes effect. Continued use of the Service after that date constitutes acceptance of the updated policy.

11. Contact Us

For privacy-related questions or requests: