Privacy Policy

Last updated: 11 May 2026

1. Who We Are

Nibbley is operated by SevenVectors Ltd (Company No. 17191932), registered in England & Wales. Registered address: Hill House, Warley Wise Lane, Colne, United Kingdom, BB8 7ES. We are the data controller responsible for your personal data.

If you have questions about this policy or your data, contact us at: team@nibbley.app

2. What Data We Collect

We collect only what is necessary to provide and improve the Nibbley service:

  • Account information — email address and display name when you create an account.
  • Recipe data — recipes you create, import, save, or customise within the app.
  • Usage data — anonymous, aggregated analytics such as feature usage frequency and crash reports to help us improve the app.
  • Device information — device type, operating system version, and app version for compatibility and troubleshooting.
  • Purchase information — transaction identifiers provided by Google Play or Apple App Store for subscription verification. We do not store payment card details.

3. How We Use Your Data

We use your data solely to:

  • Provide, maintain, and improve the Nibbley service.
  • Authenticate your account and manage your subscription.
  • Sync your recipes securely across your devices.
  • Send essential service communications (e.g. password resets, critical updates).
  • Diagnose technical issues and fix bugs.

We do not use your data for advertising, profiling, or marketing purposes.

4. Data Sharing

We do not share, sell, rent, or trade your personal data with any third party.

Your data is never provided to advertisers, data brokers, or any external organisation. The only exceptions are:

  • Legal obligation — if required by UK law, court order, or regulatory authority.
  • Service infrastructure — our hosting provider (Microsoft Azure) processes data on our behalf under strict contractual obligations and does not have independent access to your content.

5. Data Security

We take the security of your data seriously:

  • Encryption at rest — all data is stored on Microsoft Azure with AES-256 encryption at rest.
  • Encryption in transit — all communications between your device and our servers use TLS 1.2 or higher.
  • Access controls — strict role-based access ensures only authorised personnel can access infrastructure, and no one accesses your recipe content.
  • Regular backups — automated encrypted backups protect against data loss.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will permanently delete all your personal data and recipe content within 30 days. Anonymised, aggregated analytics data may be retained indefinitely as it cannot be linked back to you.

7. Your Rights (UK GDPR)

Under UK data protection law, you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — ask us to correct inaccurate data.
  • Erasure — ask us to delete your data ("right to be forgotten").
  • Data portability — receive your data in a structured, machine-readable format.
  • Restriction — ask us to limit how we process your data.
  • Object — object to processing based on legitimate interests.

To exercise any of these rights, email team@nibbley.app. We will respond within 30 days.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection.

8. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract — processing necessary to provide the Nibbley service you signed up for.
  • Legitimate interests — anonymous analytics to improve the app, provided this does not override your rights.
  • Legal obligation — where we are required to retain or disclose data by law.

9. Children's Privacy

Nibbley is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us at team@nibbley.app and we will delete it promptly.

10. Third-Party Services

Nibbley integrates with the following third-party services solely for app functionality:

  • Google Play Store / Apple App Store — for app distribution and subscription management. Their respective privacy policies apply to transactions processed through their platforms.
  • Microsoft Azure — cloud infrastructure provider. Data is processed in accordance with Microsoft's data processing agreement and stored in UK/EU data centres.

We do not integrate any third-party advertising, tracking, or social media SDKs.

11. International Data Transfers

Your data is stored on Microsoft Azure servers located in the United Kingdom. In the event data is processed outside the UK, we ensure appropriate safeguards are in place (such as Standard Contractual Clauses) in compliance with UK GDPR.

12. Cookies and Local Storage

The Nibbley mobile app does not use cookies. We use local device storage solely to maintain your login session and cache recipe data for offline access. Our website uses only essential cookies required for the site to function — no tracking or advertising cookies are used.

13. Changes to This Policy

We may update this privacy policy from time to time. If we make material changes, we will notify you via the app or email before the changes take effect. The "Last updated" date at the top of this page indicates when the policy was last revised.

14. Contact Us

If you have any questions, concerns, or requests regarding this privacy policy or your personal data, contact us at:

SevenVectors Ltd

Company No. 17191932 (Registered in England & Wales)

Hill House, Warley Wise Lane, Colne, United Kingdom, BB8 7ES

Email: team@nibbley.app

Product: Nibbley