Privacy Policy - NestDaddy

1. Information We Collect

Information You Provide

Account information when you register (email, preferences)
API usage data for developer accounts
Feedback and communications sent to us
Affiliate program registration details
Identity verification documents (if you participate in the affiliate program and request commission withdrawals)

Identity Verification (KYC) Data

If you participate in the NestDaddy Affiliate Program and request a commission withdrawal, we are required to verify your identity. As part of this process, we collect:

Full legal name as shown on your identity document
Identity document number (national ID, passport, or driver's license number)
Nationality and date of birth
Photographs of your identity document (front and back)
A selfie photograph of you holding your identity document

This data is collected solely for identity verification and fraud prevention purposes. KYC documents are stored in a restricted environment not accessible to the public. Only authorised NestDaddy administrators may access this data for verification purposes. You will be asked to provide explicit consent before submitting KYC data.

Information We Collect Automatically

Search queries and results interactions
IP addresses and general location (country level)
Device and browser information
Usage patterns and performance metrics
API call logs and usage statistics

What We Don't Collect

We do not collect personal search histories tied to your identity, browsing behavior across other websites, or precise location data without explicit consent.

2. How We Use Your Information

Purpose	Data Used	Legal Basis
Provide search results	Search queries, preferences	Service delivery
Improve search quality	Usage patterns, result interactions	Legitimate interest
Prevent abuse	IP addresses, usage patterns	Legitimate interest
API service delivery	API keys, usage statistics	Service delivery
Customer support	Contact information, issue reports	Service delivery
Affiliate commission payouts	Bank/payment details, payout records	Contractual obligation
Identity verification (KYC)	ID documents, selfie, name, DOB, nationality	Legal obligation & explicit consent
Fraud prevention	KYC data, transaction history	Legitimate interest & legal obligation

3. Data Sharing and Disclosure

We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

When We May Share Information

Service providers: Third-party services that help operate our platform (hosting, analytics)
Legal requirements: When required by law, court orders, or to protect our rights
Business transfers: In connection with mergers or acquisitions
With consent: When you explicitly agree to sharing

4. Data Security

We implement appropriate technical and organizational security measures to protect your information:

Encryption of data in transit and at rest
Regular security audits and vulnerability assessments
Access controls and authentication systems
Incident response procedures
Employee training on data protection

5. Data Retention

We retain different types of data for varying periods:

Data Type	Retention Period	Purpose
Search queries (anonymized)	90 days	Service improvement
IP addresses	30 days	Abuse prevention
API usage logs	1 year	Service delivery and billing
Account information	Until account deletion	Service provision
Support communications	3 years	Customer service
KYC documents (approved)	5 years after account closure	Legal & financial compliance
KYC documents (rejected)	90 days, then permanently deleted	Dispute resolution, then deletion
Payout & transaction records	7 years	Financial/tax compliance

6. Your Privacy Rights

Depending on your location, you may have the following rights:

Access: Request a copy of your personal data
Correction: Request correction of inaccurate data
Deletion: Request deletion of your personal data
Portability: Request transfer of your data
Objection: Object to processing for marketing or legitimate interests
Restriction: Request limitation of processing

To exercise these rights, please contact us at the email below.

7. Cookies and Tracking

Essential Cookies

We use essential cookies to provide core functionality like maintaining your search preferences and API authentication.

Analytics Cookies

We use analytics cookies to understand how our service is used and to improve performance. You can opt out through your browser settings.

Third-Party Cookies

We may use third-party services that set cookies for functionality like error monitoring and performance optimization.

8. International Data Transfers

Our services are primarily operated from Malaysia. If you access our services from other countries, your information may be transferred to and processed in Malaysia or other countries where our service providers operate.

We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.

9. Children's Privacy

Our services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If we discover we have collected such information, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by posting the updated policy on our website and updating the "last updated" date. Your continued use of our services constitutes acceptance of the updated policy.

11. Contact Information

If you have questions about this Privacy Policy or our privacy practices, please contact our Data Protection Officer:

Email: [email protected]
Subject Line: Privacy Policy Inquiry
Response Time: We aim to respond within 30 days