Privacy Policy

1.1 This Privacy Policy explains how Nubo, Inc. ("Nubo", "we", "us", or "our") collects, uses, and shares personal information when you use the Nubo platform, websites, dashboard, APIs, and related services (the "Service"). It also describes your privacy rights and how to exercise them.

1.2 This policy covers information about you as a user of Nubo. It does not govern the data that you, as a customer, process within your own deployed applications, for which you are the responsible party.

1.3 If you deploy to your own infrastructure using a self-hosted agent, your application and its runtime data stay on your hardware; the logs, metrics, and deployment metadata you view in the dashboard are transmitted to and processed by us.

1.4 By using the Service, you agree to this policy. If you do not agree, do not use the Service.

2.3 When you sign in with GitHub, we receive your GitHub user ID, username, the email address on your GitHub account, and OAuth access and refresh tokens, which we store in encrypted form. If you connect a repository to deploy from, we process its metadata and the branch, commit, and commit-author details (including names and email addresses recorded in commit history) associated with the deployments you trigger. We build from your source but do not retain a copy of it after the build completes.

3.2 Where required by law, we rely on legal bases including performing our contract with you, our legitimate interests in operating and securing the Service, your consent (which you may withdraw), and compliance with legal obligations.

3.3 We do not sell your personal information, and we do not use the contents of your deployments for advertising.

4.2 We do not sell or rent your personal information, and we do not share it for cross-context behavioral advertising.

5.1 We use a small number of strictly necessary cookies to keep you signed in and to protect against cross-site request forgery during sign-in. We do not use advertising or third-party analytics cookies, and we do not operate a tracking or ad network.

5.2 Some third-party features we load, such as our payment provider on billing pages, our status page, and our web-font provider, may set their own cookies or receive your IP address when they load. Their use of that information is governed by their own privacy policies.

5.3 You can control cookies through your browser settings, but disabling the strictly necessary cookies will prevent you from staying signed in.

6.1 We keep personal information for as long as your account is active and as needed to provide the Service. Build and deployment logs are retained for a limited period that depends on your plan, as described on our pricing page, and are then removed.

6.2 After your account closes, we retain or delete information based on the type of data and our obligations, such as resolving disputes and meeting legal, tax, and accounting requirements, and we delete or anonymize information when it is no longer needed for those purposes.

6.3 You can request a copy or deletion of your personal information at any time, as described in Your privacy rights below.

7.1 We use technical and organizational measures designed to protect personal information, including encryption in transit, access controls, and monitoring. We store the environment variables, secrets, and access tokens you entrust to us in encrypted form.

7.2 No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your credentials and API tokens confidential and for the security of any self-hosted infrastructure you connect.

8.1 Nubo is based in the United States and processes information there and in other countries where we or our service providers operate.

8.2 Where we transfer personal information across borders, we use appropriate safeguards as required by applicable law, such as standard contractual clauses, to protect that information.

9.2 If you are in the European Economic Area or the United Kingdom, you may also lodge a complaint with your local data protection authority. If you are a California resident, you have rights under the CCPA, including the right not to be discriminated against for exercising them.

9.3 To exercise any of these rights, contact us at [email protected]. We will respond as required by applicable law and may need to verify your identity first.

10.1 The Service is not directed to children, and you must be at least eighteen (18) years old to use it. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us and we will delete it.

11.1 We may update this policy from time to time. When we make material changes, we will post the updated policy on this page with a new date and, where required, notify you. Continued use of the Service after the changes take effect means you accept the updated policy.

12.1 If you have questions about this policy or our privacy practices, contact us at [email protected].