Privacy Policy for Nther.io

Privacy Policy for Nther.io

Privacy Policy for Nther.io

Last updated: September 8, 2025


1. Data Controller Nther.io (hereinafter "we," "us," or "our") is the data controller responsible for your personal data. Company: KUT (Nther) Address: Jure Kaštelana 17a, Croatia Email: info@nther.io OIB: 47020394141 For all matters regarding the processing of your personal data or exercising your rights under the General Data Protection Regulation (GDPR), you can contact us at the above email address.


2. Legal Framework This Privacy Policy is based on:

• Regulation (EU) 2016/679 (General Data Protection Regulation - GDPR)

• Croatian Act on the Implementation of the General Data Protection Regulation (Official Gazette No. 42/18)

• Croatian Electronic Communications Act

• Other applicable Croatian and EU data protection laws


3. What is Nther.io?

Nther.io is a social network and community application designed to promote and facilitate real-life interactions between users. Our platform connects people who share similar interests and helps them organize and participate in real-world activities and events.


4. What Personal Data We Collect

4.1 Information You Provide Directly

• Account Information: Name, email address, phone number, date of birth, profile picture

• Profile Information: Bio, interests, location (city/region), preferences for activities

• Communication Data: Messages sent through our platform, posts, comments, and interactions • Event Data: Events you create, attend, or express interest in

• Verification Data: Documents for identity verification if required


4.2 Information We Collect Automatically

• Location Data: GPS coordinates and approximate location when you use location-based features (with your explicit consent)

• Usage Data: How you interact with our app, features used, time spent, pages visited

• Device Information: Device type, operating system, app version, unique device identifiers

• Log Data: IP address, browser type, access times, pages viewed


4.3 Information from Third Parties

• Social Media Integration: If you connect social media accounts, we may receive profile information according to their privacy settings

• Payment Information: Payment data processed through third-party payment providers (we do not store payment card details)


5. How We Use Your Personal Data

5.1 Purposes and Legal Basis We process your personal data for the following purposes: Performance of Contract (Article 6(1)(b) GDPR):

• Creating and managing your account

• Providing our social networking and community services

• Facilitating connections between users

• Organizing and managing events and activities

• Processing payments for premium features Legitimate Interest (Article 6(1)(f) GDPR):

• Improving our services and user experience

• Preventing fraud and abuse

• Ensuring platform security

• Analytics and insights to enhance our platform

• Marketing our services to existing users Consent (Article 6(1)(a) GDPR):

• Location-based services and features

• Marketing communications

• Sharing data with specific third parties

• Special category data processing (if applicable) Legal Obligation (Article 6(1)(c) GDPR):

• Compliance with Croatian and EU laws

• Responding to legal requests from authorities

• Tax and accounting obligations


5.2 Special Categories of Personal Data In accordance with Croatian law on the implementation of GDPR, we may process special categories of personal data (such as data revealing religious beliefs, political opinions, or health data) only with your explicit consent and for specific, legitimate purposes related to community building and event organization.


6. Location Data Processing Given the nature of our app that promotes real-life interactions, location data is particularly important:

• GPS Location: We collect precise location data only with your explicit consent

• Approximate Location: We may use approximate location (city/region level) to suggest relevant events and connections

• Location History: We may store location data to improve our services and provide relevant recommendations

• Children's Location Data: We apply additional safeguards for users under 18 years of age You can withdraw consent for location tracking at any time through your device settings or our app settings.


7. Data Sharing and Recipients

7.1 We Share Your Data With: Service Providers:

• Cloud hosting providers (with appropriate data processing agreements)

• Payment processors

• Analytics providers

• Customer support tools

• Email service providers Other Users:

• Profile information as part of our social networking features

• Event participation information

• Public posts and interactions Legal Requirements:

• Croatian authorities when required by law

• Law enforcement agencies for legitimate investigations

• Courts and regulatory bodies as legally required


7.2 International Data Transfers Some of our service providers may be located outside the European Economic Area (EEA). In such cases, we ensure adequate protection through:

• EU Commission adequacy decisions

• Standard Contractual Clauses

• Certification schemes

• Other appropriate safeguards under GDPR


8. Data Retention We retain your personal data only for as long as necessary:

• Account Data: Until you delete your account plus 30 days for backup purposes

• Communication Data: 2 years after the last interaction

• Location Data: 1 year or until withdrawal of consent

• Legal Obligations: As required by Croatian law (typically 7 years for business records)

• Inactive Accounts: Deleted after 3 years of inactivity with prior notice


9. Your Rights Under GDPR

9.1 You Have the Right To: Access (Article 15): Obtain information about how we process your data and request a copy Rectification (Article 16): Correct inaccurate or incomplete personal data Erasure (Article 17): Request deletion of your data in certain circumstances Restriction (Article 18): Limit how we process your data in specific situations Data Portability (Article 20): Receive your data in a structured format and transfer it to another service Object (Article 21): Object to processing based on legitimate interest or for direct marketing Withdraw Consent: Where processing is based on consent, you can withdraw it at any time


9.2 Exercising Your Rights To exercise any of these rights, contact us at info@nther.io We will respond within 30 days of receiving your request. You may also lodge a complaint with the Croatian Personal Data Protection Agency (AZOP) at www.azop.hr.


10. Data Security We implement appropriate technical and organizational measures to protect your personal data:

• Encryption: Data is encrypted in transit and at rest

• Access Controls: Strict access controls and authentication procedures

• Regular Security Reviews: Ongoing security assessments and updates

• Staff Training: Regular data protection training for our team

• Incident Response: Procedures for handling data breaches In case of a data breach that poses high risk to your rights and freedoms, we will notify you within 72 hours.


11. Cookies and Tracking Technologies Our app may use cookies and similar tracking technologies:

• Essential Cookies: Necessary for app functionality

• Performance Cookies: Help us analyze app usage (with consent)

• Marketing Cookies: Used for targeted advertising (with consent) You can manage cookie preferences through your device settings or our app settings.


12. Age Restrictions

12.1 Children Under 16 In accordance with Croatian implementation of GDPR, children under 16 years of age cannot provide valid consent for our services. If a child under 16 wishes to use our services, we require parental consent.


12.2 Additional Protections for Minors We implement additional safeguards for users under 18:

• Enhanced privacy settings by default

• Restricted location sharing capabilities

• Additional verification for certain features

• Parental notification options


13. Changes to This Privacy Policy We may update this Privacy Policy from time to time. We will:

• Notify you of significant changes through the app or by email

• Post the updated policy with a new "Last updated" date

• Obtain your consent for material changes where required by law


14. Contact Information Data Protection Inquiries: Email: info@nther.io Address: Jure Kaštelana 17a, Croatia Croatian Personal Data Protection Agency (AZOP): Website: www.azop.hr Address: Martićeva 14, 10000 Zagreb, Croatia


15. Language This Privacy Policy is written in English. If translated into other languages, the English version shall prevail in case of any discrepancies.


This Privacy Policy complies with Croatian and EU data protection laws as of September 8, 2025. For the most current version, please check our app or website.