Privacy

Privacy notice

Last updated: February 16, 2026

This notice explains how NestBoost handles data when you use the site and mortgage planning tools.

1. Data We Process

Account identifier from Firebase Authentication (user ID and email context).
Profile preferences (currency, stamp duty region, buyer type, forecast defaults).
Saved mortgage scenarios and derived summaries you choose to store.
Operational diagnostics and security logs required to run the service.

2. How Data Is Used

Provide mortgage calculations, scenario save/restore, and premium insights.
Persist your profile defaults and account preferences across sessions/devices.
Operate account security controls (authentication and server session checks).
Maintain availability, fraud prevention, and product reliability.

3. Storage And Retention

Data is stored in Google Firestore under your authenticated user scope (`users/uid` and `users/uid/mortgage_scenarios/*`) when you use account-backed persistence features.

If you sign in, we set a secure HttpOnly session cookie to keep your account session active on protected pages. This cookie is used for authentication only and is cleared on sign out.

Some settings and temporary state may also be stored locally in your browser for resilience and UX fallback.

Retention baseline: active scenarios are kept until you delete them; archived scenarios are retained for up to 24 months and may then be automatically removed; profile defaults are retained until account-data deletion is requested.

4. Your Rights (Export And Delete)

From profile settings, you can export your account data and request deletion of saved account data.

Export provides your profile and saved scenarios in a portable JSON format. Delete removes your stored profile/scenario records from our application data store.

5. Third-Party Services

NestBoost uses third-party infrastructure providers including Google Cloud, Firebase Authentication, and Firestore. External market/base-rate data providers may also be used. These services may apply their own operational policies.

6. Important Legal Note

This page is an operational privacy notice for product use and does not replace formal legal documentation where jurisdiction-specific wording is required.

3. Storage And Retention

Data is stored in Google Firestore under your authenticated user scope (`users/uid` and `users/uid/mortgage_scenarios/*`) when you use account-backed persistence features.

If you sign in, we set a secure HttpOnly session cookie to keep your account session active on protected pages. This cookie is used for authentication only and is cleared on sign out.

Some settings and temporary state may also be stored locally in your browser for resilience and UX fallback.