Privacy Policy

01

Who We Are

NurMunA LLC. ("NurMunA", "we", "our", or "us") is a software product company incorporated in the United States, exclusively focused on designing and engineering native applications and digital tools for the Apple ecosystem — including iOS, iPadOS, macOS, watchOS, tvOS, and visionOS.

Our principal place of business is:

NurMunA LLC
5900 Balcones Drive, Suite 100
Austin, TX 78731
United States

This Privacy Policy applies to our corporate website at nurmuna.com and our general company communications. Each NurMunA application distributed through the Apple App Store is governed by its own dedicated Privacy Policy and Terms of Service, available within the respective app listing.

02

Information We Collect

We collect the minimum data necessary to operate our website and improve our products. The categories of information we may collect include:

a) Information You Provide Directly

Contact information — name and email address when you contact us via email or any contact form on the website.
Feedback & support requests — messages, attachments, or bug reports you send us.
Comment data — if you leave a comment on our website (via WordPress), we collect the data shown in the comments form, your IP address, and your browser user-agent string to help detect spam.

b) Information Collected Automatically by Our Website

When you visit nurmuna.com, our WordPress-powered website (hosted by Namecheap Stellar Business Shared Hosting) automatically collects certain technical information as a standard part of web server and CMS operation. This includes:

IP address — your device's Internet Protocol (IP) address is logged by our web server and WordPress for security, anti-spam, and geolocation purposes. This is standard behaviour for any hosted website.
Browser & device information — browser type and version, operating system, device type, screen resolution, and language settings.
Referring URLs & navigation paths — the page or search query that directed you to our site, and the pages you visit during your session.
Date & time of access — timestamps of each page request, used for server security and traffic analysis.
HTTP request data — standard web server access logs maintained by Namecheap's hosting infrastructure.
WordPress-generated cookies — WordPress may set session cookies or preference cookies. See Section 5 (Cookies & Tracking Technologies) for full details.

c) Information Collected Automatically by Our Apps

Crash & diagnostic reports — anonymized crash logs and performance diagnostics collected through Apple's built-in frameworks, used solely for product improvement.
Aggregate usage analytics — anonymized, non-identifiable usage statistics (e.g., feature interaction frequency, session duration) available through App Store Connect analytics.
Device identifiers — anonymized identifiers used solely for crash reporting. We do not use Advertising Identifiers (IDFA) unless explicitly stated in a specific app's Privacy Policy.

App-specific data collection practices may differ from what is described here. Please refer to the individual Privacy Policy of each NurMunA application for complete details on what that app collects and why.

d) Information We Do NOT Collect

We do not collect payment or billing information directly — purchases are processed exclusively through Apple's App Store under Apple's own privacy and payment framework.
We do not build advertising profiles or track users across third-party apps or websites.
We do not sell, rent, or trade personal information to any third party.

03

How We Use Your Information

We use the information we collect solely to:

Operate and maintain our website — serving web pages, ensuring uptime, and managing WordPress CMS functionality on Namecheap hosting.
Deliver and maintain our products — ensuring our apps function correctly and reliably on Apple devices.
Improve product quality — analysing anonymized crash reports and aggregate usage trends to fix bugs and prioritize features.
Respond to inquiries — communicating with you when you contact us directly via email or any website contact form.
Spam prevention — using IP addresses and browser data to identify and block malicious or abusive traffic to our website (standard WordPress & Namecheap hosting behaviour).
Ensure security — detecting and preventing fraudulent, abusive, or unauthorized access to our website and Services.
Comply with legal obligations — meeting applicable laws, regulations, and lawful requests from public authorities.

We never use your data for behavioral advertising, profiling, or any purpose beyond what is described here.

04

WordPress & Hosting Platform

Our website at nurmuna.com is built on WordPress (an open-source content management system) and is hosted on Namecheap Stellar Business Shared Hosting. As a result, certain data processing activities occur automatically as part of how these platforms operate.

WordPress

WordPress, as a platform, may automatically collect and process the following information during normal website operation:

Server-side request logs — every HTTP request to our website generates a server log entry containing your IP address, the resource requested, date/time, and HTTP status code.
Comment author data — if comments are enabled and you submit one, WordPress stores your name, email, website URL, IP address, and comment text in our WordPress database.
WordPress session cookies — WordPress sets authentication cookies if you log in to the WordPress admin area. Regular site visitors without admin access are not issued persistent login cookies.
Spam filtering — WordPress may use plugins (such as Akismet) to filter comment spam. If enabled, comment content and metadata may be transmitted to Akismet's servers. See Akismet's privacy policy for details.

Namecheap Stellar Business Shared Hosting

Our website is served from servers managed by Namecheap, Inc. Under Namecheap's Stellar Business Shared Hosting plan, Namecheap acts as a data processor on our behalf and has access to server infrastructure and logs. Namecheap collects and processes data in accordance with their own Privacy Policy.

Server access logs — Namecheap's infrastructure records access logs at the server level, which may include visitor IP addresses, request timestamps, and resource paths.
Hosting infrastructure security — Namecheap implements server-level firewalls, DDoS mitigation, and intrusion detection, which may involve processing network traffic data.
Data storage location — your data is stored on Namecheap servers located in the United States. If you are accessing our website from outside the US, your data may be transferred to and processed in the United States.

NurMunA maintains a Data Processing Agreement (DPA) with Namecheap to mandate that any personal data processed by Namecheap on our behalf is handled in compliance with applicable privacy laws, including GDPR.

WordPress Plugins

We may use WordPress plugins to enhance website functionality (e.g., SEO tools, security scanners, or contact form plugins). Any plugin that processes personal data will be listed below with a link to its privacy policy. We audit our plugin list regularly and remove any plugin that does not meet our data minimization standards.

We do not install tracking, advertising, or behavioural analytics plugins.
Contact form submissions (if any) are stored securely in our WordPress database and are not shared with third parties.

05

Cookies & Tracking Technologies

Our website uses cookies — small text files stored on your device by your browser — to enable core website functionality. We do not use cookies for advertising or cross-site tracking.

Cookies We Use

Strictly Necessary Cookies — required for the website to function. These include WordPress session and security tokens (e.g., wordpress_test_cookie, wordpress_logged_in_*). These are set only if you log in to the WordPress admin area.
Preference Cookies — used to remember user settings (e.g., language or display preferences). These are set only if you interact with features that require preference storage.
Security Cookies — short-lived cookies used by WordPress and Namecheap's hosting infrastructure to validate requests and prevent cross-site request forgery (CSRF).

Cookies We Do NOT Use

We do not use advertising or retargeting cookies (e.g., Google Ads, Facebook Pixel).
We do not use third-party analytics cookies that track you across other websites (e.g., Google Analytics Universal tracking cookies).
We do not use fingerprinting or supercookies.

Managing Cookies

You can control and delete cookies through your browser settings. Disabling strictly necessary cookies may affect website functionality. For guidance on managing cookies, visit allaboutcookies.org.

06

App-Specific Privacy Policies & Terms

NurMunA develops multiple independent applications for the Apple ecosystem. Each application has its own Privacy Policy and Terms of Service, which govern data collection, processing, and user rights specific to that product.

This website Privacy Policy covers nurmuna.com only. It does not govern data collected or processed within any NurMunA application. Always refer to the Privacy Policy and Terms of Service linked within each app's App Store listing or in-app settings screen.

App-specific legal documents will address, among other things:

What personal or usage data the app collects on-device or via the network.
Whether the app uses iCloud / CloudKit, HealthKit, HomeKit, or other Apple frameworks that access sensitive data.
In-app purchase, subscription, and refund terms.
Any third-party SDKs or services integrated into that specific app.
Age rating, content restrictions, and parental controls applicable to that app.

If you cannot locate the Privacy Policy or Terms of Service for a specific NurMunA app, please contact us at contact@nurmuna.com and we will direct you to the correct document.

07

Legal Basis for Processing

For users in the European Economic Area (EEA), the United Kingdom, or Switzerland, we rely on the following legal bases under the General Data Protection Regulation (GDPR):

Legitimate interests — operating, securing, and improving our website and Services, including standard server logging by WordPress and Namecheap hosting.
Contract performance — providing the features and services you have chosen to use.
Legal obligation — complying with applicable laws and regulatory requirements.
Consent — where we have explicitly requested and received your consent for a specific processing activity (e.g., optional analytics or non-essential cookies). You may withdraw consent at any time.

08

Data Sharing & Disclosure

We do not sell your personal information. We may share limited data only in the following circumstances:

Namecheap, Inc. (Hosting Provider) — as our web host, Namecheap processes server-level data (including IP addresses and access logs) in their role as a data processor on our behalf. This is governed by Namecheap's Privacy Policy.
WordPress.org (CMS platform) — our self-hosted WordPress installation may connect to WordPress.org services for plugin and theme updates. No personal visitor data is shared with WordPress.org.
Apple Inc. — our applications are distributed through the Apple App Store. Purchases, subscriptions, and in-app transactions are governed by Apple's Privacy Policy.
Infrastructure providers — we may use Apple CloudKit or other reputable cloud storage providers for app data. These providers are bound by strict data processing agreements and are not permitted to use your data for their own purposes.
Legal requirements — we may disclose information if required by law, court order, or governmental authority, or to protect the rights, property, or safety of NurMunA, our users, or the public.
Business transfers — in the event of a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction. We will provide prominent notice before any such transfer occurs.

09

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy, or as required by applicable law:

Support & contact form submissions — retained for up to 24 months after your last interaction, then securely deleted.
WordPress comment data — retained indefinitely unless you request deletion, to maintain the integrity of comment threads.
Server & access log data — retained for a maximum of 90 days by Namecheap's hosting infrastructure for security and debugging purposes.
Anonymized analytics — may be retained indefinitely, as they contain no personally identifiable information.

You may request earlier deletion of your data at any time (see Section 10 — Your Privacy Rights).

10

Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data. We honor all valid requests promptly and within the timeframes required by applicable law.

Right of access — request a copy of the personal data we hold about you.
Right to rectification — request correction of inaccurate or incomplete data.
Right to erasure — request deletion of your personal data ("right to be forgotten").
Right to restrict processing — ask us to limit how we use your data.
Right to data portability — receive your data in a structured, machine-readable format.
Right to object — object to processing based on our legitimate interests.
Right to withdraw consent — withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing.

To exercise any of these rights, email us at contact@nurmuna.com. We will respond within 30 days (or within any shorter period required by applicable law). We may need to verify your identity before processing your request.

11

California Residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you the following additional rights:

Right to Know — the categories and specific pieces of personal information we have collected about you, and how it is used and shared.
Right to Delete — request deletion of your personal information, subject to certain exceptions.
Right to Opt-Out of Sale or Sharing — we do not sell or share personal information for cross-context behavioral advertising.
Right to Correct — request correction of inaccurate personal information.
Right to Limit Use of Sensitive Personal Information — we do not collect sensitive personal information as defined by CPRA beyond what is strictly necessary.
Right to Non-Discrimination — we will not discriminate against you for exercising any of your CCPA rights.

To submit a verifiable consumer request, contact us at contact@nurmuna.com. We will respond within 45 days as required by California law.

12

Children's Privacy

Our website is not directed to children under the age of 13, or under the age of 16 for users in the European Economic Area. We do not knowingly collect personal information from children through nurmuna.com.

If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us immediately at contact@nurmuna.com and we will take prompt steps to delete the information.

Where any of our apps are designed for younger audiences, the applicable age restrictions and parental control requirements are described in that app's individual Privacy Policy and App Store listing.

13

Data Security

We implement industry-standard technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include:

SSL/TLS encryption (HTTPS) for all data in transit between your browser and nurmuna.com.
Namecheap's server-level firewalls, DDoS mitigation, and malware scanning included with Stellar Business hosting.
Regular WordPress core, theme, and plugin updates to patch security vulnerabilities.
Restricted WordPress admin access — only authorized personnel have administrator credentials.
Apple Keychain and Secure Enclave for sensitive on-device data in our apps.
Regular internal security reviews and dependency audits.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security.

14

Third-Party Links

Our website or applications may contain links to third-party websites or services (such as the Apple App Store, Namecheap, GitHub, or others) that are not operated by NurMunA. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

We strongly advise you to review the privacy policy of any third-party site you visit.

15

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, products, hosting configuration, or applicable law. When we make material changes, we will:

Update the "Last Updated" date at the top of this page.
Post a notice on our website for at least 30 days.
Where required by law, notify affected users directly by email.

We encourage you to review this Privacy Policy periodically. Your continued use of our website or Services after changes become effective constitutes your acceptance of the updated policy.

16

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, please do not hesitate to reach out to us.