π Privacy Policy
Effective Date: 24/02/2025
Last Updated: 11/03/2025
Welcome to Nanu, operated by Investigate The Unknown Ltd ("we", "us", or "our"). We respect your privacy and are committed to protecting your personal data.
πΉ This Privacy Policy Covers:
β What personal data we collect
β How we use, store, and protect your data
β Your rights under UK GDPR
β How to contact us regarding privacy matters
If you have any questions, contact us at info@nanu-app.com.
1οΈβ£ Who We Are & How to Contact Us
Investigate The Unknown Ltd is a UK-based technology startup developing Nanu, a platform for exploring and documenting unexplained phenomena.
π§ Contact Email: info@nanu-app.com
We are the Data Controller, meaning we determine how and why your data is processed. If you believe your data protection rights have been violated, you can contact the Information Commissioner's Office (ICO): www.ico.org.uk.
2οΈβ£ What Personal Data We Collect & Why
Under UK GDPR, "Personal Data" refers to any information that can identify you directly or indirectly.
πΉ Data We May Collect:
| Type of Data | Examples | Why We Collect It | Legal Basis |
|---|---|---|---|
| Identity Data | Name, username | To manage user accounts | Contractual Obligation |
| Contact Data | Email, phone number | To communicate with you | Legitimate Interest |
| Technical Data | IP address, browser type | To improve website performance | Legitimate Interest |
| Usage Data | Website interactions | To analyze and enhance user experience | Legitimate Interest |
3οΈβ£ Legal Basis for Processing Data (UK GDPR Compliance)
We process personal data under the following six legal justifications under UK GDPR:
βοΈ Consent β When you opt into marketing emails, surveys, or non-essential cookies.
βοΈ Contractual Obligation β When we provide services you request, such as managing an account.
βοΈ Legal Compliance β When required by law (e.g., fraud prevention, security measures).
βοΈ Legitimate Interest β When data processing improves services without overriding your rights.
βοΈ Vital Interests β In rare cases, we may process data to protect life or safety.
βοΈ Public Interest/Official Authority β While not currently applicable, we will update this if needed.
4οΈβ£ How We Use Your Data
We only use your personal data for the following purposes:
β Providing & improving services (e.g., managing user accounts, technical support).
β Sending updates & responding to inquiries (only if consented).
β Ensuring security & fraud prevention (protecting our users and platform).
β Complying with legal obligations (law enforcement requests, dispute resolution).
π¨ We do NOT sell, rent, or share your personal data for third-party advertising.
5οΈβ£ Your Rights Under UK GDPR
As a data subject, you have the following rights under UK GDPR:
πΉ Right to Be Informed β You have the right to know how we collect and use your data.
πΉ Right to Access β Request a copy of your personal data.
πΉ Right to Rectification β Correct inaccurate or incomplete data.
πΉ Right to Erasure ('Right to Be Forgotten') β Request data deletion under certain conditions.
πΉ Right to Restrict Processing β Limit how your data is used.
πΉ Right to Object β You can object to the processing of personal data under legitimate interest (this does NOT mean only if we deem it legitimate).
πΉ Right to Data Portability β Receive your data in a structured, commonly used format.
πΉ Right to Withdraw Consent β Opt out of marketing communications or other consent-based processing at any time.
π© To exercise any of these rights, contact us at info@nanu-app.com.
6οΈβ£ How We Protect Your Data
π Encrypted storage & transmission of personal data.
π Access controls ensuring only authorized personnel handle data.
π‘ Regular security audits to maintain compliance.
π No internet transmission is 100% secure. If you suspect a security issue, contact us immediately.
7οΈβ£ Data Sharing & Third-Party Services
We do not sell your personal data. However, we may share data with:
βοΈ Legal Authorities β If required by law.
βοΈ Service Providers β Trusted third parties (e.g., cloud hosting, analytics).
βοΈ Business Transfers β In case of mergers, acquisitions, or asset sales.
πΉ Definition of "Service Provider":
"Service Provider" refers to any third-party organization or individual contracted to process personal data on behalf of Investigate The Unknown Ltd in order to provide specific services, such as data hosting, analytics, customer support, or security.
Service Providers are strictly bound by data protection agreements and cannot sell, share, or use data for any purpose other than what is explicitly required for their function.
Service Providers must implement appropriate security measures to protect user data and ensure compliance with UK GDPR & international data protection standards.
A full list of third-party service providers will be made available upon request.
π All third-party providers comply with data protection agreements.
9οΈβ£ International Data Transfers
Data may be stored and processed outside the UK, including in the EU and US, only when necessary for providing our services. We ensure that international transfers comply with the highest data protection standards, including:
βοΈ The UK Addendum to the Standard Contractual Clauses (SCCs) for transfers outside the UK.
βοΈ Data processing agreements (DPAs) ensuring GDPR-level protection from non-UK providers.
βοΈ Regular audits of third-party compliance with data security measures.
βοΈ Minimization principles, ensuring only necessary data is transferred internationally.
π¨ Note: The SCC alone is NOT sufficient under UK GDPR post-Brexitβthe UK Addendum is required.
π How Long We Retain Your Data
We retain your personal data only as long as necessary for legal and operational purposes. If no longer needed, we securely delete or anonymize it.
1οΈβ£1οΈβ£ Updates to This Privacy Policy
We may update this Privacy Policy periodically. If major changes occur, we will notify users via email or our website.
A "major change" includes, but is not limited to:
β’ The introduction of new third-party data processors.
β’ Changes in how personal data is collected, stored, or processed.
β’ Updates to user rights or consent mechanisms due to legal or regulatory changes.
β’ The addition of new tracking or analytics technologies.
Users will always have the right to review and object to changes affecting their data rights.
π Last Updated: 11/03/2025
For questions, contact us at info@nanu-app.com.
1οΈβ£2οΈβ£ Contact Us
π§ Email: info@nanu-app.com
Our Commitment to Your Privacy
At Nanu, we believe that privacy is a fundamental right. Our data protection policies are built to exceed compliance standards and ensure that:
β Your data is never sold or misused.
β You have full control over your data preferences.
β We use the highest industry standards to keep your data secure.
If you have any questions about how we handle data, we encourage you to reach out directly at info@nanu-app.com.