How NivaDesk handles account, workspace, billing, uploaded files, support and technical data.
Last updated: 16 June 2026
NivaDesk is operated by:
EGGCRAFT LIMITED Registered in England and Wales, company number 16566512 VAT number GB 514512621 141 Randolph Avenue London W9 1DN United Kingdom
EGGCRAFT LIMITED is registered with the UK Information Commissioner's Office (ICO), registration reference ZC019612.
Email: contact@nivadesk.co.uk
For privacy-related questions, data requests, or account deletion requests, please contact us by email.
This Privacy Policy applies to:
This Privacy Policy does not apply to websites, apps, or services that we do not own or control.
In some situations, we act as a data controller. This means we decide how and why certain personal data is processed. For example, we are the controller when you create a NivaDesk account, contact us, subscribe to updates, pay for a plan, or use our website.
In other situations, we act as a data processor. This means we process data on behalf of our customers. For example, if a business uses NivaDesk to store its own client names, order details, files, notes, addresses, tasks, or workflow information, that business is usually the controller of that data, and we process it according to their instructions.
If your personal data was added to NivaDesk by one of our customers, please contact that customer first if you want to exercise your rights regarding that data.
We may collect the following types of personal data.
When you create or use a NivaDesk account, we may collect:
When you use NivaDesk, you or your team may add content such as:
You are responsible for ensuring that any personal data you upload to NivaDesk has been collected and added lawfully.
If you purchase a paid plan, we or our payment providers may process:
We do not store full card numbers ourselves. Payment details are processed by third-party payment providers such as Stripe, Apple, Google, or other payment platforms depending on how you subscribe.
When you use our website or apps, we may collect:
This helps us keep NivaDesk secure, improve performance, fix bugs, and understand how users interact with our services.
If you contact us, we may collect:
If you choose to sign in with or connect a third-party service, such as Google or Apple, we may receive limited information from that service, such as:
If future NivaDesk integrations allow access to services such as calendar, files, email, storage, or other business tools, we will only access the data needed to provide the feature you choose to use.
We use personal data to:
We will not use your workspace content to advertise to your customers.
Where UK GDPR or EU GDPR applies, we rely on the following legal bases:
We process data when necessary to provide NivaDesk to you, manage your account, process payments, and deliver features you request.
We may process data for our legitimate business interests, including improving NivaDesk, preventing misuse, securing our services, responding to support requests, and understanding product usage.
We may rely on consent for optional features, marketing emails, cookies that are not strictly necessary, or certain third-party integrations.
We may process data when required to comply with law, tax, accounting, security, fraud prevention, or regulatory obligations.
NivaDesk allows users to upload and store business files, client files, documents, images, PDFs, design files, and other materials.
We process uploaded files only to provide the service, including:
We do not claim ownership of your uploaded content. You retain all rights to the content you upload, subject to the rights you grant us to operate and provide the service.
Client Files and cloud-stored message attachments require an active eligible paid plan to open, preview, download, upload, rename, or delete them through the app. If eligible paid access ends, those files may be retained for up to 90 days so access can be restored if the workspace resubscribes during that period; after the retention period they may be deleted.
If you are invited to a NivaDesk workspace, the workspace owner or administrators may be able to:
If you add another user to a workspace, you confirm that you have permission to provide their email address or other relevant information.
If you sign in using Google, Apple, or another supported authentication provider, we use the information provided by that service only to authenticate you and provide access to your account.
We do not receive or store your Google or Apple password.
If we later offer additional Google, Apple, calendar, email, file, or cloud integrations, we will only request access to the information needed for the feature and will use that information only to provide or improve the user-facing feature you choose to enable.
We will not use data from connected third-party services for advertising or sell that data to third parties.
NivaDesk may offer a ChatGPT App or connected AI feature that allows you to connect your NivaDesk workspace to ChatGPT or a similar assistant through a secure OAuth connection and MCP server.
If you choose to connect NivaDesk to ChatGPT, the assistant may request workspace data only for the workspace you select and only for the tools and permissions you authorise. Access remains subject to your NivaDesk plan, workspace role, feature permissions, and security rules.
Depending on the tools enabled for your account, ChatGPT may be able to search, summarise, create, or update NivaDesk records such as orders, order details, dashboard summaries, financial fields, tasks, order notes, personal notes, messages, quick replies, workflow status, due dates, customer information, internal IDs, timestamps, and history or audit information.
Financial data, messages, notes, and other sensitive workspace content should only be returned where your NivaDesk role and plan allow access. Write actions, such as creating an order, adding a note, or updating an order status, should only happen after your request or confirmation.
We use the ChatGPT connection to provide the integration you choose to enable. We do not sell your workspace content or use it to advertise to your customers. You can disconnect or stop using the connected feature where the product provides that option.
Payments may be processed by third-party providers such as Stripe, Apple App Store, Google Play, or other payment platforms.
These providers may collect and process payment information according to their own privacy policies and terms. We receive limited payment and subscription information needed to manage your NivaDesk plan, invoices, renewals, cancellations, refunds, and account status.
Our website and services may use cookies or similar technologies to:
Some cookies are necessary for the service to work. Others, such as analytics or marketing cookies, may depend on your consent where required by law.
You can manage cookies through your browser settings. Disabling some cookies may affect the functionality of our website or app.
To protect sign-up, sign-in and our APIs from automated abuse, our website and apps use Google reCAPTCHA and Firebase App Check. These services may set cookies and collect device, browser and usage information, which is sent to Google to tell genuine users apart from bots and other automated traffic.
Your use of reCAPTCHA is subject to the Google Privacy Policy (https://policies.google.com/privacy) and Terms of Service (https://policies.google.com/terms). We rely on our legitimate interest in keeping the service secure and preventing fraud and abuse.
We may send you emails about product updates, feature announcements, offers, or news about NivaDesk.
You can unsubscribe from marketing emails at any time by using the unsubscribe link or contacting us.
Even if you unsubscribe from marketing emails, we may still send important service emails, such as account, billing, security, subscription, or legal notices.
We do not sell your personal data.
We may share personal data with trusted third parties only when necessary to operate, support, secure, or improve NivaDesk. These may include:
We only provide service providers with the information they need to perform their services for us.
Your data may be stored or processed in the United Kingdom, European Economic Area, United States, or other countries where our service providers operate.
Where personal data is transferred outside the UK or EEA, we use appropriate safeguards where required, such as adequacy decisions, standard contractual clauses, the UK International Data Transfer Agreement, or other lawful transfer mechanisms.
We take reasonable technical and organisational measures to protect personal data, including:
However, no system is completely secure. We cannot guarantee that personal data will always remain completely secure, but we work to protect it and respond appropriately if a security issue occurs.
We keep personal data only for as long as necessary for the purposes described in this Privacy Policy.
In general:
If you delete your account or request deletion, we will delete or anonymise personal data unless we need to keep it for legal, security, accounting, dispute resolution, or legitimate business reasons.
You may request account deletion by contacting us.
Before deleting your account, we may need to verify your identity. If you are part of a workspace owned by someone else, we may need to direct you to the workspace owner for deletion of workspace content.
Where available, you may export your data from within NivaDesk. We believe customers should be able to access and export their own business data, even if their plan changes or expires, subject to reasonable technical and security limits.
Depending on where you live, you may have rights under data protection law, including the right to:
If you are in the UK, you can contact the Information Commissioner's Office at ico.org.uk.
To exercise your rights, contact us at: contact@nivadesk.co.uk
We may ask for information to verify your identity before responding to a request.
NivaDesk is not intended for children. We do not knowingly collect personal data from children.
If you believe a child has provided personal data to us, please contact us and we will take appropriate steps to delete it.
NivaDesk may contain links to third-party websites, services, integrations, or payment providers.
We are not responsible for the privacy practices of third parties. You should review their privacy policies before using their services.
We may update this Privacy Policy from time to time.
If we make material changes, we may notify you by email, in-app notice, or by updating the date at the top of this page.
Your continued use of NivaDesk after the updated Privacy Policy becomes effective means you accept the updated policy.
If you have questions about this Privacy Policy, your personal data, or your rights, please contact:
EGGCRAFT LIMITED 141 Randolph Avenue London W9 1DN United Kingdom
Email: contact@nivadesk.co.uk
