Nū Data is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, and protect information when you visit our website. As an organization dedicated to democratizing sustainability and accelerating climate action, we believe in transparency and data protection as fundamental values.

Our Commitment: We collect only essential information necessary for website operation and community engagement, and we never sell or share your personal data with third parties for commercial purposes.

This Privacy Policy applies to the Nū Data website (the "Website") and covers:

• Information we collect when you visit our website

• How we use and protect that information

• Your rights regarding your personal data

• How to contact us with privacy questions

This policy complies with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable privacy laws.

Information You Provide Directly

Contact Forms:

• Name and email address when you contact us

• Message content and any additional information you choose to share

• Organization name (if provided)

• Subject matter of your inquiry

Newsletter Subscription:

• Email address

• Name (optional)

• Organization (optional)

• Areas of interest (optional)

Community Contributions:

• Information provided when contributing to our open source projects

• GitHub username or other repository platform identifiers

• Content of contributions, feedback, or suggestions

Information Collected Automatically

Website Usage Analytics:

• Pages visited and time spent on pages

• Referring websites and search terms

• Browser type, operating system, and device information

• IP address (anonymized in our analytics)

• General geographic location (country/region level)

Technical Information:

• Cookies and similar tracking technologies (see Section 6)

• Log files for website security and performance

• Error reports and crash data

Information We Do NOT Collect

We do not collect:

• Sensitive personal data (health, financial, political opinions)

• Detailed location tracking or GPS coordinates

• Personal data from children under 13

• Data from social media accounts unless you explicitly share it

• Browsing behavior on other websites

Primary Uses

Communication:

• Responding to your inquiries and support requests

• Sending newsletters or updates (with your consent)

• Notifying you about changes to our website or policies

Website Improvement:

• Analyzing website usage to improve user experience

• Identifying and fixing technical issues

• Understanding which resources are most valuable to visitors

Community Building:

• Facilitating collaboration on open source projects

• Connecting you with relevant sustainability resources

• Supporting the global climate action community

Legal Basis for Processing (GDPR)

We process your personal data based on:

• Consent: When you voluntarily provide information or opt-in to communications

• Legitimate Interests: For website analytics, security, and improvement

• Legal Obligation: When required by law to retain certain information

We Do NOT Use Your Information For

• Selling or renting to third parties

• Targeted advertising or marketing campaigns

• Profiling for commercial purposes

• Tracking across other websites

• Any purpose unrelated to our sustainability mission

Third-Party Service Providers

We may share limited information with trusted service providers who help us operate our website:

Web Hosting and Security:

• Website hosting providers for site operation

• Security services for protection against threats

• Content delivery networks for site performance

Analytics and Communication:

• Web analytics services (with anonymized data)

• Email service providers for newsletters and responses

• Repository hosting services (GitHub, etc.) for open source collaboration

All service providers are contractually required to protect your data and use it only for specified purposes.

Legal Requirements

We may disclose information when required by law:

• In response to valid legal requests from authorities

• To protect our rights, property, or safety

• To prevent fraud or abuse

• To comply with court orders or legal processes

Business Transfers

In the unlikely event of a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction, but only with equivalent privacy protections.

Types of Cookies We Use

Essential Cookies:

• Required for basic website functionality

• Security and authentication purposes

• Cannot be disabled without affecting site operation

Analytics Cookies:

• Help us understand how visitors use our website

• Provide anonymized usage statistics

• Can be disabled through browser settings

Preference Cookies:

• Remember your language and display preferences

• Improve your user experience across visits

• Optional and can be managed through settings

Managing Cookies

You can control cookies through:

• Browser settings to block or delete cookies

• Opt-out links in our cookie banner

• Third-party analytics opt-out tools

• Browser privacy extensions

Note: Disabling essential cookies may affect website functionality.

Security Measures

We implement industry-standard security practices:

• Encryption: All data transmitted using SSL/TLS encryption

• Access Controls: Limited access to personal data on need-to-know basis

• Regular Updates: Security patches and system updates

• Monitoring: Continuous monitoring for security threats

Data Retention

We retain personal data only as long as necessary:

• Contact inquiries: 3 years from last contact

• Newsletter subscriptions: Until you unsubscribe

• Analytics data: 24 months (anonymized)

• Log files: 12 months for security purposes

Data Breach Response

In case of a data breach affecting personal data:

• We will assess and contain the breach immediately

• Notify relevant authorities within 72 hours (if required)

• Inform affected individuals without undue delay

• Take steps to prevent future incidents

Universal Rights

Regardless of location, you have the right to:

• Access: Request information about data we hold about you

• Correction: Update or correct inaccurate personal data

• Deletion: Request deletion of your personal data

• Objection: Object to processing for direct marketing

Additional Rights (GDPR - EU Residents)

• Portability: Receive your data in a machine-readable format

• Restriction: Limit how we process your data

• Withdrawal: Withdraw consent at any time

• Complaint: File complaints with data protection authorities

Additional Rights (CCPA - California Residents)

• Know: What personal data is collected and how it's used

• Delete: Request deletion of personal data

• Opt-out: Opt out of sale of personal data (we don't sell data)

• Non-discrimination: Equal service regardless of privacy choices

Our website is not directed to children under 13, and we do not knowingly collect personal data from children. If we discover we have collected information from a child under 13, we will delete it immediately.

Parents who believe their child has provided information to us should contact us immediately.

If you are located outside the country where our servers are hosted, your information may be transferred internationally. We ensure appropriate safeguards are in place:

• Standard contractual clauses for data protection

• Adequacy decisions from relevant authorities

• Other legally recognized transfer mechanisms

Updates

We may update this Privacy Policy to reflect:

• Changes in privacy laws or regulations

• New features or services on our website

• Improvements to our privacy practices

Notification

We will notify you of significant changes by:

• Posting updates prominently on our website

• Updating the "Last Updated" date

• Sending email notifications for material changes (if you've provided your email)

Privacy Questions

For privacy-related questions or to exercise your rights:

Email: hello@nudata.app
Subject Line: Privacy Inquiry - [Your Request Type]

Response Time: We aim to respond within 30 days for rights requests and 5 business days for general inquiries.

Data Protection Officer

Email: nhi@nudata.app
Responsibilities: Ensuring compliance with privacy laws and handling privacy complaints

If you believe we have not addressed your privacy concerns adequately, you may contact your local data protection authority:

• EU Residents: Your national data protection authority

• UK Residents: Information Commissioner's Office (ICO)

California Residents: California Attorney General's Office

This Privacy Policy is available in accessible formats. If you need assistance accessing this information, please contact us using the information provided above.