Get Access

Privacy Policy

Last updated: February 11, 2026 • Nanornia AB (Nanornia AB, Sävar, Sweden)

This Privacy Policy explains how Nid, operated by Nanornia AB ("we", "us", or "our"), collects, uses, and protects personal data when you use the Nid mobile app, desktop app, or website. By using Nid you accept the practices described below.

1. Who we are

Nanornia AB ("Nanornia", "we", "us"), registered in Sweden, Sävar, operates Nid. Nanornia AB is the data controller for personal data processed through Nid. Our hosting infrastructure and backend are provided by Appwrite, which acts as a data processor on our behalf.

2. Information we collect

We collect the information necessary to provide and improve Nid. This includes:

  • Account & identity: name, email, authentication IDs (Apple, Google, Facebook), optional profile photo.
  • Shared setup data: information related to optional shared-folder collaboration, such as identifiers needed to connect devices or shared records where applicable.
  • Content data: inventory items, lists, categories, receipts, uploaded files and images, and team messages. Team messages are stored on our servers and are not end-to-end encrypted.
  • Purchases & payments: we may record purchase status, transaction references, and invoices where applicable. Payment details are handled by app stores or authorized marketplace providers; we do not store card numbers.
  • Device & usage: device type, OS version, hardware permissions (e.g., camera for scanning/OCR and saving photos), basic app usage metrics, and diagnostic/error logs for security and quality improvements.

We do not collect geolocation information. We do not currently process or store prompts or outputs from AI features.

3. How we use your data

We use personal data to:

  • Provide and operate Nid (storing inventories, receipts, files, and related records, and supporting optional shared-folder collaboration).
  • Process purchases through app stores or authorized marketplace providers and provide invoices where applicable.
  • Authenticate users, maintain security, and detect fraud or abuse.
  • Improve and develop features (aggregated analytics; analytics integrations are planned but not finalized).
  • Send transactional and service emails (purchase receipts, account notices, and support-related messages).

4. Legal bases for processing

Under applicable data protection laws (including the GDPR), we rely on:

  • Contractual necessity: to provide the service you signed up for.
  • Legitimate interests: to secure and improve our services.
  • Legal obligations: to comply with tax and accounting laws.
  • Consent: for optional features such as profile photos and contact imports.

5. How we share data

We only share data with third parties when necessary to run Nid. Key categories include:

  • Hosting: Appwrite (backend, storage, authentication).
  • Purchases & payments: app stores and authorized marketplace providers.
  • Transactional email: external providers to deliver receipts and system emails.

All vendors act under data processing agreements and process data only on our instruction. We do not sell personal data or share it with advertisers.

6. International transfers & storage

Your data is stored on Appwrite-managed infrastructure. If data is transferred outside the EU/EEA, we employ appropriate safeguards such as Standard Contractual Clauses or other GDPR-compliant measures.

7. Retention of data

We retain personal data only as long as necessary:

  • Accounts inactive for an extended period may be deleted after 2 months.
  • Billing and tax records are retained in accordance with Swedish legal requirements.
  • Stored content (messages, files, receipts, and inventory records) is retained while the account or shared setup exists unless deleted by users.

8. Security

We implement reasonable technical and organizational measures, including encrypted transport (HTTPS/TLS), access controls, secure hosting via Appwrite and vendor security requirements. While we strive to protect data, no system is completely invulnerable.

9. Children

We do not set a minimum age for Nid. By using the service you represent that you have the legal right to do so. If we learn that we have collected personal data from a minor who cannot legally consent, we will promptly delete that data.

10. Your choices & rights

If you are in the EU/EEA you have rights including access, correction, deletion, portability, restriction, and objection. You may also withdraw consent where processing is based on consent. To exercise these rights, contact us (see below). We may ask for information to verify your identity before fulfilling requests.

11. Contact

Questions or requests about this policy or your data: privacy@getnid.com

12. Changes to this policy

We may update this policy from time to time. Material changes will be posted here and reflected by the "Last updated" date at the top.