NestUS Privacy Policy
Effective date: 2026-04-23
Version: 1.0
1. Who We Are
NestUS is a student social and roommate discovery platform.
Contact: privacy@trynest.us
2. Data We Collect
- Account data: school email, account identifiers.
- Profile data: name, major, year, biography, housing preferences.
- User content: stories, posts, messages, moderation reports.
- Verification data: student ID evidence and anti-fraud signals.
- Device and usage data: app diagnostics, push token, analytics (where consented).
3. Why We Use Data
- Provide account, social, roommate, and housing functionality.
- Prevent abuse, fraud, and policy violations.
- Improve service quality and reliability.
- Meet legal obligations.
4. Legal Bases (EU/EEA)
- Performance of contract.
- Legitimate interests (security, abuse prevention, service integrity).
- Consent (non-essential analytics/marketing where required).
- Legal obligations.
5. Sharing
We share data with service providers acting on our instructions, including Supabase, Firebase, and Google (Gemini) for verification anti-fraud processing.
We do not sell personal information.
6. International Transfers
Where required, EU personal data transfers use contractual safeguards (such as SCCs) and supplementary protections.
7. Retention
- Account/profile: until account deletion.
- Verification logs: limited retention for fraud and safety audits.
- Raw verification images: short retention windows only.
- Security logs: limited retention.
8. Your Rights
Depending on jurisdiction, you may request:
- Access/export
- Correction
- Deletion
- Restriction/object
- California rights: know, delete, correct, do-not-sell/share, limit sensitive personal information
Submit requests in-app at Settings -> Data & Privacy or by email at privacy@trynest.us.
9. California Notices (CPRA)
- Categories collected: identifiers, user content, internet activity, education-related profile fields, sensitive verification artifacts.
- Purposes: product operation, safety, fraud prevention, analytics (where permitted).
- Rights: know/delete/correct; opt-out of sale/share; limit sensitive PI use.
10. Children and Minors
NestUS provides additional protections for minors, including stricter privacy defaults and reduced discoverability.
11. Security
We use encryption in transit and at rest, access controls, and monitoring. No system can guarantee absolute security.
12. Changes
Material changes are versioned and may require renewed acknowledgment in-app.
