Privacy Policy

Last updated: May 23, 2026

1. Information We Collect

When you use Nestling, we collect:

  • Account information: email address and name when you register.
  • Conversation data: questions you ask and responses from our AI. User messages are encrypted at rest.
  • Usage data: number of questions per day, feature interactions, and affiliate link clicks (anonymized IP).
  • Payment data: processed entirely by Stripe. We never store credit card details.

2. How We Use Your Data

  • To provide AI-powered pediatric guidance and improve response quality.
  • To manage your account, subscriptions, and premium features.
  • To recommend relevant affiliate products based on your questions.
  • To send service-related emails (verification, payment receipts).
  • To analyze aggregate usage patterns to improve our service.

3. Data Protection

We implement industry-standard security measures including:

  • Encryption of user messages at rest using AES-256.
  • Encrypted data transmission via HTTPS/TLS.
  • HttpOnly, Secure cookies for authentication (no localStorage JWTs).
  • Anonymous IP storage (SHA-256 hashed, truncated).
  • Regular security audits and dependency updates.

4. Affiliate Links

Nestling participates in affiliate programs (Amazon Associates, Awin, Impact, ShareASale). When you click an affiliate link and make a purchase, we may earn a commission at no extra cost to you. Affiliate clicks are tracked with anonymized data only.

5. Data Retention

Conversation data is retained for the duration of your account. You may request deletion of your data at any time by contacting us. Anonymized analytics data may be retained indefinitely.

6. Third-Party Services

We use the following third-party services, each with their own privacy policies:

  • Stripe — payment processing
  • OpenRouter — AI model access
  • Upstash / Redis — caching and rate limiting
  • Vercel — frontend hosting
  • Railway — backend hosting
  • Neon / Supabase — database hosting

7. Your Rights

You have the right to access, correct, or delete your personal data. To exercise these rights, contact us at privacy@nestling.net. We will respond within 30 days.

8. Children's Privacy

Nestling is designed for parents and caregivers of children 0-36 months. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us immediately.

9. Contact

Email: privacy@nestling.net

Back to Nestling