Last updated: March 2026 Β· Greenlyz LLC
thenooks.app ("Nooks") is operated by Greenlyz LLC. This policy explains what data we collect, how we use it, and your rights regarding it. If you have questions, contact us at privacy@thenooks.app.
Account data: Your username, email address, password (stored as a bcrypt hash β never in plain text), profile picture, and account preferences including font preference and notification settings.
Content you post: Crannies (posts), Crumbs (comments), saved posts, Nooks you create or join, marketplace listings and store information, and any Google Drive links you add to a Nook.
Communications: Messages sent via direct messaging and notification content.
Security data: IP addresses, device fingerprints (a hash of your IP and browser), and login timestamps. This data is used to detect duplicate accounts, prevent abuse, and investigate security incidents.
Session data: A single session cookie keeps you logged in. We do not use tracking cookies or advertising cookies. We do not use third-party analytics that track you across sites.
Payment data: If you purchase advertising, payment is processed by Stripe. We do not store credit card numbers. We retain transaction records (amount, date, ad ID) for accounting purposes.
Uploaded images: Images you upload may be scanned by automated content moderation systems. Detected violations involving child sexual abuse material (CSAM) are reported to NCMEC as required by the PROTECT Our Children Act.
If you add a Google Drive link to a Nook, the URL is encrypted using AES-256-GCM before storage. We cannot read the contents of your Google Drive files β we only store and display the link. The encryption key is stored separately from the database. Even in the event of a database breach, stored Drive URLs cannot be read without the encryption key.
Drive links are only visible to logged-in members, moderators, and owners of that specific Nook. Non-members and logged-out visitors cannot see them.
Important: Greenlyz LLC stores only the URL β we have no visibility into the file's contents, its Google-level sharing permissions, or who else may have access to it via Google's own sharing controls. The privacy of a linked Google Drive file is determined by the file owner's settings in Google Drive, not by Nooks. If a file is set to "Anyone with the link" in Google Drive, it remains accessible to anyone regardless of how we protect the URL on our end. You are responsible for reviewing your Google Drive sharing settings before linking any file. See our Terms of Service Section 8 for the full scope of liability regarding shared Drive content.
We do not sell your personal data. We do not use your data for advertising targeting. We do not share your data with third parties except as described in Section 5.
Stripe: Payment processing for advertising purchases. Governed by Stripe's Privacy Policy.
Brevo (Sendinblue): Transactional email delivery (notifications, digests, 2FA codes). Email addresses are transmitted to Brevo solely for delivery.
NCMEC: We are required by law to report detected CSAM to the National Center for Missing and Exploited Children. Reports include relevant account and content data.
Law enforcement: We will disclose data to law enforcement when required by a valid legal process (subpoena, court order, or emergency disclosure request involving imminent risk to life).
No other sharing: We do not sell, rent, or share your data with advertisers, data brokers, or any other third party.
Your account data and content are retained for as long as your account is active. When you delete your account, your data is removed from public view immediately and purged from backups within 30 days. Email addresses used for NCMEC-reported content are retained as required by law.
We use the following security measures:
No system is perfectly secure. In the event of a data breach affecting your personal data, we will notify affected users as required by applicable law.
We use a single session cookie (nooks.sid) to keep you logged in. This cookie is HTTP-only, secure, and scoped to thenooks.app. We do not use tracking cookies, advertising cookies, or third-party cookies of any kind.
You have the right to access, correct, or delete your personal data at any time. You can update your account information from your profile settings, and delete your account entirely from the account deletion page. To request a copy of your data or ask questions, email privacy@thenooks.app.
Nooks is not intended for users under 13. We do not knowingly collect personal data from children under 13. If we become aware that a user is under 13, we will terminate their account and delete their data.
thenooks.app is a general-purpose community platform. It is not certified, audited, or designed to meet the requirements of specialized regulatory frameworks. If you are considering using Nooks for purposes covered by any of the regulations below, please read this section carefully before doing so.
thenooks.app is not HIPAA-compliant and is not designed to store, transmit, or process Protected Health Information (PHI) as defined by the Health Insurance Portability and Accountability Act.
Specifically, we have not:
What this means for you: Do not use Nooks to share patient names, medical record numbers, diagnoses, treatment information, prescription details, insurance information, or any other information that could identify an individual's health status. If you are a covered entity or business associate under HIPAA, using Nooks to communicate PHI would be a violation of HIPAA, not ours.
General health-related community discussion β wellness groups, fitness communities, nutrition advice shared by members β does not constitute PHI and is welcome on Nooks.
thenooks.app is not certified under FERPA (Family Educational Rights and Privacy Act) or positioned as a COPPA-compliant platform for use with children under 13.
Specifically:
What this means for you: K-12 schools and school districts should not deploy Nooks as a student communication tool without first consulting their district's technology and privacy officers. FERPA applies to educational records held by institutions, not to the tools students use for general discussion β but COPPA and state student privacy laws (such as SOPIPA in California) impose additional obligations on platform operators. We have not completed the compliance work those laws require of us.
Nooks is appropriate for college and university communities, adult learners, professional education, and continuing education groups where all participants are 18 or older.
thenooks.app is operated by Greenlyz LLC, a US company. We do not actively market to or solicit users in the European Union. If you are located in the EU and choose to use Nooks, please be aware that your data will be processed in the United States and that we have not completed a formal GDPR compliance review, appointed a Data Protection Officer, or established EU-US data transfer mechanisms (such as Standard Contractual Clauses).
EU residents who have questions about their rights under GDPR should contact privacy@thenooks.app.
California residents have rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise your rights under CCPA, contact privacy@thenooks.app.
thenooks.app is not a financial services platform and does not hold any financial licenses. The marketplace feature allows community members to list items for sale and contact each other directly β Nooks never processes, holds, or facilitates any payments. Marketplace transactions are entirely between buyers and sellers. We accept no liability for any financial transaction conducted between members. If you use Nooks to discuss investments, securities, or financial advice, that content is the view of individual members and does not constitute regulated financial advice.
Nooks hosts communities including legal commentary and analysis Nooks (such as LawTubers). Content in those communities is for informational and entertainment purposes only and does not constitute legal advice, establish an attorney-client relationship, or create any professional obligation. Nooks is not a legal services platform and is not affiliated with any bar association or legal professional body.
We may update this Privacy Policy. We will notify users of material changes by posting a notice on the platform. Continued use of Nooks after changes constitutes acceptance.
Privacy questions: privacy@thenooks.app
Greenlyz LLC Β· greenlyz.com
πͺ We use a single session cookie to keep you logged in. No tracking cookies. No ads. See our Privacy Policy for details.
Add Nooks to your home screen for the full app experience.