Privacy Policy

Plain-language summary

We’re a small team and we’d rather be straight with you than hide behind legal language, so here’s the short version. We don’t sell your data. We collect the least we need. We use it only for the purposes set out below. You can reach us at any time at privacy@njuru.com to ask what we hold about you, ask us to correct or delete it, or to complain. The sections below are the legally complete version.

1. Who we are

This Privacy Policy applies to technooptics.com and to the websites, apps, and services operated by Njuru LLC and its affiliated brands and ventures (together, the “Njuru group”, “we”, “us”, or “Services”). The data controller for personal information collected through the Services is:

Njuru LLC
A Minnesota limited liability company
Minneapolis, Minnesota, United States
Email: privacy@njuru.com
General contact: hello@njuru.com

For visitors located in the United Kingdom or European Economic Area, you may also contact our designated representative for data protection matters at the email address above. We will appoint and publish details of an EU/UK representative under Article 27 GDPR if and when we are required to do so.

1.1 Companies covered by this Policy

This Policy applies to Njuru LLC and to each of the affiliated brands and ventures listed below. Where one of these ventures publishes its own additional or superseding privacy notice for a specific product, that notice will apply to that product in addition to (or, where stated, instead of) this Policy.

• Njuru LLC , www.njuru.com
  A limited liability company. The parent company of the Njuru group. Parent company. Owns the digital ventures listed below and operates them as a single, considered family of companies.
• Techno Optics , www.technooptics.com
  A subsidiary venture of Njuru LLC. Our digital studio. Software, design, growth, and the patient work of making things useful, for the projects we build and a small number of external partners.
• Advottic , www.advottic.com
  A subsidiary venture of Njuru LLC. A gentler way to build a legal case. Helps people prepare and organize their legal case, especially when they are facing the system without a lawyer.
• Taxottic , www.taxottic.com
  A subsidiary venture of Njuru LLC. Plain-language tax forecasting and planning. AI-assisted guidance that explains itself, with a privacy-first approach to your numbers.
• Rolls & Digs , www.rollsanddigs.com
  A subsidiary venture of Njuru LLC. A pocket drag-strip and digital garage for drivers. Solo runs, head-to-head matchups, and a build history for the cars you have loved.

2. What information we collect

We collect personal information in three main ways:

2.1 Information you give us directly

• When you contact us through the website, by email, or by phone, for example your name, organization, email address, phone number, and the contents of your message.
• When you engage us as a client, billing details, signatories, authorised contacts, and any project-specific information you choose to share with us.
• When you interact with the “Ask Bella” assistant on our site , the text of your messages and our responses, used to provide the conversation and improve the assistant.

2.2 Information we collect automatically

• Basic technical data your browser sends when you visit a page: IP address (truncated where reasonable), browser type and version, operating system, referring page, pages viewed, and time of visit.
• A small number of essential cookies and similar local-storage entries required to keep the site secure and to remember your privacy preferences. See our Cookie Policy for the full list.

2.3 Information we receive from third parties

• From sub-processors that help us deliver the Services. We list these in Section 6 below.
• From you indirectly, for example when a colleague refers you to us and shares your contact details so we can reach out.

3. How we use your information, lawful bases (GDPR)

We process personal information only when at least one of the following lawful bases under Article 6 of the UK and EU GDPR applies:

• Contract, to provide services you’ve asked us to deliver or to take steps at your request before entering into a contract.
• Legitimate interests, to operate, secure, and improve the Services, to respond to enquiries, to keep records of our dealings, and to communicate with prospective clients in a manner balanced against your rights and freedoms.
• Consent, for non-essential cookies, marketing email, or any optional feature that asks for it. You can withdraw consent at any time.
• Legal obligation, where we must process information to comply with applicable law, such as tax record keeping, accounting, or responses to lawful requests from authorities.

4. Why we use it

• To respond to your enquiry or to deliver work you have engaged us for.
• To send transactional messages (project status, invoices, security notices).
• To run, secure, and improve the website and our internal tools.
• To send occasional updates about Njuru, only where you have opted in or where it is permitted as a soft opt-in to existing clients. You can opt out at any time.
• To meet our legal, tax, accounting, and compliance obligations.

We do not use your personal information for automated decision-making that produces legal or similarly significant effects, and we do not use it for profiling.

5. Children

The Services are not directed to children under 16 and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please write to privacy@njuru.com and we will take prompt steps to delete it.

6. Who we share information with

6.1 Within the Njuru group

We share personal information among the entities listed in Section 1.1 only on a need-to-know basis, for the purposes set out in Section 4 (delivering services, supporting clients across our brands, securing the Services, meeting legal obligations, and shared back-office functions such as accounting and IT). Each entity is bound by the same privacy commitments described in this Policy, and intra-group transfers are protected by the same technical and organisational measures.

6.2 With third parties

We share personal information only when necessary to provide the Services or meet our legal obligations. Categories of recipient include:

• Sub-processors and service providers that help us run the Services, including our website hosting and content-delivery provider, our email-delivery provider, our error-monitoring provider, and, where applicable, our payment provider. Each is bound by appropriate data protection terms. A current list of categories is available on request.
• Professional advisers, our lawyers, accountants, insurers, and similar advisers, where reasonably necessary.
• Authorities, where we are required to disclose information by law, court order, or other valid legal process.
• Successors, in connection with a merger, acquisition, financing, or sale of all or part of our business; in such cases the recipient must continue to honour the commitments we have made here.

We do not sell or share personal information for cross-context behavioural advertising as those terms are defined under the California Consumer Privacy Act (as amended by the CPRA) or under any other applicable law.

7. International transfers

We are based in the United States. If you access the Services from outside the United States, your information will be transferred to, stored in, and processed in the United States and other countries where our sub-processors operate. Where such a transfer originates in the UK, EEA, or Switzerland, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses, the UK’s International Data Transfer Addendum, and equivalent measures, in each case combined with technical and organisational protections. You can request a copy of the relevant safeguards at privacy@njuru.com.

8. How long we keep it

We keep personal information for the shortest period reasonable for the purpose:

• Enquiries that don’t turn into engagements: up to 24 months from your last contact.
• Client records and correspondence: for the duration of the engagement plus 7 years for tax, accounting, and limitation-period reasons.
• Marketing preferences: until you withdraw consent or until we determine the record is no longer needed.
• Web logs and security records: typically 30-180 days.

9. Your rights

Depending on where you live, you may have some or all of the following rights:

• Access, ask for a copy of the information we hold about you.
• Rectification, ask us to correct inaccurate information.
• Erasure, ask us to delete information in certain circumstances.
• Restriction, ask us to limit how we process your information.
• Portability, receive certain information in a machine-readable format.
• Objection, object to processing based on legitimate interests, including direct marketing.
• Withdraw consent, where we rely on consent, you can withdraw it at any time.
• California-specific rights, under the CCPA / CPRA, the right to know, the right to delete, the right to correct, the right to limit use of sensitive personal information, the right to opt out of sale or sharing (we do not sell or share), and the right not to be retaliated against for exercising your rights.
• Lodge a complaint, with your local supervisory authority. In the UK, this is the Information Commissioner’s Office (ico.org.uk). In the EEA, your national data protection authority. We’d appreciate the chance to address your concerns first.

To exercise any of these rights, write to privacy@njuru.com. We will respond within the time limits set by applicable law (generally one month under GDPR; 45 days under CCPA, with one extension where allowed). We may need to verify your identity before we can act on your request.

10. Security

We use technical and organisational measures to protect personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These include encryption in transit (HTTPS), access controls, logging, and least-privilege principles for staff and contractors. No system is perfectly secure, however, and we can’t guarantee absolute security.

11. Cookies and similar technologies

Please see our Cookie Policy for the full list of cookies we use, what they do, and how to control them. You can also manage your preferences any time using the “Manage cookies” link in the site footer.

12. Third-party links and content

The Services may include links to third-party websites or content. We are not responsible for the privacy practices of any third party. We encourage you to read their privacy policies before sharing personal information with them.

13. Changes to this Policy

We may update this Policy from time to time. The “Effective” date at the top of the page tells you when we last did so. Where the changes are material, we’ll do our best to tell you in advance.

14. Contact us

For privacy questions, requests, or complaints: write to privacy@njuru.com. For all other matters, hello@njuru.com reaches the team.

This document was last updated on November 1, 2024. We may update it from time to time. We’ll post any changes here, and where the changes are material we’ll do our best to let you know.