Privacy Policy

This Privacy Policy explains how Nubis (a subsidiary of Semmat, Inc.) collects, uses, and shares information about you when you join our waitlist or otherwise interact with us. If you do not agree with this policy, please do not provide your information.

Who we are

Controller: Nubis, Semmat, Inc., 651 N Broad Street, Suite 201, Middletown, Delaware, 19709, USA.

Contact: hello@usenubis.xyz

Information we collect

• Identification data: name and email address you submit via our form.
• Technical data: IP address and request metadata used for rate limiting and abuse prevention.
• Communications data: email delivery events (e.g., delivered, bounced), which we receive from our email provider to ensure reliable communications.

How we use your information

• To register you on the waitlist and communicate updates.
• To prevent fraud and abuse (rate limiting and security).
• To operate, maintain, and improve our services.
• To comply with legal obligations.

Legal bases (EEA/UK)

• Consent (Article 6(1)(a) GDPR) for optional communications.
• Legitimate interests (Article 6(1)(f) GDPR) for security, rate-limiting, service operation, and improvement. We balance these interests against your rights.
• Compliance with legal obligations (Article 6(1)(c) GDPR).

Sharing and processors

We use trusted service providers to operate the waitlist:

• Notion – stores your name and email as waitlist entries.
• Resend – sends transactional emails and tracks delivery events.
• Upstash – provides Redis-based rate limiting by IP.
• Hosting (e.g., Vercel) – serves our website and APIs.

These providers act as processors on our behalf. We require them to protect your information and process it only under our instructions.

International transfers

Where data is transferred outside your jurisdiction, we rely on appropriate safeguards (such as Standard Contractual Clauses) or other lawful transfer mechanisms.

Retention

• Waitlist data: retained until product launch or removal upon your request.
• Rate-limit logs: typically retained up to 30–60 days.
• Email delivery logs: typically retained up to 24 months.
• Legal/audit records may be retained as required by law.

Your rights

Depending on your location, you may have rights to access, correct, delete, or export your data, and to object or restrict certain processing. You may withdraw consent at any time.

US (CCPA/CPRA): California residents may request to know, delete, and correct personal information and to opt out of certain sharing. We do not sell personal information.

To exercise rights, email us at hello@usenubis.xyz. We may request information to verify your identity.

Security

We use technical and organizational measures appropriate to the risk, including encryption in transit, access controls, and data minimization. However, no method of transmission or storage is completely secure.

Children

Our services are not directed to children under 16. If you believe we have collected data from a child, contact us to delete it.

Cookies

We primarily use essential cookies and similar technologies necessary to operate the site and prevent abuse. If we use additional analytics or marketing cookies in the future, we will provide notice and obtain consent where required.

Changes

We may update this policy from time to time. We will change the “Last updated” date above and, where appropriate, provide additional notice.

Contact

For privacy questions or requests, email us at hello@usenubis.xyz.