Privacy Policy
How Nmow collects, uses, and protects information about you when you visit our website, fill out forms, or engage Nmow as a client. Written to be readable — most legal pages aren't.
Introduction
This Privacy Policy describes how Nmow (“Nmow”, “we”, “us”) collects, uses, and shares information about you when you visit our website at nmow.ai, fill out forms, or engage Nmow as a client. Nmow is registered in the Kingdom of Saudi Arabia.
We're a small, senior-only practice — there's no marketing or sales team handling your data, no remarketing campaigns running against your information, no growth-hack pipeline funneling form submissions into automated sequences. Your information is handled directly by the partner running the engagement.
Information we collect
Information you provide
When you fill out the consultation form, we collect: your name, email, company, website (if provided), service of interest, situation description, budget range (if provided), timezone (if provided), and urgency flag. When you become a Nmow client, we collect additional information through engagement letters and ongoing communication, including business and contact details for engagement counterparts, access credentials you choose to share for tooling integrations, and any other information you provide in the course of the engagement.
Information collected automatically
When you visit our website, we collect limited technical information: IP address (anonymized to /24 for IPv4 or /64 for IPv6), browser and device type, pages visited, time on page, and referring URL. We use this to understand how the site is used and to improve it.
How we use information
We use the information we collect to:
- Respond to consultation requests and schedule scoping calls
- Deliver Nmow services to clients under engagement letters
- Maintain and improve the website
- Communicate with clients about active engagements
- Comply with legal obligations
We do not use your information to:
- Add you to marketing email lists
- Run automated follow-up sequences
- Sell or rent your information to third parties
- Train AI models or share with AI vendors for training
- Profile you for advertising purposes
Sharing and disclosure
Subprocessors
We use a small set of subprocessors to operate the firm. As of the last-updated date above, these include:
We update this list when subprocessors change. Material changes are surfaced for 60 days following the change (see §11).
Legal requirements
We may disclose information if legally required (court order, subpoena, regulatory requirement) or to protect our rights, the safety of others, or to investigate suspected misconduct.
Business transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We would notify you before such a transfer takes effect.
Data retention
We retain consultation form submissions for 12 months from the date of submission. If you become a Nmow client, we retain engagement-related information for the duration of the engagement plus seven years for accounting and legal purposes (or longer where required by law).
You can request earlier deletion of your information at any time by emailing saad@nmow.ai, subject to legal retention requirements that may prevent immediate deletion.
Your rights
Depending on your jurisdiction (in particular under GDPR, the Saudi PDPL, and similar regulations), you may have rights to:
- Access information we hold about you
- Correct inaccurate information
- Request deletion of your information
- Object to certain processing
- Receive your information in a portable format
- Withdraw consent (where processing is based on consent)
- Lodge a complaint with a supervisory authority
To exercise any of these rights, email saad@nmow.ai. We respond within 30 days of receipt, or sooner where required by applicable law.
International data transfers
Some of our subprocessors are located outside the Kingdom of Saudi Arabia (primarily in the United States and European Union). When we transfer your information internationally, we rely on appropriate safeguards, including standard contractual clauses, adequacy decisions where applicable, or your explicit consent. The subprocessor table in §4 reflects current locations; changes are surfaced through the §11 update mechanism.
Children's data
Nmow's services are intended for businesses, not consumers. We do not knowingly collect information from anyone under 18. If you believe we have collected information from a minor, please contact us at saad@nmow.ai for prompt deletion.
Cookies and tracking
The website uses minimal cookies. We use a single first-party cookie for session management and (optionally, with your consent) one analytics cookie. We do not use third-party advertising cookies, Google Analytics, Facebook Pixel, or similar tracking on the public site.
Security
We use industry-standard security measures to protect your information, including encryption in transit (HTTPS), access controls on internal systems, and minimal data collection (we only collect what we need for the purposes stated above). No system is perfect — if we become aware of a security incident affecting your information, we'll notify you in accordance with applicable law.
Changes to this policy
We update this policy when our practices change. The “Last updated” date at the top reflects the most recent change. Material changes are surfaced via the consultation form footer for 60 days following the change. For client engagements, material changes are also communicated through the engagement letter channel.
Contact
For privacy questions, requests, or complaints, email saad@nmow.ai. For general inquiries, see /consultation.