Privacy Policy

Last updated: September 9, 2025

Who We Are

SIW s.r.o., operating the Nicco app and website at www.trynicco.com ("we," "us," or "our"), is committed to protecting your privacy. This policy explains how we collect, use, and protect your personal information when you use our quit smoking assistance service.

Contact Information:

  • Company: SIW s.r.o.
  • Email: info@trynicco.com
  • Address: Sportovcov 1179/12, 026 01 Dolný Kubín, Slovakia

Information We Collect

Account Information

  • Email address
  • Password (encrypted)
  • Account creation date

Quit Smoking Data

  • Number of cigarettes smoked
  • Cravings frequency and intensity
  • Quit attempts and streaks
  • Money saved calculations
  • Health improvement milestones
  • Progress tracking data

Technical Information

  • Device type and operating system
  • IP address and general location
  • App usage patterns and features used
  • Crash reports and error logs

Communication Data

  • Email communications with our support
  • Notification preferences

How We Use Your Information

We process your data for the following purposes:

Service Provision (Contract Performance)

  • Provide quit smoking tracking and support features
  • Send reminders and motivational notifications
  • Calculate progress, savings, and health improvements
  • Maintain your account and preferences

Communication (Legitimate Interest)

  • Send important app updates and feature announcements
  • Respond to your support requests
  • Send push notifications and emails (with your consent)

Service Improvement (Legitimate Interest)

  • Analyze app usage to improve features
  • Fix bugs and technical issues
  • Develop new features and services

Marketing (Consent)

  • Send promotional emails about new features
  • Provide information about premium subscriptions (when available)

Third-Party Services

We use the following trusted third-party services:

  • AWS (Amazon Web Services): Data hosting and storage
  • Stripe: Payment processing (for future premium features)
  • Google Tag Manager: Website analytics
  • Microsoft Clarity: User experience analytics
  • Meta, Reddit, TikTok: Marketing and advertising pixels

These services may collect additional data as described in their respective privacy policies. We ensure all third parties meet appropriate data protection standards.

Cookies and Tracking

Our website uses cookies and tracking technologies for:

  • Essential website functionality
  • Analytics to improve user experience
  • Marketing and advertising (with consent)

You can control cookie settings through your browser preferences.

Data Retention

We retain your data as follows:

  • Account data: Until you delete your account
  • Health/smoking data: Until you delete your account + 2 years for backup purposes
  • Technical logs: Maximum 12 months
  • Marketing communications: Until you unsubscribe + 3 years for compliance

Your Rights

Under GDPR and applicable privacy laws, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate information
  • Erasure: Delete your data ("right to be forgotten")
  • Portability: Export your data in a common format
  • Restriction: Limit how we process your data
  • Object: Opt-out of certain data processing
  • Withdraw consent: For consent-based processing

To exercise these rights, email us at [YOUR-EMAIL] with your request.

Data Security

We implement industry-standard security measures including:

  • Encrypted data transmission (HTTPS/TLS)
  • Secure data storage with AWS
  • Regular security assessments
  • Access controls and authentication
  • Password encryption

However, no system is 100% secure. Please use strong passwords and keep your account credentials confidential.

International Data Transfers

Your data may be processed outside the European Economic Area (EEA), particularly through AWS services. We ensure appropriate safeguards through:

  • EU-US Data Privacy Framework compliance
  • Standard Contractual Clauses
  • Adequacy decisions where applicable

Children's Privacy

Our service is not intended for children under 18. We do not knowingly collect data from minors. If we become aware of such collection, we will delete the data promptly.

Changes to This Policy

We may update this policy to reflect service changes or legal requirements. We'll notify users of significant changes via email or app notification. Continued use after changes constitutes acceptance.

Data Protection Authority

You have the right to lodge a complaint with your local data protection authority if you believe we've mishandled your personal data.

For EU residents, find your local authority at: https://edpb.europa.eu/about-edpb/board/members_en

Contact Us

For privacy-related questions or to exercise your rights:

We'll respond to all requests within 30 days as required by law.

This privacy policy complies with GDPR, CCPA, and other applicable privacy regulations.