Last updated: 2 July 2026
This Privacy Policy explains how we collect, use, store and protect personal data when you visit
nivella.app, create an account, place an order, use Nivella products, contact support,
use Nivella Assistant AI, purchase AI Credits, access digital products or interact with our WordPress,
WooCommerce and SaaS services.
We respect your privacy and aim to process personal data in a clear, lawful, transparent and secure way.
1. Data Controller
The controller of your personal data is:
AKK Marketing Services Sp. z o.o.
NIP: 5273153716
Address: Jana Pawła II Ave 43A / 35B, 01-001 Warsaw, Poland
Email: hello@nivella.app
Website: https://nivella.app
If the legal seller or business operator changes, the updated controller details will be published on this page
or in the applicable Terms and Conditions.
2. Scope of this Policy
This Privacy Policy applies to:
- visitors of nivella.app;
- users who create an account;
- customers who place orders in the Nivella Store;
- users of Nivella Assistant AI;
- users of Nivella PQM products and modules;
- users of Nivella Admin Toolkit;
- customers purchasing AI Credits or digital products;
- users contacting support or submitting forms;
- agencies, business customers and client website owners using Nivella services.
3. Personal data we collect
Depending on how you use our website, products or services, we may collect the following types of personal data.
3.1 Account and registration data
- name and surname;
- company name;
- email address;
- username;
- password in encrypted form;
- account status and account settings;
- billing details;
- tax identification number, if provided;
- country, address and contact information.
3.2 Order and payment data
- products or services ordered;
- order number;
- order status;
- billing address;
- payment method;
- payment status;
- transaction reference;
- invoice-related information;
- refund, cancellation or complaint information.
We do not intentionally store full payment card numbers on our website. Card payments and other payment methods
may be processed by external payment providers or WooCommerce payment integrations.
3.3 Product, license and access data
- license keys;
- license activation status;
- website URL connected with a product;
- site ID, API key or integration identifier;
- product plan, module or bundle access;
- download history;
- subscription or renewal status;
- credit package purchases and credit balance information;
- AI Credit usage events and wallet-related information.
3.4 Support and communication data
- messages sent through contact forms or support forms;
- email correspondence;
- support tickets or support request details;
- screenshots, files or attachments sent to support;
- technical details related to support cases;
- conversation history when support is provided through Nivella tools.
3.5 AI chat and Service Center data
If you use Nivella Assistant AI, Service Center, AI Copilot or related AI-powered features, we may process:
- chat messages;
- conversation history;
- customer questions and assistant responses;
- operator notes and support context;
- Knowledge Base content provided by the website owner or administrator;
- uploaded files, if file uploads are enabled;
- customer contact details provided during a conversation;
- WooCommerce-related context, where enabled and permitted;
- AI usage information needed to calculate credits, usage capacity or service limits.
Please do not submit sensitive personal data through AI chat or support messages unless it is necessary for the
specific support case.
3.6 Technical and usage data
- IP address;
- browser type and version;
- device type;
- operating system;
- referrer URL;
- pages visited;
- date and time of access;
- security logs;
- error logs;
- cookies and similar technologies;
- website performance and analytics data.
3.7 Marketing and newsletter data
If you subscribe to our newsletter or marketing communication, we may process:
- email address;
- name, if provided;
- subscription status;
- email preferences;
- newsletter interaction data, such as opens or clicks where supported by the email tool.
4. How we collect personal data
We may collect personal data directly from you when you:
- create an account;
- place an order;
- buy AI Credits;
- activate a license;
- connect a website or product;
- submit a support form;
- send us an email;
- use AI chat or Service Center features;
- subscribe to a newsletter;
- upload files or provide technical details;
- browse our website.
We may also collect data automatically through WordPress, WooCommerce, server logs, security logs, cookies,
analytics tools and product integrations.
5. Purposes and legal bases of processing
We process personal data only when we have a lawful reason to do so. Depending on the situation, we may process
personal data for the following purposes and legal bases.
5.1 Account creation and account management
We process account data to create and manage your Nivella account, allow login, provide access to your dashboard,
orders, downloads, licenses, AI Credits and product information.
Legal basis: performance of a contract or steps taken before entering into a contract.
5.2 Order processing and product delivery
We process order and billing data to process purchases, payments, invoices, digital delivery, downloads,
license activation, AI Credit assignment, subscriptions and product access.
Legal basis: performance of a contract and legal obligations related to accounting and taxation.
5.3 Digital products, SaaS access and licenses
We process license, website, API key, site ID and product access data to activate, verify, protect and manage
digital products, SaaS access, AI features, PQM modules, downloads and customer entitlements.
Legal basis: performance of a contract and legitimate interest in protecting digital products,
preventing abuse and managing product access.
5.4 AI Credits and Credit Wallet
We process credit purchase, assignment, balance and usage data to provide AI Credits, track usage capacity,
manage top-ups and operate the Credit Wallet.
Legal basis: performance of a contract and legitimate interest in maintaining accurate usage,
billing and service records.
5.5 Customer support
We process support messages, technical details, files and correspondence to respond to questions, investigate issues,
provide assistance, handle complaints and improve product reliability.
Legal basis: performance of a contract, legitimate interest in providing support and, where applicable,
legal obligations related to complaints or consumer rights.
5.6 AI chat, Service Center and AI Copilot
We process chat messages, conversation history, Knowledge Base content, customer context and AI usage information
to provide AI-powered support, generate assistant responses, support operator workflows and improve the usability
of Nivella products.
Legal basis: performance of a contract, legitimate interest in providing and improving customer support
tools, and consent where required by applicable law or configuration.
5.7 Security and fraud prevention
We process technical logs, IP addresses, security events and account activity to protect the website, products,
customers, payment process, licenses and systems from fraud, abuse, attacks or unauthorized access.
Legal basis: legitimate interest and legal obligations related to security and compliance.
5.8 Analytics and website improvement
We may process technical and usage data to understand how the website is used, improve navigation, diagnose errors,
measure performance and develop better content, products and services.
Legal basis: legitimate interest or consent where required for cookies or tracking technologies.
5.9 Marketing communication
If you subscribe to our newsletter or agree to receive marketing communication, we process your email and subscription
data to send product updates, educational content, roadmap news and business information.
Legal basis: consent or legitimate interest, depending on the type of communication and applicable law.
You can unsubscribe at any time.
5.10 Legal claims and compliance
We may process personal data to comply with legal obligations, tax obligations, accounting requirements, consumer
protection rules, dispute handling, refund requests, chargebacks, audits or legal claims.
Legal basis: legal obligation and legitimate interest in establishing, exercising or defending legal claims.
6. AI processing and external AI providers
Nivella products may use artificial intelligence features to generate responses, summarize conversations,
support operators, process Knowledge Base content or assist with customer support workflows.
To provide AI features, selected data such as user messages, conversation context, Knowledge Base content or support
instructions may be sent to AI infrastructure or AI model providers acting as service providers or processors,
depending on the configuration.
We do not recommend sending sensitive personal data, confidential business secrets, payment card data,
medical information, government identification numbers or other highly sensitive information through AI chat
unless it is necessary and appropriate for the specific case.
AI-generated responses may be imperfect. Nivella Assistant AI is designed to support communication and operators,
not to replace human judgment in important legal, financial, medical, safety-related or high-risk decisions.
7. Automated decision-making
We do not intend to use personal data for solely automated decisions that produce legal effects or similarly significant
effects on users without human involvement.
AI features may support communication, recommendations, summaries, replies or support workflows, but important account,
billing, refund, complaint or legal decisions should be reviewed by a human where required.
8. Cookies and similar technologies
Our website may use cookies and similar technologies for:
- essential website functionality;
- WooCommerce cart and checkout operation;
- user login and account sessions;
- security and fraud prevention;
- analytics and performance measurement;
- marketing or newsletter tools, where enabled;
- personalization and user experience improvements.
Some cookies are necessary for the website and store to work correctly. Other cookies may require your consent,
depending on applicable law and the type of cookie.
You can usually manage cookies through your browser settings or through a cookie consent tool if available on the website.
9. WooCommerce, payments and store operation
The Nivella Store is based on WordPress and WooCommerce. When you place an order, WooCommerce may process order,
billing, account, payment status and product access information.
Payment providers may process payment data independently or as service providers. We may receive payment confirmation,
transaction status and limited payment details, but we do not intentionally store full card numbers on our website.
For manual bank transfers, we process payment references and order status information needed to confirm payment
and activate digital access.
10. Who we share personal data with
We may share personal data with trusted recipients only when necessary for the purposes described in this Policy.
Such recipients may include:
- hosting providers and server infrastructure providers;
- payment gateways and payment processors;
- email delivery providers;
- newsletter and marketing tools, if you subscribe;
- AI infrastructure and AI model providers;
- support, ticketing, form or communication tools;
- analytics and security providers;
- accounting, tax, legal and compliance advisors;
- contractors or technical service providers supporting our products;
- public authorities, courts or regulators when required by law.
We do not sell personal data to third parties.
11. International data transfers
Some service providers may process personal data outside your country or outside the European Economic Area.
Where required, we use appropriate safeguards such as data processing agreements, Standard Contractual Clauses,
adequacy decisions or other legally recognized transfer mechanisms.
By using Nivella products and services, you understand that digital services may involve international infrastructure,
cloud tools, AI providers, payment providers or support tools.
12. Data retention
We keep personal data only for as long as necessary for the purposes described in this Policy, unless a longer retention
period is required or permitted by law.
Typical retention periods may include:
- Account data: for as long as the account is active and then for a reasonable period required for security, legal or support purposes;
- Completed and refunded orders: up to 72 months, or longer if required by tax, accounting or legal rules;
- Pending and failed orders: usually up to 30 days unless needed for support, fraud prevention or dispute handling;
- Cancelled orders: usually up to 90 days unless needed for legal, accounting or support purposes;
- Invoices and accounting records: for the period required by applicable tax and accounting law;
- Support messages: for as long as needed to handle the request and for a reasonable period afterwards for quality, legal or dispute purposes;
- License, product access and credit records: for as long as needed to provide access, verify rights, handle renewals, support customers and protect against misuse;
- AI chat history: according to the product configuration, customer account settings, support needs and applicable legal requirements;
- Security logs: for a limited period needed for security, fraud prevention and investigation.
Where possible, we delete, anonymize or restrict data that is no longer needed.
13. Your rights
Depending on your location and applicable law, you may have the right to:
- access your personal data;
- receive a copy of your personal data;
- correct inaccurate or incomplete data;
- request deletion of your data;
- request restriction of processing;
- object to processing based on legitimate interests;
- object to direct marketing;
- request data portability;
- withdraw consent where processing is based on consent;
- submit a complaint to a supervisory authority.
To exercise your rights, contact us at hello@nivella.app.
We may need to verify your identity before responding to a privacy request. Some rights may be limited where we need
to keep data for legal obligations, accounting, security, fraud prevention, dispute resolution or legitimate business reasons.
14. Right to complain
If you are located in the European Union or European Economic Area, you have the right to lodge a complaint with a data
protection supervisory authority.
In Poland, the supervisory authority is:
President of the Personal Data Protection Office
Urząd Ochrony Danych Osobowych
Website: https://uodo.gov.pl
15. Marketing communication
If you subscribe to our newsletter, we may send product updates, roadmap information, educational content, promotional
messages or information about Nivella products and services.
You can unsubscribe at any time by using the unsubscribe link in the message or by contacting us.
Service-related emails, such as order confirmations, payment updates, license notices, account information,
security notices or support replies, are not marketing communication and may still be sent when necessary.
16. Data security
We use reasonable technical and organizational measures to protect personal data against unauthorized access,
loss, misuse, alteration or disclosure.
Security measures may include access controls, encrypted connections, account authentication, server-level protections,
security monitoring, backups, software updates and limited access to personal data by authorized persons.
No online system is completely risk-free. You are responsible for keeping your account credentials secure and for using
strong passwords.
17. Data breach notification
If a personal data breach occurs and applicable law requires notification, we will notify the relevant supervisory authority
and affected individuals where required.
18. Children’s privacy
Nivella products and services are intended for businesses, website owners, agencies and professional users.
They are not directed to children.
We do not knowingly collect personal data from children. If you believe that a child has provided us with personal data,
please contact us so we can review and delete the information where appropriate.
19. Third-party websites and services
Our website may contain links to third-party websites, documentation, payment services, social media profiles or external tools.
We are not responsible for the privacy practices of third-party websites or services.
Please review the privacy policies of any third-party services you use.
20. Business customers, agencies and client websites
If you use Nivella products as an agency, business customer or website administrator, you may process personal data
of your own clients, website visitors, customers or employees through Nivella tools.
In such cases, you are responsible for ensuring that you have the correct legal basis, privacy notices, consents,
contracts and internal procedures required for your own use of Nivella products.
Where required, a separate data processing agreement may be needed for SaaS, AI, support, hosting or processing workflows.
21. Special categories of personal data
Nivella products are not designed to intentionally collect special categories of personal data such as health data,
religious beliefs, political opinions, biometric data, criminal records or other highly sensitive information.
Please do not submit such data through contact forms, AI chat, support messages or product workflows unless it is strictly
necessary and you have a lawful basis to do so.
22. Mandatory rights in your country
Nothing in this Privacy Policy limits any mandatory privacy or consumer rights that cannot be excluded under the laws
of your country or region.
If local privacy laws provide additional rights, we will respect them where they apply.
23. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our products, services, legal requirements,
technology, payment providers, AI features or business operations.
The latest version will always be published on this page. If changes are significant, we may provide additional notice
where required by law.
24. Contact
If you have questions about this Privacy Policy or how we process personal data, please contact us:
Email: hello@nivella.app
Support page: https://nivella.app/support/
Website: https://nivella.app
