Privacy Policy
Last updated: February 15, 2026
Your privacy is important to us. This Privacy Policy explains what information NextMachina ("the Service"), available at nextmachina.ai, collects, how we use it, and your rights regarding your data.
The Service is operated by Peter Lipcak, an individual ("we", "us", "our").
Information We Collect
Personal Data
When you create an account or subscribe to a paid plan, we may collect:
- Email address
- Full name
- Billing information (address, country, ZIP code) — processed by our payment provider, Paddle
Usage Data
We automatically collect certain information when you use the Service, including:
- IP address
- Browser type and version
- Device type and operating system
- Crash reports and diagnostic data
Content Data
We collect and store the content you create within the Service, including conversation messages and preferences, solely to provide and improve the Service. Your conversation messages are sent to third-party AI language model providers (listed in the Data Sharing section below) in order to generate responses. We recommend not sharing sensitive personal information, medical details, or identifying information in your conversations.
How We Use Your Information
We use collected data to:
- Provide, maintain, and improve the Service
- Process payments and manage subscriptions
- Personalize your experience
- Provide customer support
- Monitor usage patterns and detect technical issues
- Send service-related communications (e.g., account notifications, security alerts)
- Comply with legal obligations
We do not sell your personal data to third parties.
Legal Basis for Processing (GDPR)
If you are in the European Economic Area (EEA), we process your data based on:
- Contract performance — to provide the Service you signed up for
- Consent — where you have given explicit consent (e.g., optional communications)
- Legitimate interests — to improve and secure the Service
- Legal compliance — to meet our legal obligations
Data Sharing and Third-Party Services
We share data only with third-party service providers necessary to operate the Service:
| Provider | Purpose |
|---|---|
| Supabase | Database and authentication |
| Paddle | Payment processing |
| Sentry | Error monitoring |
| AI language model provider | |
| Vercel | Hosting and deployment |
These providers access your data only as necessary to perform their services and are bound by their own privacy policies.
Payment Information
We do not store your payment card details. All payment information is processed directly by Paddle (Paddle.com Market Limited), which acts as the Merchant of Record for our transactions. Paddle's handling of your payment data is governed by their Privacy Policy.
Cookies
We use cookies essential for the functioning of the Service, such as authentication and session management. We do not use advertising or marketing cookies.
Data Retention
We retain your personal data for as long as your account is active or as needed to provide the Service. After account deletion, we may retain certain data for a limited period to comply with legal obligations, resolve disputes, or enforce our agreements.
Data Transfers
Your data may be transferred to and processed in countries outside your jurisdiction, including the United States, where our service providers operate. We take reasonable steps to ensure your data is treated securely and in accordance with this Privacy Policy.
Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access — request a copy of your personal data
- Rectification — request correction of inaccurate data
- Deletion — request deletion of your personal data
- Restriction — request that we restrict processing of your data
- Data portability — request your data in a structured, machine-readable format
- Objection — object to processing based on legitimate interests
- Withdraw consent — withdraw consent at any time where processing is based on consent
To exercise any of these rights, contact us at support@nextmachina.ai. We may verify your identity before processing your request.
If you are in the EEA, you have the right to lodge a complaint with your local Data Protection Authority.
Children's Privacy
The Service is not intended for users under 16 years of age. We do not knowingly collect personal data from children under 16. If we discover that a child under 16 has created an account, we will promptly delete it.
Security
We use commercially reasonable measures to protect your personal data. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date.
Contact
If you have any questions about this Privacy Policy, contact us at support@nextmachina.ai.