Privacy Policy — Nextgen CLI

Last updated: September 2, 2025

This Privacy Policy explains how Guerrilla Interactive (“we”, “us”) collects, uses, and shares information when you use Nextgen CLI, our website, dashboard, and related services (“Services”).

1) Scope

  • CLI (installation, updates, optional telemetry)
  • Website & docs
  • Dashboard/account (e.g., Clerk login)
  • Payments (e.g., Stripe)
  • Support & partner program communications

2) Data We Collect

You provide

  • Account details (name, email, user ID, profile image) via authentication provider.
  • Billing info (receipts, billing address) via payment processor (we don’t store full card numbers).
  • Support messages, files, and partner program details you share.

Collected automatically

  • Optional minimal CLI telemetry: CLI version, OS, generic success/failure signals, anonymized feature flags. No source code scanning/upload.
  • Diagnostics/security logs (e.g., IP address, timestamps, error traces).
  • Website analytics & cookies (consent where required).

3) How We Use Data (legal bases)

  • Provide, operate, and authenticate the Services (GDPR Art. 6(1)(b)).
  • Process payments and comply with accounting/tax laws (Art. 6(1)(b),(c)).
  • Secure, maintain, debug, and improve the Services (Art. 6(1)(f) legitimate interests).
  • Analytics and product communications; marketing only with consent where required (Art. 6(1)(a),(f)).
  • Run partner/referral attribution (Art. 6(1)(b)).
    You may withdraw consent at any time where consent is the basis.

4) Sharing & Processors

We share data only as needed to run the Services:

  • Authentication: Clerk (user accounts, sessions)
  • Payments: Stripe (payment processing, receipts)
  • Hosting/CDN: Vercel or equivalent (site/app hosting, logs)
  • Support/ops tools: if used, under data protection terms

Disclosures may occur to comply with law or during a business transaction (e.g., merger), under appropriate protections. We do not sell personal data.

5) International Transfers

We operate from Norway (EEA). When transferring data outside the EEA, we rely on adequacy decisions or Standard Contractual Clauses (SCCs) with appropriate safeguards.

6) Retention

  • Account data: while active + up to 24 months after last activity (unless legal obligations require longer).
  • Billing/receipts: as required by law (typically 5 years).
  • Logs/telemetry: 90–365 days, unless needed longer for security/legal reasons.

7) Security

We apply reasonable technical and organizational measures (encryption in transit, access controls, least-privilege). No system is 100% secure.

8) Your Rights (EEA/UK & similar)

You may have rights to access, rectify, erase, restrict, object, and data portability, and to withdraw consent.
Requests: frikk@guerrilla.no.
You may complain to your local authority; in Norway: Datatilsynet.

9) Children

The Services are not directed to children. Do not use the Services if you are under the age of consent in your jurisdiction.

10) Cookies & Consent

  • Essential cookies for login and security.
  • Analytics/marketing cookies only with consent (managed via a consent banner, e.g., Cookiebot or similar).
    Manage preferences through the banner where implemented.

11) Telemetry Opt-Out

CLI telemetry is minimal and never reads your source code. To disable entirely:

# Shell export NEXTGEN_TELEMETRY_DISABLE=1 # PowerShell $env:NEXTGEN_TELEMETRY_DISABLE="1"

12) Changes

We may update this Policy. We’ll post updates with a revised “Last updated” date and may notify via dashboard or CLI for material changes.

13) Contact

Guerrilla Interactive — Oslo, Norway
Email: frikk@guerrilla.no