nios

Privacy Policy

Last updated: 14.01.2026

nios earth Oy ("Nios", "we", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect Personal Data, meaning any information relating to an identified or identifiable natural person, in connection with the Nios Software Service and related offerings.

This Privacy Policy applies solely to Personal Data under the GDPR.

Processing of Customer Data (non-personal business data such as supplier, product, and material information) is governed separately by our General Terms & Conditions and the Data Processing Addendum (DPA).

1. Data Controller

nios earth Oy Business ID: 3472171-1 Sturenkatu 26 L 36, 00510 Helsinki, Finland Email: hello@nios.earth

2. Personal Data We Collect

Depending on your interactions with us, we may collect the following categories of Personal Data:

  • Contact information: name, email address, phone number
  • Professional information: job title, company name
  • Account information: login credentials, account role, subscription details
  • Billing information: invoicing details and payment method where the information identifies a natural person (e.g., named billing contact, private credit card)
  • Technical data: IP address, browser/device type, login events, platform usage analytics tied to a user account
  • Communications and preferences: support messages, feedback, and marketing preferences

3. How We Collect Personal Data

We collect Personal Data through:

  • Direct interactions: when you register, log in, subscribe, or communicate with us.
  • Your organization: when an employer or customer organization creates or administers your account.
  • Automatic collection: cookies, authentication systems, and analytics tools.
  • Public sources: publicly available professional information relevant to conducting our business (e.g., identifying appropriate business contacts).

4. Purpose of Processing

We process Personal Data only to:

  • Provide and operate the Nios Software Service.
  • Manage subscriptions, payments, and customer accounts.
  • Respond to inquiries and provide support.
  • Communicate about product updates and relevant service information.
  • Send marketing communications based on consent or legitimate interest.
  • Improve and develop our platform and user experience.
  • Comply with legal obligations.

We do not use Personal Data to train AI models. We do not sell or rent Personal Data.

We rely on the following GDPR legal bases:

  • Contractual necessity: to provide access to and operate the service.
  • Legitimate interests: for service improvement, security, and B2B communications.
  • Consent: for optional marketing communications.
  • Legal obligation: for statutory accounting and compliance needs.

6. Sharing of Personal Data

We share Personal Data only with trusted service providers who process data on our behalf and strictly for service delivery:

  • Application Hosting & Technical Monitoring: Vercel (EU)
  • Database: Neon Console (EU)
  • Analytics: PostHog (EU)
  • Authentication: Clerk (EU)
  • Customer Management: Google Workspace (EU) for CRM, communications, and documentation

These subprocessors are bound by contractual GDPR obligations.

Our list of subprocessors may be updated from time to time and is maintained in our Product Terms. For clarity, some providers listed in DPA (e.g., Anthropic, OpenAI) do not process Personal Data, but Customer Data.

7. Data Retention

We retain Personal Data only for as long as necessary to fulfil the purposes described in this Privacy Policy or as required by law.

Where Personal Data is associated with a Nios user account:

  • Account deletion: Personal Data is erased without undue delay, subject to standard backups and statutory retention obligations.
  • Paid-to-free downgrades: Personal Data remains active as part of the continuing Free Tier account.
  • Inactive Free Tier accounts: Personal Data in accounts with no activity for 24 months may be deleted.

Certain Personal Data (such as invoicing or accounting records) may be retained for longer as required by Finnish law.

Retention of Customer Data (non-personal business data) is governed by the General Terms & Conditions and the Data Processing Addendum, and follows the plan-specific rules set out in the Product Terms.

8. Data Security

We implement appropriate technical and organizational measures, including:

  • Encryption in transit and at rest
  • Role-based access controls for Nios personnel
  • Activity and access logging
  • Logical isolation of customer environments
  • Automated monitoring and security scanning

9. Your GDPR Rights

You have the right to:

  • Access your Personal Data
  • Request correction of inaccurate or incomplete data
  • Request deletion ("right to be forgotten")
  • Restrict or object to processing
  • Withdraw consent at any time (where applicable)
  • Receive your Personal Data in a portable format
  • Lodge a complaint with the Finnish Data Protection Ombudsman

To exercise these rights, contact hello@nios.earth.

10. Cookies and Analytics

The Website (https://www.nios.earth/) uses privacy-preserving, cookieless analytics (PostHog, EU-hosted). No cookies are stored on your device when browsing our marketing pages.

The Platform (https://app.nios.earth/) uses:

  • Essential cookies for authentication and session management (always active).
  • Analytics cookies (PostHog, EU-hosted) to improve the service and enable session replay for debugging.

When you first visit the app, a cookie banner will ask for your consent to analytics cookies. You can:

  • Accept analytics to help us improve the product
  • Decline to use the app with only essential cookies

You can change your preference at any time via the Analytics toggle in Account Settings. Disabling essential cookies through browser settings may prevent access to the service.

11. Updates

We may update this Privacy Policy from time to time. Updated versions will be posted on our website with the effective date at the top.