Privacy and Policy

At nfphub, we respect your privacy and are committed to protecting your personal data, along with your organizations data. This policy outlines how we collect, use, and protect your information when you use our services.

At nfphub, your privacy is our priority. This Privacy Policy explains how we collect, use, and protect your personal information when you use our services.


Effective Date: January 1st, 2025

  1. Who We Are nfphub (“nfphub”, “we”, “our”, “us”) is a software‑as‑a‑service platform operated by [Legal Entity Name], registered at [Registered Address]. We provide a multi‑tenant board‑management solution that helps organisations plan meetings, collaborate on documents, and record decisions.

  2. Our Role Under Data‑Protection Law • For account information (e.g., user profiles, billing data) we act as the data controller.
    • For content that your organisation uploads (e.g., board packs, minutes, comments, votes) we act as a data processor on behalf of the organisation that created the workspace. Each organisation is the data controller for that content.

  3. Information We Collect 3.1 Information you provide – Account and profile details: name, email address, phone number, photo, language, time‑zone, organisation and role.
    – Content: agendas, documents, minutes, votes, messages, comments, attachments and any other files you upload through the Service.
    – Support and correspondence: information you send us when you contact support or complete surveys.

    3.2 Information we collect automatically – Usage and log data: IP address, device and browser information, timestamps, pages visited, actions taken, referral URLs, and diagnostic logs.
    – Cookies and similar technologies: see Section 10.
    – Approximate location (derived from IP address).

    3.3 Information from third parties – Single‑sign‑on or identity providers (e.g., Firebase) supply authentication tokens and basic profile data.
    – Integrations such as Microsoft Teams provide meeting links, event metadata and participant lists when you connect those services.
    – Our AI assistant sends meeting transcripts or agenda text to our artificial‑intelligence processor (e.g., OpenAI API) to generate summaries or suggested agenda items. We instruct that processor not to retain those inputs.

    1. How We Use Information We use personal information to: • provide, operate and maintain the Service;
      • authenticate and authorise users;
      • generate agendas, minutes and summaries through the AI assistant;
      • facilitate video and audio conferencing through third‑party integrations;
      • personalise and improve the Service, develop new features and conduct analytics;
      • send transactional messages and respond to enquiries;
      • monitor, detect and prevent security incidents, fraud and abuse;
      • comply with legal obligations.

    Legal bases under the EU GDPR: performance of a contract (Art. 6 (1)(b)); legitimate interests (Art. 6 (1)(f)) in operating and improving our Service; your consent (Art. 6 (1)(a)) where required (e.g., marketing cookies); and compliance with legal obligations (Art. 6 (1)(c)).

    1. How We Share Information We do not sell or rent your personal information. We share it only: • With trusted service providers and subprocessors who perform services for us (e.g., cloud hosting, database and file storage, email delivery, analytics, AI processing, payment processing) under written contracts that require confidentiality and appropriate security.
      • With integrations you enable (e.g., Microsoft Teams) to the extent necessary to provide the requested functionality.
      • To comply with laws, legal process or enforceable governmental requests; to enforce our agreements; or to protect the rights, property or safety of nfphub, our users or the public.
      • In connection with a corporate transaction such as a merger, acquisition or sale of assets, in which case we will notify you before personal information is transferred and becomes subject to a different privacy policy.

    2. International Data Transfers We primarily store data in [Primary Hosting Region]. If we transfer personal data outside the European Economic Area, the United Kingdom or Switzerland, we rely on an adequacy decision, the EU Standard Contractual Clauses, the UK International Data Transfer Agreement or another lawful transfer mechanism.

    3. Data Security We protect information using technical and organisational measures consistent with industry standards, including: encryption in transit (TLS 1.2+) and at rest (AES‑256), least‑privilege role‑based access, audit logging, regular penetration testing, employee security training and incident‑response procedures.

    4. Data Retention We retain personal information for as long as your account is active or as needed to provide the Service. Content deleted by you is removed from active systems within 30 days and from encrypted backups within 90 days, unless we must keep it longer to comply with legal obligations, resolve disputes or enforce agreements.

    5. Your Rights Depending on your location you may have rights to: • Access, correct or delete personal information;
      • Object to or restrict our processing;
      • Port your data to another service;
      • Withdraw consent at any time where processing is based on consent;
      • Lodge a complaint with a supervisory authority.

    California residents also have rights under the CCPA/CPRA to know, delete, correct and opt‑out of the sharing of personal information. We do not use sensitive personal information for purposes other than those permitted by law.

    You (or your organisation administrator) can exercise most rights from within the Service. Otherwise, email us at [privacy@nfphub.io].

    1. Cookies & Analytics We use: • Essential cookies – required to log you in and keep the Service secure;
      • Functional cookies – remember preferences such as language;
      • Analytics cookies – collect aggregated statistics to help us understand how the Service is used.
      You can disable non‑essential cookies in our cookie banner or your browser settings; this may affect functionality.

    2. Third‑Party Links The Service may contain links to external sites. We are not responsible for the privacy practices or content of those sites.

    3. Children’s Privacy nfphub is not directed to children under 16, and we do not knowingly collect personal information from children. If we learn that we have collected such information, we will delete it.

    4. Changes to This Policy We may update this Privacy Policy from time to time. If the changes are material we will notify account holders by email or in‑app notification at least 30 days before the new policy takes effect. The latest version will always be posted in the app.

    5. Contact Us If you have questions, requests or complaints regarding this Privacy Policy or our privacy practices, please contact our Data Protection Officer:

    Email: [dpo@nfphub.io]
    Mail: Data Protection Officer, [Legal Entity Name], [Registered Address]

    You also have the right to lodge a complaint with your local supervisory authority.

© NFPHub 2025 All Rights Reserved.

© NFPHub 2025 All Rights Reserved.

© NFPHub 2025 All Rights Reserved.