Get Started

Privacy Policy

Last updated: August 21, 2025

Quick Navigation

Overview

OrderNimbus Inc. ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal and business data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our enterprise AI-powered sales forecasting platform and related services.

SOC 2 Type II Compliant GDPR Compliant CCPA Compliant ISO 27001 Certified

Information We Collect

Account and Profile Information

  • Contact Details: Name, email address, phone number, job title, company name
  • Account Credentials: Username, encrypted passwords, authentication tokens
  • Billing Information: Payment method details (processed by PCI-compliant third parties)
  • Company Information: Business details, industry type, company size

Business and Sales Data

  • Sales Records: Transaction history, product information, customer data (anonymized)
  • Inventory Data: Stock levels, product catalogs, supplier information
  • E-commerce Integration Data: Platform connections (Shopify, Amazon, etc.)
  • Forecast Data: Predictions, analytics results, model outputs

Technical Information

  • Usage Data: Feature usage, session duration, click patterns
  • Device Information: IP address, browser type, operating system
  • Performance Data: API response times, error logs, system metrics
  • Security Logs: Login attempts, access patterns, security events

How We Use Your Data

Service Provision

  • Generate AI-powered sales forecasts and inventory predictions
  • Provide real-time analytics and business insights
  • Integrate with your existing e-commerce platforms
  • Deliver automated reports and alerts

Platform Improvement

  • Enhance AI model accuracy through aggregated, anonymized data
  • Improve user experience and platform performance
  • Develop new features and capabilities
  • Conduct security monitoring and threat detection

Communication

  • Send service updates, security notifications, and platform alerts
  • Provide customer support and technical assistance
  • Share relevant industry insights and best practices
  • Process billing and subscription management

Legal and Compliance

  • Comply with applicable laws and regulations
  • Respond to legal requests and government inquiries
  • Protect our rights and prevent fraud or abuse
  • Maintain audit trails for compliance purposes

Data Sharing and Disclosure

We Do NOT Sell Your Data

OrderNimbus does not sell, rent, or trade your personal or business data to third parties for marketing purposes.

Limited Sharing Scenarios

  • Service Providers: Trusted third parties who assist in service delivery (cloud hosting, payment processing, customer support)
  • Business Transfers: In case of merger, acquisition, or sale of business assets
  • Legal Requirements: When required by law, court order, or government regulation
  • Security Protection: To protect our rights, property, or safety, or that of our users

Data Processing Partners

  • Cloud Infrastructure: AWS (SOC 2 compliant data centers)
  • Payment Processing: Stripe (PCI DSS Level 1 certified)
  • Customer Support: Zendesk (GDPR compliant)
  • Analytics: Internal systems only (no third-party analytics)

Data Security

Enterprise-Grade Security

  • Encryption: AES-256 encryption at rest, TLS 1.3 in transit
  • Access Controls: Role-based access with multi-factor authentication
  • Network Security: VPC isolation, WAF protection, DDoS mitigation
  • Monitoring: 24/7 security monitoring and incident response

Compliance and Certifications

  • SOC 2 Type II: Annual third-party security audits
  • ISO 27001: Information security management system
  • GDPR: European data protection compliance
  • CCPA: California consumer privacy compliance

Data Breach Response

In the unlikely event of a data breach, we will:

  • Contain and investigate the incident within 24 hours
  • Notify affected customers within 72 hours
  • Report to relevant authorities as required by law
  • Provide detailed incident reports and remediation steps

Data Retention

Retention Periods

  • Account Data: Retained for the duration of your subscription plus 30 days
  • Business Data: Retained as long as necessary for service provision
  • Aggregated Analytics: Anonymized data may be retained indefinitely
  • Security Logs: Retained for 1 year for security monitoring

Data Deletion

Upon account termination or data deletion request:

  • Personal data will be deleted within 30 days
  • Business data will be securely deleted or anonymized
  • Backup data will be purged within 90 days
  • Legal hold data may be retained longer if required

Your Rights and Choices

Data Subject Rights (GDPR)

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your personal data
  • Restriction: Limit processing of your data
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to processing based on legitimate interests

California Rights (CCPA)

  • Know: Learn what personal information we collect and how it's used
  • Delete: Request deletion of personal information
  • Opt-out: Opt-out of sale of personal information (we don't sell data)
  • Non-discrimination: Equal service regardless of privacy choices

Exercising Your Rights

To exercise your rights, contact us at:

  • Email: privacy@ordernimbus.com
  • Phone: 1-800-ORDER-NB (1-800-673-3762)
  • Mail: OrderNimbus Inc., Privacy Team, [Address]

International Compliance

Cross-Border Data Transfers

  • Data is primarily stored in US-based AWS data centers
  • International transfers use Standard Contractual Clauses (SCCs)
  • EU data may be processed in adequacy decision countries
  • Additional safeguards include encryption and access controls

Industry-Specific Compliance

  • Retail: PCI DSS for payment data handling
  • Healthcare: HIPAA compliance for healthcare retailers
  • Financial: SOX compliance for publicly traded companies
  • Government: FedRAMP authorized cloud infrastructure

Cookies and Tracking

Essential Cookies

  • Authentication and session management
  • Security and fraud prevention
  • Platform functionality and preferences

Analytics Cookies

  • Usage patterns and feature adoption (anonymized)
  • Performance monitoring and optimization
  • Error tracking and debugging

Cookie Management

You can manage cookies through your browser settings or our cookie preference center in the application.

Contact Information

Privacy Inquiries

Data Protection Officer: privacy@ordernimbus.com

General Privacy Questions: support@ordernimbus.com

Phone: 1-800-ORDER-NB (1-800-673-3762)

Mailing Address

OrderNimbus Inc.
Attn: Privacy Team
[Street Address]
[City, State ZIP]
United States

EU Representative

[EU Representative Name]
[EU Address]
Email: eu-privacy@ordernimbus.com

Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. We will:

  • Notify you of material changes via email or platform notification
  • Post the updated policy with a new "last updated" date
  • Provide at least 30 days' notice for significant changes
  • Obtain consent where required by applicable law

Previous versions: Available upon request for regulatory compliance purposes.

Get Started