legal

Privacy Policy

Last updated: July 7, 2026

This Privacy Policy explains how Brandy IM Inc. (“we”, “us”, “our”), the company that operates the Naimi service at naimi.ai and https://app.naimi.ai (together, the “Service”), collects, uses, shares and protects personal data. It applies to visitors of our website, account holders, and people who view presentations sent through Naimi.

Who we are

Brandy IM Inc. is the data controller for personal data processed through the Service. You can reach us at support@naimi.ai or by mail at:

Brandy IM Inc.
1178 Broadway, Fl 2
PMB 2000
New York, NY 10001
United States

Information we collect

  • Account data. Your name, email address, password (stored hashed), organization name, team members you invite, and account preferences.
  • Content you create. Templates, presentations, proposals, uploaded images and files, and the client information you add to personalize materials.
  • Presentation viewing events. When someone opens a link you send, we record events such as opens, view time, pages viewed, referrer, approximate location derived from IP, device and browser type. These analytics are shown to the account holder who sent the link.
  • Self-fill answers. Information a viewer voluntarily submits in a presentation is stored for, and visible only to, the account holder who sent it.
  • Payment data. Subscriptions and one-time purchases are processed by Stripe. We do not receive or store your full card number. We receive limited billing details (such as the last four digits, card brand, billing country and subscription status) needed to manage your account.
  • Usage & technical data. Log data, IP address, cookies and similar identifiers, and diagnostic information generated when you use the Service.
  • Communications. Messages you send us for support or via email.

How we use information

  • To provide, operate, secure and improve the Service.
  • To create and manage your account and authenticate you.
  • To process payments, manage subscriptions and send billing notices.
  • To deliver presentation-tracking analytics and notifications you enable.
  • To respond to support requests and communicate service-related updates.
  • To detect, prevent and address fraud, abuse and security incidents.
  • To comply with legal obligations and enforce our Terms of Service.

Legal bases for processing

Where the EU/UK GDPR applies, we rely on: contract (to provide the Service you sign up for), legitimate interests (to secure and improve the Service and understand usage), consent (where required, e.g. certain cookies or marketing), and legal obligation (e.g. tax and accounting).

How we share information

We do not sell your personal data. We share it only with:

  • Service providers (processors) that run parts of the Service on our behalf under data-processing agreements — including cloud hosting, Stripe (payments), and email/notification delivery.
  • Recipients you direct. When you send a presentation, its contents are shared with the people you send the link to.
  • Legal & safety. Where required by law, to protect our rights, or in connection with a merger, acquisition or sale of assets (you will be notified of any such change).

International transfers

We are based in the United States and use service providers that may process data in the United States and elsewhere. Where we transfer personal data out of the EEA or UK, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses.

Data retention

We keep personal data for as long as your account is active and as needed to provide the Service, then for the period required to comply with legal, tax and accounting obligations or to resolve disputes. You can delete content from within the app; deleting your account removes associated personal data except where we must retain it by law.

Security

We use technical and organizational measures — encryption in transit, access controls and hashed passwords — to protect personal data. No method of transmission or storage is completely secure, but we work to protect your information and to notify you of material incidents as required by law.

Your rights

Depending on where you live, you may have the right to access, correct, export, delete or restrict the processing of your personal data, to object to certain processing, and to withdraw consent. If you are in California, you may have rights under the CCPA/CPRA, including the right to know and delete personal information and not to be discriminated against for exercising those rights; we do not sell or “share” personal information as defined by that law.

Export or delete your data any time from the app, or contact us at support@naimi.ai. You also have the right to complain to your local data protection authority.

Cookies

We use cookies and similar technologies that are strictly necessary to keep you signed in and secure, and to understand aggregate usage of our website. You can control non-essential cookies through your browser settings.

Self-hosted installations

If you run a self-hosted edition of Naimi on your own infrastructure, all account, content and viewing data stays on your servers. We never see it, and this Policy does not apply to that data — you are the controller for it.

Children

The Service is not directed to children under 16, and we do not knowingly collect their personal data.

Changes to this Policy

We may update this Policy from time to time. We will post the new version here and update the “Last updated” date; material changes will be communicated through the Service or by email.

Contact us

Questions about this Policy or your data? Email support@naimi.ai or write to Brandy IM Inc., 1178 Broadway, Fl 2, PMB 2000, New York, NY 10001, United States.