NexlyGOTerms of Service →

Privacy Policy

Last updated: April 11, 2026

1. Introduction

Nexly GO (“we”, “our”, or “us”) operates a multi-tenant SaaS platform that enables restaurants to create digital menus, accept online orders, manage reservations, and communicate with customers via multiple channels including WhatsApp Business API.

This Privacy Policy explains how we collect, use, share, and protect personal information when you use our platform — whether as a restaurant operator, end customer, or visitor to our website at https://nexlygo.vercel.app.

By using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of the platform.

2. Information We Collect

2.1 Information you provide directly

  • Restaurant operators: business name, address, phone number, email address, payment information, menu content, hours of operation, logo and images.
  • End customers: name, email address, phone number, delivery address, order details, special instructions, reservation details.
  • Account credentials: email address and encrypted password for admin access.

2.2 Information collected automatically

  • Device type, browser, operating system, and IP address when you visit our platform.
  • Usage data: pages visited, features used, timestamps of interactions.
  • Order history and transaction data.
  • Push notification subscription tokens (for restaurant dashboard alerts).

2.3 Information from third-party integrations

  • Stripe: Payment confirmation data and transaction identifiers (we do not store full card details).
  • WhatsApp Business API (Meta): When you or your customers interact with our WhatsApp Business integration, we receive and process: sender phone number, message content, message timestamps, delivery status (sent, delivered, read), and WhatsApp message IDs. This data is used solely to facilitate customer communication and manage orders or reservations on behalf of the restaurant.
  • Uber Direct / Shipday: Delivery address, driver location updates, and delivery status updates.
  • Google (reviews): Public review data imported via Google Places API.

3. WhatsApp Business API — Specific Data Practices

We integrate with the WhatsApp Business Platform provided by Meta Platforms Ireland Limited to enable restaurants to communicate with their customers. The following applies specifically to WhatsApp-related data:

3.1 Data collected via WhatsApp

  • Customer phone numbers (WhatsApp ID)
  • Message content (text messages sent to and from the business number)
  • Timestamps of messages
  • Delivery and read receipts
  • Customer display name as provided by WhatsApp

3.2 How we use WhatsApp data

  • Responding to customer inquiries about menu, opening hours, reservations, and orders
  • Processing food orders placed via WhatsApp conversations
  • Managing table reservations
  • Sending order confirmations and status updates
  • Providing AI-assisted responses to common questions about the restaurant

3.3 WhatsApp data retention

WhatsApp conversation messages are stored in our database for a period of 12 months for operational and support purposes, after which they are deleted. Restaurant operators can request earlier deletion by contacting us at info@nexlyhub.cloud.

3.4 Compliance with Meta policies

Our use of the WhatsApp Business API complies with the WhatsApp Business Policy and Meta Platform Terms. We do not use WhatsApp messaging for unsolicited marketing, spam, or any purpose outside of legitimate customer service and order management for restaurants operating on our platform.

3.5 Opting out of WhatsApp communications

End customers who receive WhatsApp messages through our platform can opt out at any time by:

  • Replying with “STOP” or “UNSUBSCRIBE” to any message
  • Contacting the restaurant directly
  • Contacting us at info@nexlyhub.cloud

Upon receiving an opt-out request, we will cease all automated WhatsApp communications to that phone number within 24 hours.

4. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain our platform and services
  • Process orders, payments, and reservations
  • Send transactional communications (order confirmations, status updates)
  • Provide customer support and respond to inquiries
  • Improve our services through usage analytics
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations
  • Generate AI-assisted responses to customer inquiries via WhatsApp

We do not use personal data for targeted advertising or sell personal data to third parties for marketing purposes.

5. Sharing of Information

We share personal information only in the following circumstances:

  • Restaurant operators: Customer order and contact data is shared with the restaurant operator for whom the service is being provided, as necessary to fulfill orders and manage reservations.
  • Service providers: We engage trusted third-party service providers including:
    • Supabase (database hosting — EU region, Paris)
    • Vercel (cloud infrastructure — USA)
    • Stripe (payment processing)
    • Meta / WhatsApp Business Platform (messaging)
    • Twilio (SMS)
    • Resend (transactional email)
    • Uber Direct / Shipday (delivery logistics)
  • Legal requirements: We may disclose information when required by law, court order, or government authority.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, personal data may be transferred as a business asset.

6. Data Security

We implement industry-standard security measures to protect your personal information:

  • All data is encrypted in transit using TLS 1.2+
  • Database access is restricted via Row Level Security (RLS) policies
  • API keys and credentials are stored as encrypted secrets
  • Production access is limited to authorized personnel only
  • Regular security audits and vulnerability assessments

Despite these measures, no system is completely secure. We cannot guarantee the absolute security of your data. In the event of a data breach affecting your personal information, we will notify affected parties as required by applicable law.

7. Data Retention

  • Customer orders: Retained for 3 years for accounting and legal compliance purposes
  • WhatsApp conversations: Retained for 12 months
  • Account data: Retained for the duration of the account plus 1 year after closure
  • Payment records: Retained for 7 years as required by financial regulations
  • Usage logs: Retained for 90 days

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate data
  • Right to erasure: Request deletion of your personal data
  • Right to restrict processing: Request limitation of how we use your data
  • Right to data portability: Receive your data in a machine-readable format
  • Right to object: Object to processing based on legitimate interests
  • Right to opt out of WhatsApp communications: See Section 3.5 above

To exercise any of these rights, please contact us at info@nexlyhub.cloud. We will respond within 30 days.

9. Cookies and Tracking

Our platform uses minimal cookies necessary for functionality:

  • Authentication cookies: To keep you logged in to the admin dashboard
  • Session cookies: To maintain your shopping cart state

We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

10. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us immediately at info@nexlyhub.cloud.

11. International Data Transfers

Our infrastructure is primarily hosted in the EU (Paris, France via Supabase) and the USA (Vercel). When personal data is transferred outside the European Economic Area, we ensure appropriate safeguards are in place, including Standard Contractual Clauses where required.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify restaurant operators via email and update the “Last updated” date at the top of this page. Continued use of the platform after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Nexly GO

Email: info@nexlyhub.cloud

Website: https://nexlygo.vercel.app