PRIVACY POLICY.

CONTACT: legal@nellyx.xyz

LAST UPDATE: May 10, 2026

Our Commitment

Nellyx is committed to protecting the privacy and personal data of its customers and users. We aim to follow modern privacy and data protection standards, including principles inspired by GDPR where applicable, together with local legal requirements relevant to our operations.

01. CONTROLLER & CONTACT

As the "data controller", Nellyx determines what data we collect, for what purposes, and how we manage it.

CONTROLLER: Nellyx

LEGAL EMAIL: legal@nellyx.xyz

WEBSITE: nellyx.xyz

02. Territorial Scope

This policy applies to all users who use Nellyx services, including registration, billing, support, technical logs (IP), backups, and infrastructure operations related to account security, abuse prevention, storage lifecycle management, and service reliability. It applies particularly to customers located in the European Union or if the service is directed at EU citizens.

03. Applied Principles

  • • Lawfulness, fairness and transparency
  • • Purpose limitation
  • • Data minimization
  • • Accuracy
  • • Storage limitation
  • • Integrity and confidentiality
  • • Accountability

04. DATA WE COLLECT & PURPOSE

Registration Data

Email, Username, Password (hashed)

Purpose: Account creation, authentication, service access, support communications.

Billing Data

Payment method, Transaction ID, Amount, Billing address

Purpose: Process payments, issue invoices, fulfill tax obligations, prevent fraud.

Technical Data

IP address, access logs, resource usage, service metrics

Purpose: Security, infrastructure stability, abuse detection, technical support.

Communication Data

Email messages, Support tickets, Discord ID

Purpose: Customer support, incident resolution, service updates.

05. LEGAL BASIS

  • Contract performance (providing services)
  • Legal obligations (tax, invoicing)
  • Legitimate interest (security, fraud prevention)
  • User consent (marketing, optional features)

06. DATA RETENTION

Data is retained as long as your account is active or as needed to provide services, comply with legal obligations, protect the platform, and enforce operational retention policies. After account closure, suspension, or service inactivity:

  • • Billing data: 7 years (tax law)
  • • Technical logs: 90 days
  • • Backups: retention may vary by service type and plan, up to 30 days maximum unless a shorter operational window applies
  • • Suspended or canceled service data: generally retained for up to 7 days, after which it may be archived, compressed, migrated to cold storage, or permanently deleted
  • • Account data: deleted after the applicable retention window unless longer retention is required for legal, billing, security, or abuse-prevention purposes

Expired backups may be removed automatically without additional notice. Nellyx may also reclaim storage resources from inactive services in accordance with operational retention policies.

07. DATA SHARING & PROCESSORS

Nellyx does not sell your data. We share information only with trusted service providers acting as "data processors" under strict contracts:

Payment Processors

Secure checkout providers - for payment processing

Infrastructure Providers

Data center partners for hosting services

Communication

Email service providers for notifications

International Transfers

As Nellyx operates from Paraguay, some data may be processed outside a user's home jurisdiction. Where appropriate, we aim to use reasonable contractual and operational safeguards with our providers.

08. YOUR PRIVACY RIGHTS

Access

Request a copy of your data

Rectification

Correct inaccurate data

Erasure

Right to be forgotten

Restriction

Limit processing of your data

Portability

Receive data in structured format

Object

Object to processing

To exercise your rights, contact legal@nellyx.xyz with proof of identity. We aim to respond within a reasonable timeframe.

09. COOKIES & TRACKING

Nellyx uses cookies and similar technologies to support account access, session security, and basic platform functionality.

Essential Cookies

Required for basic functionality:

  • • Session management
  • • Authentication tokens
  • • Security features

Optional Cookies

May be used to improve the service over time:

  • • Preference storage
  • • Basic usage insights
  • • Performance troubleshooting

Managing Cookies

You can disable non-essential cookies through your browser settings. Note that disabling essential cookies may affect service functionality.

10. DATA SECURITY

Technical Measures

We use reasonable technical measures such as encrypted transport where available, secure password handling, access controls, service isolation, and infrastructure protections appropriate to the services we operate.

Organizational Measures

Access to personal data is limited to people and providers who need it to operate, support, secure, or improve the service.

Incident Communication

If a security incident materially affects personal data or account access, we will make reasonable efforts to notify affected users as soon as practical.

11. MINORS & AGE RESTRICTIONS

Our services are intended for users aged 18 and above. Users aged 13-17 may use our services only with verified parental consent.

If we become aware that we have collected personal data from a child under 13 without parental consent, we will take steps to delete that information. Parents or guardians who believe we may have data about a minor should contact legal@nellyx.xyz.

12. AUTOMATED DECISION-MAKING

Nellyx may use limited automated checks in the following cases:

  • • Fraud detection systems for payment verification
  • • Automated abuse detection for ToS violations
  • • Resource usage monitoring for plan compliance

You may contact support if you believe an automated restriction or security action affected your account incorrectly.

13. Changes to this Policy

We may update this Privacy Policy to reflect changes in our practices, services, or legal obligations. Material changes may be communicated through the website, account surfaces, or email when appropriate.

14. Right to File a Complaint

If you believe your privacy rights have been violated, you may contact us first at legal@nellyx.xyz. You may also contact the relevant authority in your jurisdiction if applicable.

15. Contact

For privacy-related inquiries or data requests:

legal@nellyx.xyz

We aim to respond within a reasonable timeframe based on the nature of the request.