Privacy Policy

1. Introduction

NHILUC LLC ("NhiLuc," "we," "us," or "our"), a Washington limited liability company, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website at nhiluc.com, use our PostFlow platform at app.nhiluc.com, or engage with any of our services.

By using our services, you consent to the practices described in this Privacy Policy.

2. Information We Collect

2.1 Information You Provide Directly

When you sign up for our services, submit a contact form, or otherwise interact with us, we may collect:

• ●Contact Information: Your name, email address, phone number, and business name.
• ●Business Information: Business address, type of business (e.g., nail salon, spa), service offerings, operating hours, and other details needed to create your website and social media content.
• ●Media and Content: Photographs, logos, images, and text content you provide for your website or social media posts.
• ●Account Credentials: Email and password used to access your PostFlow account.
• ●Payment Information: Payment details are collected and processed by Stripe, our third-party payment processor. We do not store your full credit card number on our servers.

2.2 Information Collected Automatically

When you visit our website, we may automatically collect certain technical information, including:

• ●IP address, browser type, operating system, and device information.
• ●Pages visited, time spent on pages, and referring URLs.
• ●Log data generated by our hosting provider (Vercel).

2.3 Information from Third Parties

If you connect your social media accounts (e.g., Facebook, Instagram) to our PostFlow platform, we may receive profile information, page access tokens, and content engagement data as authorized by you through those platforms' authentication flows.

3. How We Use Your Information

We use the information we collect for the following purposes:

• ●Service Delivery: To create and maintain your website, generate social media content, and manage your PostFlow account.
• ●Communication: To send you service-related emails, including onboarding instructions, account notifications, updates about your website, and billing communications.
• ●Content Creation: To use your business information and photos to generate website pages and social media posts on your behalf.
• ●Improvement: To analyze usage patterns and improve our services, platform features, and user experience.
• ●Legal Compliance: To comply with applicable legal obligations, resolve disputes, and enforce our Terms of Service.

4. Third-Party Services

We use the following third-party services to operate our platform. Each of these services has its own privacy policy governing the data they collect and process:

We do not sell your personal information to any third party. We only share data with the services listed above as necessary to deliver our services to you.

5. Data Security

We implement reasonable administrative, technical, and physical security measures to protect your personal information from unauthorized access, use, modification, or disclosure. These measures include:

• ●Encryption of data in transit using TLS/SSL.
• ●Secure storage of passwords using industry-standard hashing algorithms.
• ●Access controls limiting who within our organization can access your data.
• ●Regular security reviews of our infrastructure and third-party integrations.

However, no method of transmission over the Internet or method of electronic storage is completely secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

6. Cookies and Tracking Technologies

Our use of cookies is minimal. We do not use advertising trackers, analytics cookies, or third-party tracking pixels on our marketing website.

On our PostFlow platform (app.nhiluc.com), we use the following:

• ●Authentication Tokens: Essential cookies or local storage tokens used to keep you signed in to your account. These are strictly necessary for the platform to function and cannot be disabled.
• ●Language Preference: A local storage value to remember your preferred language (English or Vietnamese) across visits.

We do not use cookies for advertising, retargeting, or cross-site tracking purposes.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our services. If you terminate your account, we will retain your data for up to 30 days to allow for content export, after which it will be deleted from our active systems.

We may retain certain information for longer periods as required by law (e.g., tax records, billing history) or to resolve disputes and enforce our agreements.

8. Your Rights and Choices

8.1 General Rights

Depending on your location, you may have the following rights regarding your personal information:

• ●Access: Request a copy of the personal information we hold about you.
• ●Correction: Request that we correct any inaccurate or incomplete information.
• ●Deletion: Request that we delete your personal information, subject to certain legal exceptions.
• ●Portability: Request your data in a structured, commonly used, and machine-readable format.
• ●Opt-Out: Unsubscribe from marketing emails at any time using the link provided in each email.

8.2 California Residents (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights:

• ●Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business purpose for collection, and the categories of third parties with whom we share it.
• ●Right to Delete: You may request that we delete your personal information, subject to certain exceptions.
• ●Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
• ●Do Not Sell: We do not sell personal information to third parties as defined under the CCPA.

To exercise any of these rights, contact us at hello@nhiluc.com. We will respond to verifiable requests within 45 days.

8.3 European Residents (GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you may have additional rights under the General Data Protection Regulation (GDPR), including the right to access, rectify, erase, restrict processing, object to processing, and data portability. Our legal basis for processing your data includes:

• ●Contract Performance: Processing necessary to deliver the services you have requested.
• ●Legitimate Interest: Processing necessary for our legitimate business interests, such as improving our services and communicating with clients.
• ●Consent: Where you have given explicit consent for specific processing activities.

To exercise your GDPR rights or lodge a complaint, contact us at hello@nhiluc.com. You also have the right to lodge a complaint with your local data protection authority.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at hello@nhiluc.com.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. If we make material changes, we will update the "Effective Date" at the top of this page and, where appropriate, notify you by email or through a prominent notice on our website. We encourage you to review this Privacy Policy periodically.

11. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: