TestNexus

Privacy Policy

Last updated: April 2026

Test Nexus ("we", "our", or "us") operates the testnexus.app website and the Test Nexus cloud platform at app.testnexus.app. This Privacy Policy explains what personal information we collect, how we use and protect it, and your rights regarding your data. By using our Service, you consent to the practices described in this policy.

1. Information We Collect

1.1 Account Information

When you create an account, we collect your name, email address, and a securely hashed version of your password. We never store passwords in plain text. Your email address is used for authentication, account verification, and essential service communications.

1.2 Organization Information

When you create or join an organization (tenant), we store the organization name, your role within the organization, and team membership details. Each organization operates in a fully isolated data environment.

1.3 Usage Data

We collect basic usage data such as pages visited, features used, browser type, device information, and IP address to maintain security and improve the product. This data is used in aggregate form and is never sold to third parties.

1.4 Content & Test Data

Test cases, test executions, attachments, documents, and other content you upload are stored securely and are accessible only by authorized members of your organization. We do not access, review, or analyze your content except as necessary to provide the Service or as required by law.

1.5 Payment Information

Payment processing is handled by our Merchant of Record, Paddle. We do not directly collect, store, or process credit card numbers or bank account details. Paddle may collect billing information in accordance with their own privacy policy.

2. How We Use Your Information

  • To provide, operate, and maintain the Test Nexus service
  • To authenticate your identity and manage your account
  • To send transactional emails (e.g., email verification, password resets, billing receipts)
  • To respond to support inquiries and provide customer service
  • To enforce plan limits, usage policies, and billing
  • To detect, prevent, and address security incidents and abuse
  • To improve the product based on anonymized and aggregated usage patterns
  • To comply with legal obligations

3. Data Storage & Security

Your data is stored in secure cloud infrastructure with industry-standard protections. We implement the following security measures:

  • Encryption in transit using TLS for all connections
  • Tenant-scoped database isolation ensuring organizations cannot access each other's data
  • JWT-based authentication with secure token management
  • Password hashing using bcrypt with appropriate cost factors
  • File attachments stored in Cloudflare R2 with private access controls
  • Regular security reviews and dependency updates

4. Data Sharing & Third-Party Services

We do not sell, rent, or share your personal data with third parties for marketing or advertising purposes. We may share limited data with the following categories of service providers who assist us in operating the platform:

  • Hosting & Infrastructure: Cloud hosting providers for application and database hosting
  • Email Delivery: Resend for transactional email delivery
  • Payment Processing: Paddle for subscription billing and payment handling
  • File Storage: Cloudflare R2 for file attachment storage

All service providers are bound by data processing agreements and are prohibited from using your data for any purpose other than providing their services to us.

5. Data Retention

We retain your personal data for as long as your account is active and as needed to provide the Service. If you delete your account, we will remove your personal data within 30 days. Some data may be retained in encrypted backups for up to 90 days. We may retain certain information longer if required by law, to resolve disputes, or to enforce our agreements.

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your account and associated personal data
  • Export: Request an export of your data in a portable format
  • Withdrawal of Consent: Withdraw consent for optional communications at any time
  • Objection: Object to processing of your data for certain purposes

To exercise any of these rights, please contact us at hello@testnexus.app. We will respond to your request within 30 days.

7. Cookies & Tracking

We use essential cookies for authentication and session management. These cookies are strictly necessary for the Service to function and cannot be disabled. We do not use third-party advertising cookies, tracking pixels, or analytics tools that share data with advertisers.

8. Children's Privacy

Test Nexus is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected data from a child under 18, we will delete it promptly.

9. International Data Transfers

Your data may be processed and stored in countries other than your own. By using the Service, you consent to the transfer of your data to these locations. We take appropriate measures to ensure your data is protected in accordance with this Privacy Policy regardless of where it is processed.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of significant changes via email or a notice on our website at least 14 days before the changes take effect. The latest version will always be available on this page.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at hello@testnexus.app.