Trust Center
Builders trust Nexxt Site Manager with real business information. This page summarises who processes your data on our behalf, answers the security questions we hear most, and tells you how to request further detail. For the full picture see our Security & Data Protection and Privacy Policy pages.
Subprocessors
We use a small number of trusted providers to run the Service. Each receives only the data needed for its function.
| Provider | Purpose | Data location |
|---|---|---|
| Supabase | Managed PostgreSQL database & authentication (row-level security per account) | Seoul, South Korea (AWS ap-northeast-2) |
| Vercel | Application hosting & serverless functions | United States |
| Anthropic (Claude) | AI processing of the content you submit, solely to generate your requested output | United States |
| Stripe | Payment processing — card details are handled entirely by Stripe; we never receive or store them | United States / global |
Some of these providers process limited data outside Australia. This is an overseas disclosure under Australian Privacy Principle 8 — see the Privacy Policy for detail.
Security FAQ
Is my data encrypted?
Yes. All traffic between your browser and the Service is encrypted in transit over HTTPS/TLS.
Can other customers see my data?
No. Row-level security is enforced at the database so each account can access only its own records. Internal/operational tables are restricted to server-side access only.
How do I sign in — do you store passwords?
Sign-in is passwordless: a secure, single-use link is sent to your email. We do not store passwords, and sessions use short-lived, auto-refreshing tokens.
Is the content I submit to the AI tools used to train models?
No. Content you submit is processed by our AI provider solely to generate your requested output. API inputs are not used to train AI models.
How are payments handled?
Payments are processed by Stripe. Card details are handled entirely by Stripe — we never receive or store your card number.
Where is my data stored?
Your account data is stored in a managed PostgreSQL database (Supabase) hosted in the Seoul, South Korea region (AWS ap-northeast-2). See the Privacy Policy for how we handle offshore storage under the Australian Privacy Principles.
Request security details
Need a deeper security review — a questionnaire, our subprocessor list in writing, or to report a vulnerability? We welcome good-faith requests and disclosure.
Email: hello@nexxtsitemanager.com.au
Disclosure policy: /.well-known/security.txt ·
Security & Data Protection
Nexxt Nest Group Pty Ltd · ABN 52 689 862 922 · Melbourne, Victoria, Australia. Operated under the Privacy Act 1988 (Cth) and the Australian Privacy Principles.