Effective May 12, 2026
Anonymous analytics. When you accept cookies, we collect page views, button clicks, scroll events, and session duration via PostHog. PostHog assigns a random identifier (no name, email, or precise location) so we can tell returning visitors from new ones.
Account data. If you create an account, we store your email address, hashed password (or OAuth provider identifier), the timestamp you signed up, and optional preferences (skin type, concern tags, favorited products). Authentication is handled by Supabase.
Marketing consent. If you tick the marketing checkbox at signup, we record the timestamp of your consent on your profile. We do not collect your IP, browser fingerprint, or any health information.
To understand how people use nextbest so we can improve the experience, to give you a personalized concern list, and (only with your consent) to send occasional marketing email about new product picks and skincare guides. We don't sell data and we don't use it for advertising.
We use the following sub-processors:
We use the following cookies:
When you first visit the site, you'll see a banner asking about cookies. Click “Decline” to opt out of analytics. You can also clear your browser's cookies and localStorage for this site to reset your preference. To unsubscribe from marketing email, click the unsubscribe link in any marketing message or email kayleigh@migdol.net.
We send marketing email only if you have given separate, explicit consent at signup (the dedicated marketing checkbox, distinct from your acceptance of the Terms). Transactional emails (password reset, account confirmation, account-change notices) are sent regardless of marketing preference because they relate to a service you have requested. We keep marketing-consent timestamps on your profile as proof of opt-in. You can revoke consent at any time via the unsubscribe link in any marketing email, which is honored immediately.
If you are in the EEA, the UK, or Switzerland, you have the right to:
To exercise any of these rights, email kayleigh@migdol.net. We will respond within 30 days.
If you are a California resident you have the right to know what personal information we collect, to request deletion of it, to correct inaccuracies, and to limit the use of sensitive personal information. nextbest does not sell or share personal information for cross-context behavioral advertising as defined by the CCPA/CPRA, and we have not done so in the preceding 12 months. You will not be discriminated against for exercising these rights. To exercise them, email kayleigh@migdol.net.
We keep account data for as long as your account is active. If you delete your account, we erase your profile, favorites, and any feedback you submitted within 30 days. Anonymous analytics events are retained by PostHog for 7 years; they cannot be tied back to you after account deletion. Marketing-consent timestamps are retained for the lifetime of your account so we have proof of consent if asked by a regulator.
nextbest is not directed to children under 13. If you believe a child has provided us with personal information, please email kayleigh@migdol.net and we will delete it.
We will update the Effective date at the top of this page when we change anything material here. Continued use after a change means you accept the revised Policy.
Questions or privacy requests? Reach out to kayleigh@migdol.net.
We use cookies to improve your experience. Learn more