Privacy Policy

Overview

This Privacy Policy applies to all products and services operated by Nerd Enterprises, Inc. (“Nerd Enterprises,” “we,” “us,” or “our”), including:

• Clean Books — AI-native accounting software (books.nerdenterprises.com)
• Clean 1099s — 1099 information gathering and filing tool
• The Nerd Enterprises website and any other tools, applications, or services we operate now or in the future under the nerdenterprises.com domain or the Clean by Nerd Enterprises brand family

We take your privacy seriously. This Privacy Policy explains what information we collect across our products, how we use it, and what rights you have regarding your data. We’ve written it to be readable by actual humans — not just lawyers.

By using any Nerd Enterprises product, you agree to the practices described in this Privacy Policy. Where a product has specific privacy considerations (such as bank feed data for Clean Books), those are called out in dedicated sections below.

1. Information We Collect

In the preceding 12 months, we have collected the following categories of personal information: identifiers (such as names and email addresses), financial information (such as bank account data), and sensitive personal information (such as taxpayer identification numbers). We collect this data directly from you and via third-party service providers like Plaid for the business purpose of providing our accounting and tax software.

1.1 Account Information

When you create an account with any Nerd Enterprises product, we may collect:

• Name and email address
• Authentication provider information (e.g., if you sign in with Google, we receive your Google profile name and email)
• Password (stored securely as a hash — we never store your plain-text password)
• Subscription tier and billing contact information
• Business name and contact details where applicable

1.2 Data You Provide Through Our Products

Depending on which product you use, we collect the data you enter or import:

• Clean Books: Financial records including chart of accounts, transactions, invoices, bills, payments, bank account information, contacts, documents, notes, and any other accounting data you create or import
• Clean 1099s: Vendor and contractor information including names, addresses, taxpayer identification numbers (TINs), and payment amounts as required for 1099 filing
• Other products: Data relevant to the specific purpose of each tool

The data you enter into our products belongs to you. We store it solely to provide the service.

1.3 Usage Data

We may collect technical information about how you use our products, including:

• Browser type, device type, and operating system
• Pages visited and features used within our applications
• Error logs and performance data

This data is used solely to improve our products and diagnose technical issues.

1.4 Communications

If you contact us for support or send feedback, we retain that communication to help resolve your issue and improve our products.

2. Bank Feed Data via Plaid (Clean Books Only)

Clean Books uses Plaid Inc. (“Plaid”) to connect to financial institutions and import bank transaction data. This section applies only to Clean Books users who connect bank accounts.

2.1 How Plaid Works

When you connect a bank account in Clean Books, you are redirected to Plaid’s secure interface to authenticate with your financial institution. Nerd Enterprises never sees or stores your banking username or password. Plaid retrieves transaction data on your behalf and passes it to Clean Books.

2.2 Data We Receive from Plaid

Via Plaid, we may receive:

• Bank account names, numbers (masked), and balances
• Transaction history (descriptions, amounts, dates, merchants)
• Account type and financial institution information

2.3 How We Use Plaid Data

Bank feed data received via Plaid is used exclusively within your Clean Books account to populate your transaction list and support reconciliation. We do not sell, share, or use this data for any purpose other than providing Clean Books to you.

2.4 Plaid’s Privacy Policy

Plaid’s handling of your financial data is governed by Plaid’s own Privacy Policy, available at https://plaid.com/legal/#end-user-privacy-policy. We encourage you to review it.

2.5 Revoking Plaid Access

You may disconnect your bank accounts from Clean Books at any time through the Bank Feeds section of the application. Upon disconnection, we cease pulling new transaction data. Previously imported transactions remain in your account unless you delete them.

3. Sensitive Data

3.1 Taxpayer Identification Numbers (Clean 1099s)

Clean 1099s collects W-9 information including Social Security Numbers and Employer Identification Numbers from vendors and contractors. This information is:

• Encrypted in transit and at rest
• Used solely for the purpose of generating 1099 tax forms
• Never sold, shared, or used for any other purpose
• Retained only as long as necessary for tax compliance purposes

3.2 Financial Records (Clean Books)

Your accounting data including transactions, invoices, bank information, and financial statements is treated as highly sensitive. It is stored with row-level security and accessible only to authenticated users of your account.

You have the right to limit the use and disclosure of your sensitive personal information as set forth in Section 9 below.

4. Third-Party Services

4.1 Supabase

Our applications are built on Supabase, a cloud database and storage platform. Your data is stored in Supabase’s infrastructure. Supabase processes data in accordance with its own privacy and security policies.

4.2 Stripe

Subscription billing is handled by Stripe. When you enter payment information, it is transmitted directly to Stripe and never stored on our servers. Stripe’s Privacy Policy governs how your payment data is handled.

4.3 Google OAuth and Google APIs

If you choose to sign in with Google, we receive your name and email address from Google as part of the OAuth flow. Clean 1099s may also use Google APIs for certain document and spreadsheet functions. We do not receive access to your Google account beyond what is necessary for the specific feature.

4.4 Anthropic (Claude API)

Clean Books uses the Claude API (provided by Anthropic, PBC) to power AI-assisted features. Data sent to the Claude API is governed by Anthropic’s Privacy Policy. AI features are triggered by your actions — we do not passively send your financial data to Anthropic.

4.5 Google Analytics

We use Google Analytics to help us understand how users engage with our website and products. Google Analytics collects data such as your IP address, browser type, and interactions with our site. You can control or opt out of this tracking by visiting Google’s Ads Settings (google.com/settings/ads) or by downloading and installing the Google Analytics Opt-out Browser Add-on.

5. How We Use Your Information

We use the information we collect to:

• Provide, operate, and improve our products and services
• Authenticate your identity and maintain account security
• Process subscription payments via Stripe
• Connect to financial institutions via Plaid (Clean Books only)
• Generate 1099 tax forms (Clean 1099s only)
• Send transactional emails — account confirmation, password reset, billing receipts
• Respond to support requests and communications
• Diagnose technical issues and improve product performance
• Comply with legal obligations including tax reporting requirements

We do NOT use your data for advertising, behavioral tracking, or sale to third parties. Ever.

6. Data Sharing

We do not sell, rent or trade your personal information, nor do we share it with third parties for cross-context behavioral advertising. In the preceding 12 months, we have not sold or shared your personal information. In the preceding 12 months, we have disclosed identifiers, financial information, and sensitive personal information to our service providers for the business purposes described below. If this practice changes, we will provide a clear and conspicuous “Do Not Sell or Share My Personal Information” link.

We share data only in the following limited circumstances:

• Service providers: Supabase, Stripe, Plaid, and Anthropic receive data only as necessary to provide their respective services to us
• Tax authorities: Clean 1099s may facilitate submission of tax information to the IRS as required by law and as directed by you
• Legal compliance: We may disclose data if required by law, court order, or government authority
• Business transfer: If Nerd Enterprises, Inc. is acquired or merged, your data may transfer as part of that transaction, subject to the same privacy protections

7. Data Security

We take data security seriously across all our products. Our security measures include:

• All data transmitted to and from our applications is encrypted in transit using TLS
• Sensitive data is stored with encryption at rest
• Row-level security policies restrict access to your data
• Passwords are never stored in plain text
• Access to production systems is restricted to authorized personnel only
• We maintain a comprehensive Written Information Security Plan (WISP)
• Cybersecurity liability insurance is maintained as required

In the event of a security breach that may affect your data, we will notify you promptly and take all necessary steps to investigate and remediate the issue. For Clean Books users: security breaches involving bank feed data will be reported to Plaid within 12 hours of our becoming aware, as required by our agreement with Plaid.

No system is 100% secure. While we work hard to protect your data, we cannot guarantee absolute security.

8. Data Retention

We retain your personal information based on the category of data and legal requirements.

• Account identifiers and usage data are retained while your account is active and deleted 30 days after closure.
• Financial and billing records are retained for up to 7 years to comply with accounting laws, and sensitive tax information (such as W-9 data) is retained as required by IRS tax compliance regulations.
• Bank feed data linked to Plaid connections will be deleted upon account closure.

You may request deletion of your data at any time by contacting us at privacy@nerdenterprises.com.

9. Your Rights

Depending on your location, you may have the following rights regarding your data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate personal data
• Deletion: Request deletion of your personal data
• Portability: Request your data in a standard exportable format
• Objection: Object to certain uses of your data
• Limiting: Limit the use of your sensitive personal information (such as your Social Security Number, Employer Identification Number, or precise financial data) strictly to the purposes necessary to provide you with our services.

Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. We will not deny you goods or services, charge you different prices, or provide a different level of quality of goods or services.

Verification Process: When you submit a request to know, delete, or correct your information, we will verify your identity by matching the identifying information you provide with the personal information we already maintain, such as requiring you to submit the request from the email address associated with your account.

Agent: You may also use an authorized agent to submit a request to know, delete, or correct your personal information on your behalf. If you use an authorized agent, we may require you to provide the agent with signed permission to submit the request and verify your own identity directly with us.

Opt-Out Preference Signals: At this time, we do not respond to Do Not Track (DNT) signals or opt-out preference signals.

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected and the right to opt out of the sale of personal information. We do not sell personal information.

To exercise your rights to access, correct, delete, or limit your data, please submit a request through our Privacy Preferences page, email privacy@nerdenterprises.com, or call our toll-free number at (866) 945-8070.

10. Cookies

Our applications use cookies necessary to operate, such as authentication session tokens, as well as third-party analytics cookies (like Google Analytics) to help us analyze site traffic and usage. We do not use cookies for cross-context behavioral advertising. When you encounter a cookie banner, declining non-essential cookies will not affect your ability to use the core functions of our products.

11. Children’s Privacy

Our products are not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a minor, please contact us immediately at privacy@nerdenterprises.com.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email and/or a prominent notice within the relevant application. The effective date at the top of this document will always reflect the most recent update.

Your continued use of any Nerd Enterprises product after a policy update constitutes acceptance of the updated terms.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: