Privacy Policy

Last updated: 2 July 2026

This Privacy Policy explains how NestOne Group Private Limited (“NestOne”, “we”, “us”), operator of the NestXO retail intelligence platform (the “Service”), collects, uses, and protects information when you use the Service, including its social media management features. It is written to meet the requirements of the platforms we integrate with (including Meta/Facebook, Instagram, LinkedIn, X, YouTube, Google Business Profile, Pinterest and TikTok).

Who we are

NestOne Group Private Limited, a company incorporated in India. Product: NestXO. Contact: platform@nestonegroup.com.

Information we collect

  • Account & tenant data — your name, business name, email, phone, role, and organisation configuration.
  • Social account connections — when you connect a social account, we receive access tokens and the permissions you grant, plus basic profile details (account name, handle, follower counts) needed to operate the Service on your behalf.
  • Content you create — posts, media, captions, schedules, and reports you make in NestXO.
  • Engagement & analytics data — mentions, comments, messages, reviews, likes and performance metrics retrieved from your connected accounts, used to power the inbox and analytics.
  • Usage & device data — logs, IP address and basic device information for security and reliability.

How we use information

  • To publish, schedule and manage content to the social accounts you have connected and authorised.
  • To retrieve and display engagement (inbox) and analytics for those accounts.
  • To provide, secure, maintain and improve the Service.
  • To communicate with you about your account and support.

We access data from connected social accounts only to provide the features you use, and only for the accounts you have explicitly connected. We do not sell your data or the data of your social audiences.

Platform data & compliance

Where we use data obtained through a social platform’s API, our use complies with that platform’s terms and developer policies (including the Meta Platform Terms and Developer Policies). You may disconnect any social account at any time from the Channels settings, which revokes NestXO’s access. Revoking access from within the social platform itself also stops our access.

Sharing & sub-processors

We share data only with service providers that help us run the Service (e.g. cloud hosting and infrastructure), bound by confidentiality and data-protection obligations, and where required by law. We do not sell personal data.

Data retention & deletion

We retain data for as long as your account is active or as needed to provide the Service. You can request deletion of your data at any time — see our Data Deletion page. When you disconnect a social account, associated tokens are deleted and we stop retrieving new data from it.

Security

Access tokens and credentials are stored server-side and are never displayed back to you. We use tenant isolation, encryption in transit, and access controls to protect data. No method of transmission or storage is 100% secure, but we take reasonable measures to safeguard your information.

Your rights

Subject to applicable law, you may request access to, correction of, or deletion of your personal data by contacting platform@nestonegroup.com.

Cookies

The Service uses strictly necessary cookies/local storage to keep you signed in and remember preferences. We do not use them to track you across other websites.

Changes

We may update this policy; material changes will be posted here with a new “last updated” date.

Contact

NestOne Group Private Limited — platform@nestonegroup.com.

This document is provided as a starting template and should be reviewed by legal counsel before public use.