CutNest
← Open app

Privacy Policy

Last updated: March 2025

This Privacy Policy describes how CutNest ("we", "us", or "our") collects, uses, and shares information about you when you use our Service at cutnest.xyz.

1. Information We Collect

Email address. When you sign in using our magic-link system, you provide your email address. We store this to identify your account, send your sign-in link, and communicate service-related notices.

Uploaded files. DXF and DWG files you upload are processed in memory to perform nesting calculations. Files are stored only for the duration of your browser session (up to 24 hours in our Redis cache) and are not retained permanently.

Session data. We store a session cookie to remember your parts, sheet configuration, and nesting results within a session. Session data expires after 24 hours.

Subscription and billing data. If you purchase a Pro subscription, Paddle (our payment processor and Merchant of Record) collects and stores your payment information. We receive and store: your Paddle customer ID, subscription ID, plan type, and subscription expiry date. We do not store card numbers or other payment details.

Usage data. We may collect basic usage metrics (e.g. number of nests run per month) to enforce free-tier limits and improve the Service. This data is tied to your account.

2. How We Use Your Information

  • To provide, maintain, and improve the Service.
  • To send magic-link sign-in emails via Resend.
  • To manage your subscription and enforce plan limits.
  • To send transactional emails (e.g. payment receipts via Paddle, service notices).
  • To detect and prevent fraud or abuse.

We do not use your files or design data to train machine learning models. We do not sell your personal data.

3. Third-Party Services

Paddle — payment processing and tax collection. Paddle acts as our Merchant of Record and processes payment data under their own Privacy Policy.

Resend — transactional email delivery (magic links and service notices). Resend processes email addresses under their Privacy Policy.

Fly.io — cloud hosting. Our servers and databases run on Fly.io infrastructure. Data is stored in the region closest to you. Fly.io's Privacy Policy applies to infrastructure-level data.

4. Data Retention

  • Session data (parts, results): deleted automatically after 24 hours.
  • Account data (email, plan): retained while your account is active. You may request deletion at any time.
  • Billing records: retained as required for tax and accounting compliance (typically 7 years).

5. Cookies

We use two first-party cookies:

  • nest_session — identifies your current session (expires after 24 hours).
  • nest_account — links your browser to your account (1-year lifetime, HttpOnly).

We do not use advertising cookies or third-party tracking pixels.

6. Your Rights

Depending on your location, you may have rights under GDPR, CCPA, or other privacy laws, including the right to access, correct, or delete your personal data. To exercise these rights, email hello@cutnest.com. We will respond within 30 days.

To delete your account and all associated data, email us with your registered email address. We will complete the deletion within 30 days, except where retention is required by law.

7. Security

We use industry-standard measures to protect your data, including TLS encryption in transit, HttpOnly and Secure cookies, and access-controlled databases. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

8. Children

The Service is not directed at children under 16. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected such information, please contact us.

9. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by email or by displaying a notice in the Service. The "Last updated" date at the top of this page reflects the most recent revision.

10. Contact

Questions about this Privacy Policy can be sent to hello@cutnest.com.