California Privacy Notice

This California Privacy Notice supplements the information in our Privacy Policy and applies solely to individuals who reside in California. It describes how we collect, use, and disclose Personal Information (“PI”) as defined under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

In the preceding 12 months we have collected the following categories of PI, as described in Section 2 of the Privacy Policy:

• Identifiers (e.g., name, email address) and contact details you submit via forms or account registration.
• Internet or network activity (basic usage logs captured by our hosting provider for security and operations).
• Inferences or support records generated when you contact us for assistance.

We do not knowingly collect “sensitive” personal information as defined by the CPRA.

We obtain PI directly from you (e.g., through forms, account sign-ins, newsletter subscriptions) and automatically from your device when you access the Service (e.g., server logs). We may also generate PI internally (e.g., notes related to support interactions).

We use PI for the business purposes outlined in Section 3 of the Privacy Policy, such as providing the Service, communicating with you, maintaining security, and complying with legal obligations. We do not “sell” or “share” PI for cross-context behavioural advertising as those terms are defined under the CCPA/CPRA.

We disclose PI to service providers that support the Service (e.g., Supabase for hosting and authentication, email providers for communications) pursuant to written contracts that restrict their use of PI. We do not knowingly disclose PI to other third parties outside these service providers, except as required by law.

• Right to know the categories and specific pieces of PI we collect, use, and disclose.
• Right to delete PI we have collected, subject to certain exceptions (e.g., compliance obligations).
• Right to correct inaccurate PI that we maintain about you.
• Right to opt out of sale or sharing of PI (not applicable because we do not sell or share PI for cross-context behavioural advertising).
• Right to limit use and disclosure of sensitive PI (not applicable because we do not collect sensitive PI).
• Right to non-discrimination for exercising any of the rights above.

To exercise your California privacy rights, email legal@nostress-ai.com with the subject line “CCPA Request.” Please describe the request (access, deletion, correction) and provide the email address associated with your interactions. We will verify your identity before acting on the request, which may require additional information or documentation. You may also authorise an agent to submit a request on your behalf; in that case we will require proof of authorisation.

We aim to respond within 45 days. If we need additional time (up to a total of 90 days), we will notify you.

We retain PI for as long as necessary to fulfil the purposes outlined in our Privacy Policy, comply with legal obligations, and resolve disputes. When retention is no longer necessary, we delete or anonymise the information in accordance with our internal policies.

We may revise this notice periodically. When we do, we will update the revision date below and, if material changes occur, we will provide additional notice as required by law. Continued use of the Service after changes become effective constitutes your acknowledgement of those changes.

For questions about this notice or how we handle California privacy rights, contact legal@nostress-ai.com.