Privacy Policy

Who we are

Nimira is operated by Dimitri Khvedelidze (sole proprietor, Georgia). Contact: founder@nimira.io

What we collect

Nimira is designed to collect as little personal data as possible:

• Session data — your conversation with the AI curator and the resulting analytical report. This is stored under a randomly generated session ID with no name or email attached.
• Payment data — if you purchase a report, payment is processed by Paddle.com. We receive only a transaction confirmation. We never see or store your card details.
• Technical data — standard server logs (IP address, browser type) retained for up to 30 days for security purposes.

How we use your data

• To provide the relational analysis service
• To generate and deliver your report
• To process payments via Paddle
• To maintain and improve the service

Encryption

All session data is encrypted at rest using AES-256 (Fernet). Your session is identified only by a random ID stored in your browser. We cannot identify you from your session data alone.

Data retention

Session data is automatically deleted after 90 days. You can request immediate deletion by emailing founder@nimira.io with your session ID.

Third parties

• Paddle.com — payment processing (Merchant of Record). Paddle Privacy Policy
• Google (Gemini API) — AI model used to power the curator conversation. Conversation data is sent to Google for inference. Google does not use this data to train models under our API agreement.
• DigitalOcean — server hosting (Frankfurt region, EU).

Your rights

Under GDPR and applicable Georgian law, you have the right to access, correct, or delete your data. Since we do not collect names or emails, requests should include your session ID. Contact: founder@nimira.io

Cookies

We use only a single localStorage entry to remember your session ID. No tracking cookies, no advertising pixels.

Changes

We may update this policy. Material changes will be noted on this page with an updated date.