Privacy Policy

This Privacy Policy explains how WeKnowTech, an LMK product ("NeLocker," "we") handles personal data when you use nelocker.com. We are the data controller for your information.

1. Information We Collect

• Account data: email address, and optional display name.
• Payment data: handled by Stripe. We do not store your full card details — only a subscription status and customer/subscription IDs.
• Content you submit: messages you post (e.g., the Supporters wall) and your prompt selections.
• Technical data: IP address, device/browser info, and essential cookies needed to keep you signed in.

2. How We Use It

• To provide the Service (authentication, access control, billing).
• To process subscriptions and send transactional email (e.g., sign-in links, receipts) via Resend.
• To send optional updates/marketing — only with your consent, and you can unsubscribe anytime.
• To secure the Service, prevent abuse, and comply with law.

3. Legal Bases (GDPR / UK GDPR)

We process data on these bases: contract (to provide the Service you signed up for), consent (optional marketing and non-essential cookies), legitimate interests(security, improving the Service), and legal obligation (tax, accounting).

4. Who We Share With (Sub-processors)

We share data only with service providers that help us run NeLocker, under contract:

• Supabase — database, authentication, hosting of your account data.
• Stripe — payment processing.
• Resend — transactional and marketing email delivery.
• Google Workspace — our business email.
• Vercel — application hosting.

We do not sell your personal data.

5. Cookies

We use essential cookies to keep you signed in, and (with consent) optional cookies to improve the Service. See our Cookie Policy and the consent banner.

6. Data Retention

We keep your data while your account is active and as needed for legal, tax, and security purposes. You can request deletion (below).

7. Your Rights

If you are in the EU/UK (GDPR): you have the right to access, correct, delete, restrict, port, and object to processing of your data, and to withdraw consent. You may also lodge a complaint with your local data protection authority.

If you are in California (CCPA/CPRA): you have the right to know what we collect, request deletion, correct it, and opt out of "sale"/"sharing" — we do not sell or share your data for cross-context advertising.

To exercise any right, email support@nelocker.com. We will verify and respond within the time required by law.

8. International Transfers

Your data may be processed in the United States and other countries. Where required, we rely on appropriate safeguards (e.g., Standard Contractual Clauses) with our providers.

9. Children's Privacy

NeLocker is not intended for children under 13 (or under 16 where local law sets that age), and we do not knowingly collect their personal data. If you believe a child has provided us data, contact support@nelocker.com and we will delete it. This Service is not a child-directed service under COPPA.

10. Security

We use industry-standard measures (encryption in transit, access controls, encrypted secrets). No system is perfectly secure, but we work to protect your data.

11. Changes

We may update this Policy; material changes will be posted here with a new date and notified where required.

12. Contact

Data controller: WeKnowTech, an LMK product, North Carolina, USA. For privacy requests, email support@nelocker.com with the subject "Privacy."