AXIS

← Back

Privacy Policy

Last updated: March 21, 2026

1. Introduction

AXIS is a platform operated by Nexus Strategies LLC ("AXIS", "we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share your information when you use our AI-powered digital marketing platform.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and authentication credentials via our authentication provider (Clerk). If you sign in with Google or another OAuth provider, we receive your name, email, and profile photo from that provider.

Business Information

During onboarding and use of the Service, you provide business details including your business name, industry, description, location, website URL, logo, brand preferences, and target audience. This information is used to generate your digital presence and content.

Content and Communications

We store content you create, edit, or approve within the Service, including website copy, blog posts, social media posts, email sequences, and lead data. If you connect third-party accounts (LinkedIn, Google), we store the OAuth tokens required to publish on your behalf.

Payment Information

Payment processing is handled by Stripe. We do not store your full credit card number, CVV, or bank account details. We receive and store your Stripe customer ID, subscription status, and billing history.

Usage Data

We collect information about how you use the Service, including pages visited, features used, content generated, and actions taken. This helps us improve the product and diagnose issues.

Lead Data

When visitors to your AXIS-generated website submit contact forms or sign up for newsletters, we collect their name, email, phone number (if provided), and the source of their visit. This data is stored in your project and is accessible only to you.

3. How We Use Your Information

  • Provide the Service — generate websites, content, and marketing materials tailored to your business
  • AI Processing — send your business information to AI providers (Anthropic, OpenAI) to generate content. See Section 5 for details
  • Improve the Service — analyse usage patterns to improve features, fix bugs, and develop new capabilities
  • Billing — process payments, manage subscriptions, and enforce usage limits
  • Communications — send transactional emails (account confirmations, billing receipts, lead notifications)
  • Security — detect and prevent abuse, fraud, and unauthorised access

4. Data Storage and Security

Your data is stored in encrypted databases hosted by our infrastructure providers. Sensitive information such as API keys and OAuth tokens are encrypted at rest using AES-256-GCM before being written to the database. We use HTTPS for all data in transit.

Our infrastructure is hosted on Railway (API), Vercel (dashboard), Neon (database), Upstash (Redis), and Cloudflare R2 (asset storage). All providers maintain SOC 2 compliance or equivalent security standards.

5. AI Processing and Third-Party Providers

To generate content, we send your business information to AI providers, primarily Anthropic (Claude). This includes your business name, industry, description, brand voice, and content briefs.

We do not send your payment information, passwords, or OAuth tokens to AI providers. AI providers process your data according to their own privacy policies and data processing agreements. Under Anthropic's commercial terms, your data is not used to train their models.

For image generation, we may send descriptions to OpenAI (DALL-E) or fal.ai. For web enrichment during onboarding, we may use AI-powered web search to gather publicly available information about your business.

6. Data Sharing

We do not sell your personal data. We share your information only in the following circumstances:

  • Service providers — infrastructure and tool providers necessary to operate the Service (listed in Section 4 and 5)
  • Connected platforms — when you connect LinkedIn, Google, or other platforms, we share the content you approve for publishing
  • Payment processor — Stripe receives your payment information to process transactions
  • Legal requirements — if required by law, regulation, legal process, or governmental request
  • Business transfers — in connection with a merger, acquisition, or sale of assets, with notice to you

7. Data Retention

We retain your data for as long as your account is active. If you delete a project, all associated data (website files, content, leads, analytics) is permanently deleted from our database immediately. If you delete your account, all data is removed within 30 days.

Billing records are retained for 7 years as required by tax and accounting regulations. Anonymised usage data may be retained indefinitely for analytics purposes.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — correct inaccurate or incomplete data
  • Erasure — request deletion of your data ("right to be forgotten")
  • Portability — receive your data in a structured, machine-readable format
  • Objection — object to processing of your data for certain purposes
  • Restriction — request that we limit processing of your data

To exercise any of these rights, contact us at privacy@nexusstrategies.co. We will respond within 30 days.

9. Cookies and Tracking

AXIS uses essential cookies for authentication (via Clerk) and session management. We do not use third-party advertising cookies or tracking pixels. We do not sell or share cookie data with advertisers.

10. Children's Privacy

AXIS is not intended for use by individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly.

11. International Data Transfers

Your data may be processed in countries outside your jurisdiction, including the United States and the European Union. Our infrastructure providers maintain appropriate safeguards for international data transfers, including Standard Contractual Clauses where applicable.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or an in-app notice. The "Last updated" date at the top indicates when the policy was last revised.

13. Contact Us

For questions or concerns about this Privacy Policy or our data practices, contact us at:

privacy@nexusstrategies.co