Nimora

Privacy

Privacy policy for merchants, teams, and website visitors.

Nimora processes analytics, SEO, creative, and publishing workflows for supported ecommerce platforms. This policy explains what we collect, why we collect it, and how we protect it.

Last updated: April 27, 2026

1. Introduction

Nimora operates as a web application, supported platform integration, and related website service for ecommerce teams. This Privacy Policy explains how we collect, use, disclose, and protect information when merchants install, connect, or use Nimora.

2. Information We Collect

Store information

When a merchant connects Nimora, we collect and store:

  • Store domain, instance, or site identifiers for supported platforms
  • Encrypted access tokens, API credentials, or connection metadata required to operate the service
  • Store owner or team contact details provided during install, billing, or support flows
  • Plan, billing, and credit usage information

Behavior and analytics data

For merchants using analytics features, we process event and behavior data such as:

  • Page views, clicks, scroll depth, and session duration
  • Session replay event streams
  • Device type, browser family, screen size, and coarse location data
  • Campaign and referral attributes when available

Nimora is designed to avoid collecting payment card details through analytics tracking. Merchants are responsible for configuring their storefronts and consent flows appropriately for any customer-facing data they choose to collect.

Generated assets and content

Product photos, videos, blog drafts, SEO suggestions, and related prompts generated in Nimora are stored against the merchant account so the merchant can review, publish, and manage them.

3. How We Use Data

  • To authenticate stores and maintain the Nimora service
  • To provide analytics, SEO, content, and creative workflows
  • To process subscriptions, credit purchases, and related billing actions through supported billing providers
  • To save generated assets and send approved output back to supported ecommerce platforms
  • To improve product performance, reliability, and support quality
  • To meet platform, privacy, security, and legal compliance obligations

4. Data Retention

We retain merchant data while the merchant maintains an active Nimora account. Analytics retention depends on plan level:

  • Free: 30 days of analytics retention
  • Pro: 90 days of analytics retention
  • Business: 180 days of analytics retention
  • Rockstar: 365 days of analytics retention

Generated media may be retained for up to 365 days unless deleted earlier. When a merchant disconnects or uninstalls Nimora, associated data is queued for deletion in accordance with platform requirements, contractual obligations, and our internal retention schedule.

5. Security

  • Encrypted storage for Shopify access tokens
  • Encrypted storage for supported platform credentials where applicable
  • HTTPS and TLS for data in transit
  • Database access controls and row-level protections where applicable
  • Webhook signature verification and platform request validation where available
  • Access controls on internal systems and operational tooling

6. Third-Party Services

Nimora relies on service providers to operate key product workflows, including:

  • Supabase for database and operational data storage
  • Cloudflare R2 for generated media storage
  • OpenAI and Google for AI-assisted generation features
  • Platform billing providers and approved payment processors for subscription processing
  • Cookiebot to capture and store website consent choices
  • Google Analytics and related Google tag services for consent-aware website measurement
  • Meta Pixel and Meta Conversions API for consent-based ad attribution and conversion reporting
  • Tidio live chat when visitors opt in to preference cookies
  • Vercel and supporting infrastructure services for hosting and delivery

7. GDPR and CCPA Rights

If you are entitled to privacy rights under applicable law, you may request access, correction, deletion, restriction, or portability of relevant personal data. We also support platform privacy and data-rights workflows where required.

Contact privacy@nimora.us to submit a request.

8. Platform Privacy Requests

Nimora processes platform privacy and account-lifecycle requests where required for supported integrations. For Shopify, this includes mandatory privacy webhooks such as:

  • customers/data_request
  • customers/redact
  • shop/redact

9. Cookies

Nimora uses secure cookies and related browser storage to maintain merchant sessions and operate the app experience. On the public website, Cookiebot manages consent choices before optional preference, statistics, and marketing technologies are allowed to run.

When visitors consent, Nimora may use Google Analytics, Meta Pixel, Meta Conversions API, and Tidio to measure traffic, attribute installs, improve support, and understand campaign performance. Visitors can change or withdraw consent through the Cookiebot banner at any time.

10. Contact

Privacy questions and data requests can be sent to privacy@nimora.us.