← Back to Home

Privacy Policy

Naxely is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your data when you use our AI-powered PDF report generation service.

Data Controller

Naxely is operated by [Deepanshu Garg], based in India. For any privacy questions or requests, contact hello@naxely.com.

Information We Collect

Account information: When you sign up, we collect your name, email address, and billing information (processed securely through Dodo Payments).

Report data: CSV files, Google Sheets data, and generated PDF reports you upload or create through the service.

AI API keys: If you bring your own API key (BYOK), it is encrypted before storage.

Usage data: We use Google Analytics (GA4) to understand how the site is used — pages visited, general location (country-level), and device type. See the Cookies section below.

How We Use Your Data

We use your data solely to provide and improve the service: generate PDF reports, process AI insights, manage your account, communicate with you about service-related updates, and understand product usage through analytics.

Your uploaded data (CSV, Sheets, report content) is used only to generate the reports you request. We do not sell your data or your reports to third parties.

When you use a BYOK AI provider (Groq, OpenAI, Gemini, Claude, DeepSeek, Mistral, or Together AI), your report data is sent to that provider to generate insights. Each provider has its own data usage and retention policy, which may differ from ours — we encourage you to review the policy of whichever provider you choose to connect, since Naxely cannot control or guarantee how a third-party AI provider uses data once it's sent to them.

Data Storage & Security

Your reports and uploaded data are stored securely on Supabase (PostgreSQL) and Supabase Storage. We use encryption in transit (TLS) and encrypt stored API keys at rest.

We retain your data for as long as your account is active. You may request deletion at any time by contacting us.

Naxely's infrastructure providers (Supabase, Render, Vercel) may process or store data outside your home country. By using Naxely, you consent to this transfer, which is protected by the security measures described above.

Third-Party Services

Naxely integrates with the following third-party services:

  • Supabase — authentication, database, and file storage
  • Dodo Payments — payment processing (we do not store credit card details)
  • Groq, OpenAI, Gemini, Claude, DeepSeek, Mistral, Together AI — AI analysis, only when you provide your own API key
  • Google Sheets — data import (read-only, with your explicit authorization)
  • Resend — transactional email delivery
  • Google Analytics (GA4) — site usage analytics

Your Rights

You may access, update, or delete your account data at any time through your account settings. To request full data deletion, email us at hello@naxely.com.

You may export your reports and data at any time. We will respond to data requests within 30 days.

If you are located in the EU/EEA or UK, you have rights under GDPR including access, correction, deletion, and data portability. Contact hello@naxely.com to exercise these rights.

Grievance Officer

In accordance with the Digital Personal Data Protection Act, 2023 (India) and other applicable data protection laws, the Grievance Officer for Naxely is Deepanshu Garg, reachable at hello@naxely.com. If you have a complaint or concern about how your personal data is handled, please contact the Grievance Officer directly. We aim to acknowledge and resolve grievances within 90 days.

Cookies

We use essential cookies for authentication and session management. We also use Google Analytics (GA4), which sets analytics cookies to help us understand site usage. You can opt out of Google Analytics tracking using your browser settings or a browser extension such as Google's official opt-out add-on.

Data Breach Notification

In the event of a data breach affecting your personal data, we will notify affected users without undue delay, and in accordance with applicable law (for EU/EEA and UK users, within 72 hours of becoming aware of the breach where required).

We Do Not Sell Your Data

Naxely does not sell, rent, or trade your personal information to third parties for their own marketing purposes.

Children's Privacy

Naxely is not directed at children under 16, and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact hello@naxely.com and we will delete it.

Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or through the service.

Last updated: July 2026