Privacy Policy

Version 3.1 | Last Updated: 25th March 2025

Introduction

Nusmark ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our services through our mobile application (“App”), website, WhatsApp Business Account, integrations (including Google Calendar and Outlook Calendar), and any other related platforms and services we offer including but not limited to booking and discount partners (collectively referred to as “Services”).

By using our Services, you agree to the collection and use of your information in accordance with this Privacy Policy and applicable data protection laws, including the Data Protection Act 2018 (DPA 2018) and UK GDPR/EU GDPR.

1. Information We Collect

1.1 Personal Data

When you sign up for or use our Services, we may collect personal data such as:

• Name
• Email address
• Phone number
• User ID or Account Information
• Other contact details as provided
• Referral data (if applicable, e.g., referral link usage, referral rewards eligibility, and status tracking)

1.2 Usage Data

We collect data on how you interact with our Services, including:

• Messages and emails you choose to share or forward for identifying tasks, events, and reminders
• Calendar events and notifications you create or sync
• Log files, IP addresses, device types, and usage patterns
• In-app activity and features accessed, including mobile and desktop use

1.3 Data from Integrations and Devices

If you connect third-party accounts such as Google Calendar, Outlook Calendar, or other integrations, we collect the minimum necessary data to provide functionalities like Auto Calendar, Smart Reminder, and other scheduling features. This includes:

• Calendar events, appointments, metadata (e.g., times, dates, attendees)
• Integration tokens (encrypted)
• Metadata related to tasks and events

If you use our mobile app, we may request permissions for device features such as:

• Notifications for task and event reminders
• Calendar access to read/write events
• Contacts access (if used for event invites — only with explicit permission)

2. Children's Data and Age Restrictions

Our Services are not intended for use by individuals under the age of 16. If you are under 16, you may only use Nusmark with the consent of a parent or legal guardian.

We do not knowingly collect or process personal data from individuals under 16 without appropriate parental consent. If we discover that we have collected personal data from a child under 16 without such consent, we will delete that data promptly.

If you believe we may have collected personal data from a child under 16 without proper consent, please contact us immediately at legal@nusmark.com.

In jurisdictions where the lawful age for consent is lower than 16 (such as 13 in the United Kingdom), we will comply with the applicable legal age requirements.

3. Lawful Basis for Processing

We process your personal data based on one or more of the following legal bases:

• Consent: Where you provide clear consent for a specific purpose.
• Contract: Where processing is necessary to provide you the Services under a contract.
• Legitimate Interests: Where necessary for our legitimate interests and balanced with your rights.

4. How We Use Your Information

We use your information to:

• Identify tasks, events, and reminders from messages and calendar data.
• Sync and manage your calendar events across Google, Outlook, and mobile platforms.
• Deliver smart notifications and event reminders.
• Improve our AI algorithms (using anonymised and aggregated data only).
• Communicate updates, promotions, and important service changes
• Provide booking, purchase, and reservation capabilities through trusted partners (e.g., travel and activity providers), including advertising and promotions related to these services.
• Track referral activity to determine eligibility for referral rewards, prevent abuse, and ensure fair participation in Nusmark's Referral Program
• Process Premium Services-related features, which may change in scope over time, as outlined in our Terms of Service

5. Sharing, Transfer, and Disclosure of Google and Outlook User Data

5.1 General Principles

We only share, transfer, or disclose Google and Microsoft Outlook user data under the following conditions:

• Third-Party Service Providers: Trusted providers who help operate our Services (e.g., calendar sync, cloud storage, analytics) under strict confidentiality and data security terms.
• Legal Obligations: Where required by law, regulation, or legal process.
• Business Transfers: In mergers, acquisitions, or asset sales, with privacy protections preserved.
• User Consent: With your explicit consent for additional integrations or services.

We do not sell or rent Google or Microsoft user data to third parties for marketing. Data sharing is solely for enabling and improving Nusmark's Services, including future integrations with travel booking, event scheduling, and purchase partners.

5.2 Google API & Microsoft Graph Compliance

Nusmark's use of Google user data complies with the Google API Services User Data Policy, including Limited Use requirements. Nusmark's use of Outlook Calendar data complies with Microsoft's Graph API Terms and Conditions.

We access, use, store, and share calendar data solely to provide the user-facing features described in this Privacy Policy and do not use calendar data for advertising or unrelated purposes.

6. Your Rights Under GDPR and DPA 2018

You have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete data
• Request erasure of your data (subject to lawful retention)
• Restrict or object to processing
• Data portability receive your data in a structured, machine-readable format
• Withdraw consent at any time, where processing is based on consent
• Not be subject to automated decision-making or profiling that produces legal or significant effects

To exercise these rights, contact: legal@nusmark.com.

7. Third-Party Booking, Advertising, and Sales Partners

To offer bookings, purchases, and recommendations (such as travel, experiences, and goods), Nusmark works with trusted third-party providers and sales partners. While we do not share personal data with these partners without consent, if you choose to book or purchase through Nusmark, relevant data may be shared solely for transaction completion and in compliance with this Privacy Policy.

8. Data Transfers Outside the UK and EEA

When transferring data outside the UK/EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions approved by relevant authorities.

9. Data Retention

We retain your data only as long as necessary for delivering our Services, complying with legal obligations, and resolving disputes.

If you choose to delete your account, we will retain essential data for a reasonable period of up to 6 months to address potential legal, regulatory, or security issues — including fraud prevention, dispute resolution, or as required under applicable laws. After this period, your data will be permanently deleted or fully anonymised, unless a longer retention period is required by law.

Referral-related data (e.g., referral links, eligibility status, and rewards tracking) will be retained only as long as necessary to administer the Referral Program, detect fraudulent activity, and comply with our policies.

Premium Services-related data will be retained as long as you have an active subscription and for a reasonable period after cancellation for compliance, refunds, or account recovery purposes.

You can also request earlier deletion of your data, and we will comply unless we are legally required to retain it for specific purposes (e.g., tax or accounting).

10. Data Security

We apply industry-standard security measures to protect your data, including encryption, access controls, and secure storage. However, no method of online transmission is fully secure, and we cannot guarantee absolute security.

11. Consent and Withdrawal

Where data processing is based on your consent, you may withdraw it at any time through our Services or by contacting legal@nusmark.com.

12. Supervisory Authority and Complaints

If you believe we have violated your rights under GDPR or DPA 2018, you may contact your local data protection authority. In the UK, this is the Information Commissioner's Office (ICO).

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our Services, Premium features, Referral Program, or legal requirements.

• The “Last Updated” date will reflect the latest version.
• Users will be notified of material changes via email, WhatsApp, or in-app notifications where required.
• We encourage you to review this Privacy Policy regularly to stay informed about how we handle your data.

For the most up-to-date details about referral tracking and premium feature updates, please refer to our website, app, or official communications.

14. Contact Us

For any questions or concerns about this Privacy Policy or data practices: