Up to 30% discount for Advanced package00:00:00:00
0850 850 01 14|Schedule a Call
Log inStart for free
Sign in

Privacy Policy

Last Updated: June 6, 2026

HAMIDINCOM LLC, operating as Nevuto ("Nevuto," "we," "us," or "our"), is committed to protecting your privacy. This Privacy Policy explains what personal data we collect, how we use and share it, and the rights available to you. It applies to all visitors and registered users of nevuto.com and the Nevuto platform ("Services").

By using our Services you acknowledge that you have read and understood this policy. If you do not agree, please discontinue use of the Services.

1. Who We Are

The data controller for personal data collected through nevuto.com is:

HAMIDINCOM LLC (Nevuto)
Albuquerque, New Mexico, United States
Email: support@nevuto.com

2. Scope of This Policy

This policy covers personal data that Nevuto collects in its capacity as a data controller — that is, data relating to:

  • Visitors to nevuto.com (marketing website, blog, help center).
  • Registered merchants who create and manage a Nevuto store account.

It does not cover data that merchants collect from their own end-customers through their Nevuto-powered stores. For that relationship, see Section 8 (Merchant Stores — Data Processor Role).

3. Information We Collect

3.1 Account & Profile Data

When you register for a Nevuto account we collect your full name, business name, email address, phone number, and account credentials (password hash). You may optionally provide a profile photo and business address.

3.2 Billing & Payment Data

When you subscribe to a paid plan we collect billing address and payment method details. Full card numbers are never stored on our servers — payment processing is handled by PCI-DSS-compliant third-party processors who tokenize your card data on our behalf.

3.3 Usage & Technical Data

We automatically collect data when you use the Services, including:

  • IP address, browser type and version, operating system, and device identifiers.
  • Pages visited, referral URLs, time spent, and click-through events.
  • Store performance metrics (sales, traffic sources, conversion rates) tied to your merchant account.
  • Feature usage patterns used to improve and prioritize the platform roadmap.

3.4 Communications Data

When you contact us via email, live chat (Crisp), or our feedback form, we collect the content of your message and any attachments you send. We retain support conversation history to provide continuity of service.

3.5 Marketing Engagement Data

With your consent, we collect data on whether you opened or clicked marketing emails we send, and on interactions with advertisements we run on third-party platforms (Google, Meta, TikTok).

4. How We Use Your Information

We process your personal data for the following purposes:

  • Providing the Services: Creating and managing your account, processing subscription payments, and delivering the features included in your plan.
  • Customer Support: Responding to inquiries, troubleshooting issues, and communicating service-related updates (e.g., downtime, new features).
  • Platform Improvement: Analyzing usage patterns to fix bugs, build new features, and optimize performance.
  • Marketing & Communications: Sending promotional emails, product announcements, and in-app notifications. You may opt out at any time.
  • Advertising: Serving relevant ads on third-party platforms using aggregated or pseudonymized audience data, subject to your cookie consent preferences.
  • Fraud Prevention & Security: Detecting abuse, unauthorized access, and policy violations to protect you and other users.
  • Legal Compliance: Meeting obligations under applicable law, responding to lawful government requests, and enforcing our Terms of Service.

5. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data under the following legal bases:

  • Contract performance (Art. 6(1)(b) GDPR): Processing necessary to fulfill our subscription agreement with you — account creation, billing, and service delivery.
  • Legitimate interests (Art. 6(1)(f) GDPR): Analytics, fraud detection, security monitoring, and direct marketing to existing customers where your interests do not override ours.
  • Consent (Art. 6(1)(a) GDPR): Analytics cookies, advertising cookies, and marketing emails. You may withdraw consent at any time without affecting the lawfulness of prior processing.
  • Legal obligation (Art. 6(1)(c) GDPR): Compliance with applicable tax, financial, and regulatory obligations.

6. Sharing Your Information

We do not sell your personal data. We share it only in the circumstances below:

6.1 Sub-processors & Service Providers

We use the following third-party providers who may process your data on our behalf. Each is bound by a data processing agreement and may only use your data to provide the specified service:

  • Google Analytics 4 / Google Tag Manager — website analytics and tag management (Google LLC, USA).
  • Google Ads — conversion tracking and remarketing (Google LLC, USA).
  • Meta (Facebook) Pixel — advertising conversion measurement (Meta Platforms, Inc., USA).
  • TikTok Pixel — advertising conversion measurement (TikTok Inc., USA).
  • Mixpanel — product analytics and user behavior tracking (Mixpanel, Inc., USA).
  • Segment — customer data platform for routing analytics events (Twilio Inc., USA).
  • Crisp — live chat and customer support (Crisp IM SARL, France).
  • Payment processors — billing and subscription management; specific processors are listed at checkout and in your account settings.

6.2 Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our business, your personal data may be transferred to the acquiring entity. We will notify you via email and/or a prominent notice on our website before your data becomes subject to a different privacy policy.

6.3 Legal Disclosure

We may disclose your personal data if required by law, court order, or governmental authority, or where we believe disclosure is necessary to protect the rights, property, or safety of Nevuto, our users, or the public.

7. Cookies & Tracking Technologies

We use cookies and similar technologies (pixels, local storage) to operate the platform, analyze traffic, and deliver advertising. Our website implements Google Consent Mode v2 — analytics and advertising cookies are blocked by default until you provide explicit consent through our cookie banner.

For a full list of cookies we set, their purpose, and how to manage your preferences, see our Cookie Policy.

8. Merchant Stores — Data Processor Role

When you operate a store on the Nevuto platform, you collect personal data from your own customers (buyers). In this context:

  • You (the merchant) are the data controller — you determine what data is collected, why, and how it is used. You are responsible for having a privacy policy on your store and for complying with applicable data protection laws in relation to your customers.
  • Nevuto acts as a data processor— we process your customers' data solely on your instructions and to provide the Services to you. We do not use your customers' data for our own marketing purposes.

Our Data Processing Agreement (DPA), which governs this relationship, is incorporated by reference into our Terms of Service.

9. International Data Transfers

Nevuto is based in the United States. If you access our Services from the EEA, UK, or other regions with data protection laws, your data may be transferred to and processed in the United States and other countries where our sub-processors operate. Where required, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission as the transfer mechanism to ensure an adequate level of protection.

10. Data Retention

We retain your personal data for as long as your account is active or as necessary to provide the Services. If you close your account:

  • Your account data is deleted within 30 days of account closure.
  • Aggregated or anonymized usage statistics that no longer identify you individually may be retained indefinitely for analytics purposes.
  • Billing records and transaction history may be retained for up to 7 years to comply with financial and tax regulations, regardless of account status.
  • Data retained to comply with a legal hold or ongoing dispute will be kept for the duration of that hold or proceeding.

11. Your Rights

11.1 Rights Under GDPR (EEA & UK Residents)

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure ("right to be forgotten"): Request deletion of your personal data, subject to legal retention obligations.
  • Restriction: Request that we limit how we process your data in certain circumstances.
  • Data portability: Receive your data in a structured, machine-readable format and transmit it to another controller.
  • Objection: Object to processing based on legitimate interests or for direct marketing at any time.
  • Withdraw consent: Withdraw any previously given consent without affecting the lawfulness of prior processing.
  • Lodge a complaint: File a complaint with your local supervisory authority (e.g., your national data protection authority within the EEA or the ICO in the UK).

11.2 Rights Under CCPA / CPRA (California Residents)

If you are a California resident, you have the right to:

  • Know: Request disclosure of the categories and specific pieces of personal information we have collected about you in the past 12 months.
  • Delete: Request deletion of your personal information, subject to certain exceptions.
  • Correct: Request correction of inaccurate personal information.
  • Opt out of sale/sharing: We do not sell personal information. We do not share personal information for cross-context behavioral advertising without your consent.
  • Non-discrimination: We will not discriminate against you for exercising any of these rights.

To exercise any of the above rights, email us at support@nevuto.comwith the subject line "Privacy Request." We will respond within 30 days (or within the timeframe required by applicable law).

12. Security

We implement industry-standard technical and organizational security measures to protect your personal data against unauthorized access, loss, destruction, or alteration. These include encryption in transit (TLS), encryption at rest, access controls, and regular security reviews. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

If you become aware of a potential security vulnerability or breach, please notify us immediately at support@nevuto.com.

13. Children's Privacy

The Nevuto platform is intended for business use and is not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have collected personal data from someone under 18 without verified parental consent, we will take steps to delete it promptly. If you believe a minor has submitted personal data to us, please contact support@nevuto.com.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email or a prominent notice on our website at least 14 daysbefore the changes take effect. The "Last Updated" date at the top of this page reflects the most recent revision. Continued use of the Services after the effective date constitutes acceptance of the updated policy.

15. Governing Law

This Privacy Policy is governed by the laws of the State of Delaware. Any disputes shall be resolved in accordance with the jurisdiction clause in our Terms of Service.

16. Contact Us

For any questions, requests, or concerns regarding this Privacy Policy or the handling of your personal data, please contact:

HAMIDINCOM LLC (Nevuto)
Email: support@nevuto.com
Subject line: "Privacy Request"