Privacy

Clear data.

Last updated: June 6, 2026. This policy explains what data NodalDesk processes, on what legal basis, who it's shared with, and what rights you have (GDPR).

1. Data controller

The controller is CJ Development (Spain). Privacy contact: correo de contacto.

2. What data we process

  • Account: email, display name and password (stored hashed/encrypted).
  • Devices and sessions: machine name, device identifiers and fingerprint, status, connection routes and technical metadata.
  • Payment: plan and Stripe subscription/customer identifiers. NodalDesk does not store your card data (Stripe handles it).
  • Usage: technical and security logs (e.g. IP, connection date/time) to operate and protect the service.

3. Legal basis

  • Performance of a contract (Art. 6.1.b GDPR): creating and maintaining your account and providing the service.
  • Legal obligation (6.1.c): billing and accounting.
  • Legitimate interest (6.1.f): security, abuse prevention and service improvement.
  • Consent (6.1.a): when we request it explicitly (e.g. news updates).

4. How we use it

  • Create and maintain your account and devices.
  • Coordinate sessions, connections and permissions.
  • Manage subscriptions and payments.
  • Protect the service against abuse or unauthorized access.
  • Improve stability, performance and experience.

5. Who we share it with

We don't sell your data. It's shared only with the providers that deliver the service, as processors: Stripe (payment processing) and OVH (infrastructure hosting, operated by CJ Development). Also when required by a legal obligation.

6. International transfers

Some provider (e.g. Stripe) may process data outside the European Economic Area. In that case the safeguards provided by the GDPR apply (standard contractual clauses or other adequate mechanisms).

7. Retention

We keep your data while you have an active account and, after closing it, for as long as needed to meet legal obligations (e.g. tax) and handle liabilities. After that it is deleted or anonymized.

8. Cookies

NodalDesk uses one essential technical cookie to keep your session signed in securely. We don't use advertising, marketing or third-party tracking cookies, so no cookie consent banner is required.

9. Security

We apply reasonable technical and organizational measures (hashed passwords, per-device credentials, granular permissions, TLS transport) to protect your data. No system is infallible, but we treat security as part of the product.

10. Minors

The service is not directed to minors. If you believe a minor has given us data, contact us and we'll delete it.

11. Your rights

You can exercise access, rectification, erasure, restriction, objection and portability by writing from the email associated with your account to correo de contacto. You may also lodge a complaint with the Spanish Data Protection Agency (aepd.es) or your local authority.

12. Changes

We may update this policy. We'll publish the current version with its date and, if the change is significant, communicate it by reasonable means.