← Back to NanoMatchLast updated: June 2026

Privacy Policy

1. Data controller

NanoMatch is the controller of personal data you share with us. We host data in the European Union for GDPR residency.

2. What we collect

  • Account data: name, email, role, locale, avatar.
  • Creator data: social handles, niches, audience snapshots, ratings, payout details (via Stripe Connect).
  • Brand data: company, campaigns, contracts, payment intent metadata.
  • Operational data: messages, deliverables, approvals, application logs.
  • Limited diagnostics: 404 incidents and route health (no PII beyond the user id of signed-in users).

3. Why we use it

  • Run the marketplace: match, contract, deliver, pay.
  • Compute the transparent creator Health score.
  • Detect abuse, fraud and review risk.
  • Comply with legal obligations (tax, payouts, KYC by Stripe).

4. Subprocessors

  • Supabase (EU) — database, auth, storage.
  • Stripe — payments, Connect payouts, KYC.
  • Lovable — hosting and platform.

5. Your rights (GDPR)

You can access, correct, export or delete your data, and object to certain processing. Contact privacy@nanomatch.veris.ovh.

6. Retention

We keep account and contract data while your account is active and as required by tax and accounting law. Audit logs are kept up to 24 months.

7. Security

Row level security is enabled on every database table; users only see their own data unless they are admins. Storage buckets are private and accessed via signed URLs.

This page is maintained by the NanoMatch team to answer common questions. It is not legal advice. For specific questions, contact legal@nanomatch.veris.ovh.