Privacy Policy
Last updated: February 2026
This Privacy Policy explains how Nomad Life ("we", "us") collects, uses and protects your personal data. We comply with the EU General Data Protection Regulation (GDPR) and Swedish data-protection law.
1. Data controller
Nomad Life is the data controller for personal data collected through this platform. Contact: admin@nomadlife.top.
2. What we collect
- Account data: email, password (hashed with bcrypt), legal name, signup date.
- Profile data: citizenship, current location, reason for joining, optional goals, interests, bio, profile photo (if you upload one).
- Community content: forum threads and replies, ads you post, newsletter inclusions you submit, direct messages.
- Payment metadata: processed by Stripe — we receive customer ID, subscription status, and invoice metadata. We never receive card numbers.
- Technical data: IP address, browser, basic usage logs needed to deliver the service and prevent abuse.
3. Why we process it
| Purpose | Legal basis |
|---|---|
| Account creation, login, providing the platform | Contract |
| Subscriptions, payments, invoices | Contract + legal obligation |
| Direct messaging between members | Contract |
| Monthly newsletter dispatch | Contract (members) / consent (open subscribers) |
| Security, abuse prevention | Legitimate interest |
4. Who we share it with
- Stripe (Ireland / USA) — subscriptions and payments.
- SendGrid (Twilio) (USA) — transactional email and monthly newsletter delivery.
- Cloud infrastructure — for hosting the application and storing media (encrypted at rest).
We never sell or rent your personal data. International transfers (e.g. Stripe, SendGrid) rely on the EU Standard Contractual Clauses.
5. How long we keep it
- Account & profile data: as long as your account is active, plus up to 24 months for legal records.
- Payment records: 7 years (Swedish bookkeeping law).
- Direct messages: retained while at least one participant has an active account.
- Server logs: 12 months.
6. Your rights (GDPR)
You may request access, correction, erasure (where law allows), restriction or objection to processing, and data portability. You may withdraw consent at any time without affecting prior lawful processing. You may also lodge a complaint with the Swedish data-protection authority (Integritetsskyddsmyndigheten — IMY).
To exercise any right, email admin@nomadlife.top. We respond within 30 days.
7. Security
Encrypted transport (HTTPS), bcrypt password hashing, httpOnly session cookies, role-based access controls, and basic event logging.
8. Children
The Platform is not directed at children under 18. We do not knowingly collect personal data from minors.
9. Changes
Material changes will be notified in-app or by email at least 14 days in advance.