Privacy Policy

Effective Date: Upon Publication
Last Updated: November 10, 2025

Nestr Financial LLC ("Nestr", "we", "us", or "our") operates the Nestr mobile application and website at https://nestrapp.com (collectively, the "Service"). We are committed to protecting your privacy and handling your personal information with care and transparency.

This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our Service. By using Nestr, you agree to the collection and use of information in accordance with this policy.

Contact Information

Nestr Financial LLC
619 Murdock Rd
Dallas, TX, USA
Email: support@nestrapp.com

Table of Contents

  1. Information We Collect
  2. How We Use Your Information
  3. How We Share Your Information
  4. Data Retention
  5. Data Security
  6. Your Privacy Rights
  7. SMS Communications
  8. Children's Privacy
  9. International Users
  10. Cookies and Tracking
  11. Changes to This Policy

1. Information We Collect

1.1 Account Information

When you create a Nestr account, we collect:

  • Full name
  • Email address
  • Phone number (required for SMS notifications)
  • Username
  • Date of birth (for age verification - 18+ requirement)
  • Password (stored securely using encryption)
  • Profile photo (optional)

1.2 Financial Information

To process payments and facilitate group savings, we collect and process:

  • Stripe Customer ID and Connect Account ID
  • Bank account details (stored securely via Stripe, not on Nestr servers)
  • Payment methods (credit/debit cards, ACH - stored via Stripe)
  • Transaction history (contributions, payouts, subscriptions)
  • Subscription tier and status (Basic, Pro, or Plus)

Important: Nestr does NOT store your credit card numbers or bank account details directly. All payment information is securely stored and processed by Stripe, our PCI-DSS compliant payment processor.

1.3 Group & Social Data

  • Group memberships and participation history
  • Contribution records and payout history
  • User reviews and ratings
  • Achievement progress and leaderboard rankings
  • Trust score data (calculated based on your activity)
  • Messages within groups
  • User connections

1.4 Device & Technical Information

  • Device type, operating system, and version
  • Push notification tokens
  • IP address (for fraud prevention and SMS consent verification)
  • App version and build number
  • Device identifiers (for error tracking via Sentry)

1.5 Contacts (Optional)

Nestr requests access to your contacts only when you choose to invite friends to your savings groups. Contact information is never stored on our servers and is accessed solely to facilitate invitations you initiate.

1.6 Location Data

Nestr does NOT collect or track your location. We do not request location permissions.

2. How We Use Your Information

We use your information to:

  • Provide the Service: Create accounts, manage groups, process contributions and payouts
  • Send Notifications: Group invitations, contribution reminders, payout alerts, account updates
  • Process Payments: Handle subscriptions, contributions, and payouts via Stripe
  • Verify Identity: Age verification (18+) and KYC for users receiving payouts
  • Improve Security: Detect fraud, prevent abuse, calculate trust scores
  • Customer Support: Respond to inquiries and resolve issues
  • Analyze Usage: Internal analytics to improve features and user experience
  • Comply with Laws: Meet legal and regulatory requirements (AML, financial reporting)
  • Error Monitoring: Track crashes and bugs via Sentry to maintain app stability

3. How We Share Your Information

Nestr does NOT sell your personal information. We share your information only as described below:

3.1 Third-Party Service Providers

Stripe (Payment Processing)

Purpose: Process contributions, payouts, and subscriptions
Data Shared: Payment card details, bank account info, billing addresses
Privacy Policy: https://stripe.com/privacy

Supabase (Backend Infrastructure)

Purpose: User database, authentication, real-time features
Data Shared: Account data, group data, messages
Location: US-based servers
Privacy Policy: https://supabase.com/privacy

Vonage (SMS Notifications)

Purpose: Send group invites, reminders, and notifications via SMS
Data Shared: Phone numbers, message content
Privacy Policy: https://www.vonage.com/privacy-policy/

Sentry (Error Monitoring)

Purpose: Monitor app stability and fix bugs
Data Shared: Crash reports, error logs, device info (NO financial data)
Privacy Policy: https://sentry.io/privacy/

Expo (App Infrastructure)

Purpose: Push notifications, app updates
Privacy Policy: https://expo.dev/privacy

3.2 Legal Requirements

We may disclose your information if required by law, court order, subpoena, or to:

  • Comply with legal obligations (e.g., AML reporting, tax reporting)
  • Protect our rights, property, or safety
  • Prevent fraud or illegal activity
  • Enforce our Terms of Service

3.3 Business Transfers

If Nestr is acquired, merged, or undergoes a business transfer, your information may be transferred to the new owner. We will notify you via email and/or in-app notification before your information becomes subject to a different privacy policy.

4. Data Retention

Active Accounts

  • Account data retained while your account is active
  • Transaction history retained for 7 years (financial and legal compliance)
  • SMS consent records retained for 5 years minimum (regulatory compliance)

Account Deletion

You may request account deletion by emailing support@nestrapp.com. Upon deletion:

  • Personal information deleted within 30 days
  • Transaction records anonymized and retained for legal/regulatory compliance (7 years)
  • Group participation data may remain visible to other group members (anonymized)

Inactive Accounts

Accounts inactive for 2+ years may be archived. We will notify you via email 30 days before archival.

5. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data encrypted in transit (HTTPS/TLS) and at rest
  • Password Security: Passwords hashed using bcrypt
  • Row-Level Security (RLS): Database policies restrict data access
  • PCI-DSS Compliance: Payment data secured via Stripe
  • Access Controls: Role-based permissions (admin, moderator, member)
  • Fraud Detection: Trust score system and transaction monitoring
  • Multi-Factor Authentication (MFA): Available for enhanced account security

While we implement robust security measures, no system is 100% secure. You are responsible for protecting your password and account credentials.

6. Your Privacy Rights

6.1 General Rights (All Users)

  • Access: View all your data within the app or request a copy via email
  • Correction: Update profile information directly in the app
  • Deletion: Request account deletion (see section 4)
  • Portability: Request your data in JSON format
  • Opt-Out: Manage SMS, push, and email notification preferences

6.2 California Residents (CCPA)

Under the California Consumer Privacy Act (CCPA), you have the right to:

  • Know what personal information we collect, use, and share
  • Request deletion of your personal information
  • Opt-out of "sale" of personal data (Nestr does NOT sell data)
  • Non-discrimination for exercising your rights

To exercise your CCPA rights, email support@nestrapp.com with subject line "CCPA Request".

6.3 European Union Residents (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to:

  • Access your personal data
  • Rectification of inaccurate data
  • Erasure ("right to be forgotten")
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent at any time

To exercise your GDPR rights, email support@nestrapp.com with subject line "GDPR Request".

7. SMS Communications (10DLC Compliance)

SMS Opt-In Consent

By checking the SMS opt-in box during signup, you agree to receive text messages from Nestr. Reply STOP to opt out. Reply HELP for help. Message frequency varies. Message and data rates may apply.

What SMS Messages You'll Receive

  • Group invitations from friends or family
  • Contribution reminders for upcoming group payments
  • Payout notifications when funds are distributed
  • Account verification codes (2FA)
  • Important account security alerts

How to Opt-Out

You may opt-out of SMS notifications at any time:

  • Text STOP: Reply "STOP" to any Nestr SMS message
  • In-App Settings: Toggle SMS notifications off in Settings → Notifications
  • Email Request: Contact support@nestrapp.com

STOP Keyword Response

"You have been unsubscribed from Nestr SMS notifications. Reply START to resubscribe. For help, email support@nestrapp.com"

HELP Keyword Response

"Nestr: Group savings reminders & notifications. Msg frequency varies. Msg & data rates may apply. For help: support@nestrapp.com. Reply STOP to opt out."

Supported Carriers

Nestr SMS works with all major US carriers (AT&T, T-Mobile, Verizon, Sprint, and regional carriers). Message and data rates may apply based on your carrier's plan.

8. Children's Privacy

Nestr is NOT intended for users under 18 years of age. We require all users to be at least 18 years old. We do not knowingly collect personal information from children under 18.

If we become aware that a user is under 18, we will immediately terminate their account and delete their information. If you believe a child under 18 has provided us with personal information, please contact us at support@nestrapp.com.

9. International Users & Data Transfers

Nestr is based in the United States. Our servers (via Supabase) are located in the US. If you access Nestr from outside the US, your information will be transferred to, stored, and processed in the United States.

By using Nestr, you consent to the transfer of your information to the United States. We comply with applicable data protection laws, including GDPR for EU users and CCPA for California residents.

10. Cookies and Tracking Technologies

Web Application

Our website uses essential cookies only for:

  • Authentication (keeping you logged in)
  • Session management
  • Security and fraud prevention

We do NOT use marketing cookies, advertising cookies, or third-party tracking pixels (Google Analytics, Facebook Pixel, etc.).

Mobile Application

On iOS, we request permission for tracking (IDFA) with the message:"This app uses tracking to provide you with a better experience and relevant content."

Tracking is used only for Sentry error reporting. You can opt-out via your device settings (iOS: Settings → Privacy → Tracking).

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will:

  • Update the "Last Updated" date at the top of this page
  • Notify you via email (to the address associated with your account)
  • Display an in-app notification
  • For material changes, require your explicit consent to continue using the Service

Continued use of Nestr after changes constitutes acceptance of the updated Privacy Policy, unless the changes are material and require explicit consent.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

Email: support@nestrapp.com
Mail: Nestr Financial LLC, 619 Murdock Rd, Dallas, TX, USA
Response Time: We aim to respond within 24-48 hours

Legal Disclaimer: This Privacy Policy is a template and should be reviewed by a licensed attorney before use. Nestr Financial LLC is not responsible for legal compliance issues arising from the use of this template.

Back to Home