Privacy Policy

Last updated: March 24, 2026

1. Data controller

The data controller for your personal data is DIPLEO TECHNOLOGIES, S.L., company number B23923832, registered address Carrer Sagues, 27, 08021 Barcelona, Spain. Privacy contact: privacy@nimblymath.com.

2. Data we collect

• Account: email address and encrypted password.
• Performance: session results, response times, and training scores generated within the app.
• Billing: on the Pro plan, Stripe processes payment data; we only store subscription status.
• Technical: IP address, device type, and browser, collected automatically to ensure the service works correctly.
• Communications: messages you send us via email or contact form.

3. Purpose and legal basis

• Service delivery (Art. 6.1.b GDPR — contract performance): managing your account and providing personalised training.
• Product improvement (Art. 6.1.f GDPR — legitimate interests): analysing anonymised, aggregated usage patterns to improve the adaptive algorithm.
• Marketing communications (Art. 6.1.a GDPR — consent): newsletter, only if you explicitly opt in. You can unsubscribe at any time.
• Legal obligations (Art. 6.1.c GDPR): retention of invoices and tax records as required by Spanish law.

4. Retention

We keep your data for as long as your account is active. After cancellation, we delete your personal data within 30 days, except data we are legally required to retain (invoices: 5 years).

5. Recipients

We work with the following service providers acting as data processors under appropriate GDPR safeguards (Standard Contractual Clauses or equivalent):

• Infrastructure: Vercel and Supabase (hosting and database).
• Payments: Stripe Inc. (PCI-DSS certified processor).
• Transactional email: Resend.

We do not sell or share your data with third parties for advertising or commercial purposes.

6. Your rights

As a data subject, you have the right to access, rectification, erasure, restriction of processing, data portability, and objection. To exercise these rights, write to privacy@nimblymath.com.

If you believe processing does not comply with applicable law, you have the right to lodge a complaint with the Spanish data protection authority: Agencia Española de Protección de Datos (AEPD).

7. Cookies

We use first- and third-party cookies. See our Cookie Policy for details on which cookies we use and how to manage them.

8. Changes to this policy

We may update this policy at any time. Material changes will be communicated by email or via a prominent notice in the app. The current version is always available on this page.