Nivo Ai
Back to home

Privacy Policy

Last updated: February 22, 2026

1. Data Controller

The data controller responsible for the processing of your personal data in connection with this website and our services is:

Leon Cvrtila
Forellengasse 2
3140, St. Pölten
Austria

Email: contact@nivo-ai.com

2. Overview of Data Processing

We process personal data in compliance with the EU General Data Protection Regulation (GDPR), the UK GDPR, and Austrian data protection laws. This privacy policy explains what data we collect, for what purposes we process it, how we protect it, and what rights you have.

3. Data We Collect

3.1 Data You Provide

When you use our contact form, book a demo call, or request our automation and workflow services, we collect:

  • Name
  • Email address
  • Phone number (optional)
  • Business name (optional)
  • Message content

Form processor: FormSubmit.co (USA) forwards form data directly to contact@nivo-ai.com

3.2 Automatically Collected Data

When you visit nivo-ai.com, we automatically collect:

  • IP address
  • Browser type and version
  • Operating system
  • Visited pages and timestamps
  • Referrer URL

Hosting: Vercel Inc. (USA) for website infrastructure

3.3 Service Data (Automation & Workflow Clients)

For customers using our automation and workflow services:

  • Workflow configurations and integration credentials
  • Process data and business logic (hours, services, FAQs)
  • Call recordings and transcripts (when AI receptionist is included)
  • Appointment and CRM data

4. Email Communications and Unsubscribe

If you receive emails from us (e.g. marketing emails), you can unsubscribe at any time. To opt out of our email list, visit nivo-ai.com/unsubscribe and submit your email address. We will process your request promptly and stop sending you marketing or non-essential emails. This does not affect emails necessary for the performance of a contract (e.g. order confirmations).

5. Legal Basis for Processing (GDPR Art. 6)

  • Contract performance (Art. 6(1)(b)): To deliver automation and workflow services and fulfill contracts
  • Legitimate interests (Art. 6(1)(f)): Website security, service improvement, fraud prevention
  • Legal obligation (Art. 6(1)(c)): Statutory retention periods

6. Cookies and Similar Technologies

This website uses cookies and similar technologies to improve your experience and analyze site usage.

6.1 Essential Cookies

Technically necessary browser storage:

  • Cookie consent preference (localStorage)
  • Session storage for navigation (deleted on browser close)

6.2 Analytics Cookies

We use Google Analytics to understand how visitors interact with our website. This helps us improve our services and user experience.

  • Provider: Google LLC (USA)
  • Purpose: Website traffic analysis, user behavior insights
  • Data collected: IP address (anonymized), pages visited, time spent, browser info, device type
  • Retention: 26 months (Google's default)
  • Legal basis: Your consent (GDPR Art. 6(1)(a))

You can withdraw consent anytime by declining cookies in our banner or clearing your browser storage. Google Analytics is only loaded after you accept cookies.

More info: Google Privacy Policy

6.3 Managing Cookies

You can control cookies through:

  • Our cookie banner (accept/decline)
  • Browser settings (block all cookies or specific domains)
  • Browser extensions for privacy control

Note: Blocking essential cookies may affect website functionality.

7. Third-Party Services

Data Processors (bound by Data Processing Agreements):

  • FormSubmit.co, E-Mail submission, USA
  • Vercel Inc., Website Hosting, USA
  • Google LLC, Analytics (Google Analytics), USA

International transfers protected by EU Standard Contractual Clauses.

8. Data Retention

  • Contact form data: 24 months after last contact
  • Technical data: 30 days maximum
  • Service data: Duration of service + 6 years (Austrian commercial law)
  • Call recordings: As per service agreement (typically 30-90 days)

9. International Transfers

Data transfers to USA (FormSubmit.co, Vercel Inc., Google LLC) are protected by:

  • EU Standard Contractual Clauses (SCCs)
  • Supplementary measures per EU adequacy decisions

10. Your Rights

Under GDPR and UK GDPR, you have the right to:

  • Art. 15 - Access: Request copy of your data
  • Art. 16 - Rectification: Correct inaccurate data
  • Art. 17 - Erasure: Delete data ("right to be forgotten")
  • Art. 18 - Restriction: Limit processing
  • Art. 20 - Portability: Receive data in machine-readable format
  • Art. 21 - Object: Oppose legitimate interest processing

Contact: contact@nivo-ai.com
Response time: 1 month (extensions possible)

11. Data Security

  • HTTPS encryption (TLS 1.3)
  • Access controls on all systems
  • Secure form processing (FormSubmit)
  • Regular security updates (Vercel)
  • Data minimization principle applied

12. Children

Our services target businesses only. We do not knowingly collect data from children under 16. Parents/guardians can request deletion: contact@nivo-ai.com.

13. Complaints

Primary contact: contact@nivo-ai.com

Supervisory authorities:

  • Austria: Österreichische Datenschutzbehörde (dsb.gv.at)
  • UK: Information Commissioner's Office (ico.org.uk)

14. Changes to This Policy

We may update this policy. Changes will be posted here with updated "Last updated" date. Continued use constitutes acceptance.

15. Contact

E-Mail: contact@nivo-ai.com