Privacy Policy

Last updated: 13 July 2026

Nimo ("we", "us") is a communication app for nurseries and kindergartens, operated through nimo.club. It lets school staff share daily updates, photos and messages with the families of the children in their care.

This policy explains what personal data is processed when you use Nimo, why, where it is stored, and what rights you have. If anything is unclear, write to us at hello@nimo.club — we answer personally.

1. Who is responsible for your data

Your school decides what information is recorded in Nimo. For the data about children and families (profiles, daily logs, photos, messages), the school is the data controller and Nimo acts as its data processor — we process that data only on the school's instructions.

For the data needed to operate the service itself (user accounts, technical logs, push notification tokens), Nimo is the data controller.

2. What data we process

3. Photos and videos of children

Photos and videos are taken and uploaded by school staff. They are visible only to the school's staff and to the family members the school has authorised for each tagged child.

Media is stored in the European Union and delivered through time-limited signed links. It is never public, never used for advertising, never used to train AI systems, and never shared with third parties beyond the storage providers listed below.

4. Why we process data (legal bases)

5. Where data is stored

All data is stored in the European Union: application data on Google Cloud (Belgium) and photos/videos on Amazon Web Services (Ireland). Data is encrypted in transit.

6. Service providers (sub-processors)

We use a small number of infrastructure providers, each bound by data processing agreements:

7. What we never do

8. How long we keep data

Data is kept while the school's contract with Nimo is active. When a school leaves Nimo, its data is deleted within 90 days, allowing for backup cycles. Schools can delete individual photos, messages or child profiles at any time, and parents can request deletion of their child's data through the school.

9. Security

All traffic is encrypted (TLS). Access is role-based: parents only ever see their own children. Photos and videos are served through expiring signed links. If you enable Face ID / biometric unlock, the biometric check happens entirely on your device — we never receive biometric data.

10. Your rights

Under the GDPR you can request access to, correction of, deletion of, or a copy of your personal data, and you can object to or restrict certain processing.

For data about your child, the quickest route is your school, which controls that data. For anything else — or if you need help — contact us at hello@nimo.club. You also have the right to lodge a complaint with your data protection authority (in Spain, the AEPD at aepd.es).

11. App permissions

The app may ask for the following device permissions. All of them are optional and can be revoked in your device settings:

12. Children

Nimo accounts belong to adults: school staff and parents or guardians. Children do not have accounts and cannot use the app. Information about children is entered by the school under its own legal responsibility and the consent it collects from families.

13. Changes to this policy

If we change this policy, we will publish the new version on this page and inform schools of any material changes before they take effect.

14. Contact

Nimo · nimo.club · hello@nimo.club

← Back to nimo.club