Legal

Privacy Policy

This Privacy Policy explains how NoCodeBros handles personal information across our websites, web applications, SaaS products, APIs, mobile applications, support channels, and related services.

Effective date: May 12, 2026

1. Scope and controller

This policy applies to products and services operated by NoCodeBros, including NoCodeBros websites, Gatekeeper AI app support, mobile apps, SaaS dashboards, web apps, APIs, automation tools, customer support, marketing pages, and beta or pilot services that link to this policy. NoCodeBros is the controller of personal information we process for our own business purposes. Where we process customer content on behalf of an enterprise customer under a written agreement, we act as a processor or service provider as described in that agreement.

2. Information we collect

Depending on the service, account configuration, and user choices, we may collect:

  • Account and identity information, such as name, email address, organization, role, login credentials, and profile details.
  • Contact and support information, including messages, attachments, issue history, and communications metadata.
  • Commercial and billing information, such as plan, subscription status, transaction records, tax details, and invoices.
  • Device, app, and usage information, including IP address, device identifiers, operating system, browser, app version, pages viewed, feature usage, crash logs, diagnostics, and approximate location derived from IP address.
  • Customer content submitted to our products, such as prompts, files, app inputs, workspace data, forms, automations, and outputs.
  • Mobile app permissions data, such as camera, photos, microphone, notifications, contacts, location, or device storage only when a product feature requests permission and the user grants access.
  • Cookie and similar technology data, as described in our Cookies Policy.
  • Information from third parties, such as authentication providers, payment processors, app stores, analytics providers, integration partners, and enterprise administrators.

3. How we use information

We use personal information to:

  • Provide, operate, secure, troubleshoot, and improve our services.
  • Create and manage accounts, subscriptions, workspaces, authentication, and access controls.
  • Process payments, issue invoices, administer trials, and prevent fraud or misuse.
  • Deliver product features, mobile app functionality, integrations, notifications, and user-selected automations.
  • Respond to support requests, business enquiries, legal requests, and security incidents.
  • Analyze service performance, reliability, adoption, and product quality.
  • Send service notices, policy updates, security alerts, and, where permitted, product and marketing communications.
  • Comply with law, enforce agreements, protect rights, and maintain audit records.

4. Legal bases for processing

Where laws such as the GDPR or UK GDPR apply, our legal bases may include performance of a contract, legitimate interests, consent, compliance with legal obligations, and protection of vital interests where relevant. Our legitimate interests include operating secure digital services, preventing abuse, improving products, communicating with business users, and supporting customers. Users may withdraw consent where processing is based on consent, without affecting prior lawful processing.

5. How we share information

We may share information with:

  • Service providers that host, secure, analyze, support, communicate, bill, or otherwise help operate our services.
  • Enterprise customers and workspace administrators, where a user accesses services through an organization.
  • Integration partners and app marketplaces, when a user enables an integration or purchases through a platform.
  • Professional advisers, auditors, insurers, and financing partners under confidentiality obligations.
  • Authorities, courts, regulators, or other parties where required by law or necessary to protect rights and safety.
  • Successors in connection with a merger, acquisition, financing, reorganization, or sale of assets.

We do not sell personal information for money. Some analytics, advertising, or cross-context tracking activities may be considered a sale, sharing, or targeted advertising under certain privacy laws. Where those laws apply, users may exercise applicable opt-out rights.

6. Sensitive data, children, and regulated data

Our services are intended for business and general audience use and are not directed to children under 13. We do not knowingly collect personal information from children under 13. Some products may process sensitive data only when a customer or user chooses to provide it or enables a feature that requires it. Customers are responsible for ensuring they have the rights, notices, permissions, and legal bases needed before submitting regulated data, including health, financial, education, biometric, government identifier, or employment data.

7. International transfers

We may process and store information in countries other than where users are located. When required, we use appropriate transfer mechanisms such as standard contractual clauses, data processing agreements, adequacy decisions, or other lawful safeguards.

8. Security and retention

We use administrative, technical, and organizational safeguards designed to protect personal information, including access controls, encryption where appropriate, monitoring, backups, and vendor review. No system is perfectly secure. We retain information for as long as needed to provide the services, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and support legitimate business records. Retention periods vary by data type, product, customer configuration, and legal requirement.

9. Privacy rights

Depending on location and applicable law, users may have rights to access, correct, delete, restrict, object to, port, or opt out of certain processing of personal information. California residents may have rights to know, delete, correct, limit use of sensitive personal information, and opt out of sale, sharing, or targeted advertising. Users may also have the right to lodge a complaint with a data protection authority.

To exercise rights, contact support@nocodebros.net. We may verify the request and, for enterprise services, may direct the request to the relevant customer if they control the workspace data.

10. App store and mobile platform disclosures

Our mobile apps may require platform privacy labels, app store privacy details, and runtime permission prompts. Those disclosures are intended to be consistent with this policy but may summarize collection and sharing in platform-specific categories. If an app requests access to sensitive device permissions, the app should explain the feature purpose before or when permission is requested.

11. Changes and contact

We may update this policy as our services, laws, and business operations change. Material changes will be communicated through reasonable channels, such as posting an updated policy or sending service notices. For privacy questions, contact support@nocodebros.net. For Gatekeeper AI app support, contact gatekeeper@nocodebros.net.