Concept · article 06 of 07

What data
nouz stores.

The honest inventory: your email, your shop's financial entries, and what we don't collect.

Ibrahim Ölmez Ibrahim ÖlmezFounder · nouz · 5 min read · Updated May 18, 2026
Minimum viable data. We collect what we need to run your daily P&L and your subscription. Nothing else. No tracking, no profiling, no third-party data brokers.

nouz collects the minimum data needed to run your P&L and your subscription, and nothing else. The full inventory below is genuinely complete — if it's not listed here, we don't have it.

01 What data does nouz collect about me?

  • Your email address. Used for login, password resets, support, billing notifications.
  • Your password (hashed). We store a bcrypt hash, not the password itself. We can't see it; nobody can recover it from a backup.
  • Your business profile. Name, country, language.
  • Your locations. Name and country per location.
  • Your financial entries. Revenue, expenses, products, fixed costs — exactly what you log.
  • Your subscription state. Plan key, billing date, status — synced from Stripe.
  • Server-side logs. Standard error logging via Sentry. Includes route paths and error stack traces, no PII.

02 What data does nouz NOT collect?

  • Your customers' data. nouz is your P&L, not a CRM. We never see individual customer transactions, names, or contact details.
  • Your bank or accounting details. We don't integrate with banks; we don't see deposits.
  • Tracking pixels or session recordings. No Hotjar, no FullStory, no behaviour profiling.
  • Analytics tied to your identity. We use minimal analytics (page views, conversion events) but not tied back to individual user accounts.
  • Cross-site cookies. Only first-party cookies for auth and language preference.

03 Where is my data stored?

Your data lives in EU-region Supabase databases (managed Postgres). Backups are encrypted at rest. Stripe holds your billing data on their servers. Email transactional messages flow through Resend. All three are GDPR-covered. We don't share data with third parties beyond these three operational dependencies.

04 Who can access my data?

Access is strictly limited. You have full access to everything in your account, through the UI and via export. nouz engineers have server-side access for debugging when you ask for help and for maintenance — we don't browse customer data casually. Beyond that, Sentry sees only error stack traces (no PII), and Stripe holds your billing data but never your financial entries. The full breakdown is below.

  • You — full access to everything in your account via the UI and via export.
  • nouz engineers — server-side access for debugging when you ask for help, and for maintenance. We don't browse customer data casually.
  • Sentry — error stack traces only (no PII).
  • Stripe — your billing data (the email + card details you gave them; they don't see your financial entries).
GDPR data requests. You can request a full data export or full deletion any time. The export button on Settings covers both — and account deletion respects the 30-day grace + permanent wipe pattern.

Was this article helpful?

Your vote helps us decide what to write next.

Still stuck? Email support@nouz.co — a founder replies, usually the same business day.