Privacy Policy

Last updated: March 2026

This privacy policy for Nicholas Derk (doing business as Derk.io) ("we," "us," or "our") describes how and why we might collect, store, use, and/or share ("process") your information when you use our services ("Services"), such as when you:

  • Visit our website at derk.io, or any website of ours that links to this privacy policy
  • Download and use our mobile applications, including AXIØM Energy and AXIØM.talk, or any other application of ours that links to this privacy policy
  • Purchase products from our online store
  • Subscribe to our mailing list
  • Engage with us in other related ways, including any sales, marketing, or events

Questions or concerns? Reading this privacy policy will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact me

Summary of Key Points

  • What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us, the choices you make, and the products and features you use.
  • Do we process any sensitive personal information? No.
  • Do we receive any information from third parties? No.
  • How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.
  • With which third parties do we share information? We use Squarespace, Stripe, and Aptabase as described below. We do not sell your personal information.
  • What are your rights? Depending on where you are located, applicable privacy law may grant you certain rights regarding your personal information. See the sections below for details.

Table of Contents

  1. What Information Do We Collect?
  2. Third-Party Services
  3. How Do We Process Your Information?
  4. What Legal Bases Do We Rely On?
  5. When and With Whom Do We Share Your Information?
  6. How Long Do We Keep Your Information?
  7. What Are Your Privacy Rights?
  8. Do-Not-Track Features
  9. United States Residents — Specific Privacy Rights
  10. Other Regions — Specific Privacy Rights
  11. Updates to This Policy
  12. How to Contact Us

1. What Information Do We Collect?

Information you provide to us

We collect personal information that you voluntarily provide when you interact with our Services. This may include:

  • Name and email address — when you subscribe to our mailing list, make a purchase on Derk.io, or Contact Us
  • Shipping address — when you purchase physical products from our stores on Derk.io
  • Payment information — when you make a purchase on Derk.io (processed by Stripe; we do not store your credit card details)

Information collected automatically

When you visit our website or use our apps, certain information may be collected automatically. This information does not reveal your specific identity but may include:

  • Device and browser information — such as your browser type, operating system, device model, and device identifiers
  • Usage data — such as pages viewed, features used, and the dates and times of your visits
  • IP address — collected by our website hosting provider (Squarespace) as part of standard web server operations

Information collected by our apps

  • AXIØM Energy — We collect anonymous, aggregated usage analytics through Aptabase (see section 2). If you make in-app purchases, Apple Inc. processes your transaction (see section 2). We do not collect your name, email, or other personally identifiable information through the app.
  • AXIØM.talk — We collect anonymous, aggregated usage analytics through Aptabase (see section 2). If you make in-app purchases, Apple Inc. processes your transaction (see section 2). We do not collect your email, or other personally identifiable information through the app. You may optionally provide your name for Ax to refer to you, but this information is kept on-device only by the developer.

We do not process sensitive personal information.

2. Third-Party Services

We rely on the following third-party services to operate our business. Each processes data in accordance with its own privacy policy.

Squarespace

What it does: Hosts our website (derk.io), powers our online store, and manages our mailing list.

What it processes: When you visit our site, Squarespace collects standard web analytics data (IP address, browser type, pages visited, referring URLs). When you subscribe to our mailing list, Squarespace stores your name and email address. When you make a purchase, Squarespace processes your order details (name, email, shipping address).

Privacy policy: https://www.squarespace.com/privacy

Stripe

What it does: Processes payments for purchases made through our Squarespace store.

What it processes: When you check out, Stripe receives your payment card details, billing information, and transaction amount. We do not have access to your full card number — Stripe handles this securely on our behalf.

Privacy policy: https://stripe.com/privacy

Aptabase

What it does: Provides privacy-friendly, anonymous analytics for our apps.

What it processes: Aptabase collects anonymous, aggregated usage events (such as which features are used and how often). It does not collect personally identifiable information — no names, emails, IP addresses, or device identifiers. Aptabase is designed to be compliant with GDPR, CCPA, and PECR without requiring user consent, because no personal data is collected.

Privacy policy: https://aptabase.com/legal/privacy

Apple Inc.

What it does: Provides the Developer SDK and and the App Store Connect system for monetizing them.

Privacy policy: https://www.apple.com/privacy/

3. How Do We Process Your Information?

We process your personal information for the following purposes:

  • To fulfill orders — processing purchases, managing shipping, and communicating order updates
  • To send marketing communications — if you subscribe to our mailing list, we use your email to notify you about new products, updates, and promotions. You can unsubscribe at any time via the link in every email.
  • To improve our apps — using anonymous analytics (Aptabase) to understand which features are popular and where we can improve
  • To manage subscriptions — using App Store Connect (Apple Inc.) to process and track in-app purchases
  • To maintain and secure our Services — including fraud prevention and troubleshooting
  • To comply with law — where required by applicable legal obligations

4. What Legal Bases Do We Rely On?

If you are in the EU or UK

Under the GDPR and UK GDPR, we rely on the following legal bases:

  • Consent — for processing such as sending marketing emails. You can withdraw consent at any time.
  • Contractual necessity — to fulfill purchases and deliver products you have ordered.
  • Legitimate interests — for anonymous analytics and service improvement.
  • Legal obligations — where we are required by law to process your information.

If you are in Canada

We process your information with your express or implied consent, which you may withdraw at any time. In some exceptional cases, applicable law may permit processing without consent (e.g., fraud prevention, legal compliance).

5. When and With Whom Do We Share Your Information?

We share personal information only with the third-party service providers listed in Section 2 and only for the purposes described there. We do not sell, rent, or trade your personal information.

We may also share information in the following situations:

  • Legal requirements — if required by law, subpoena, or other legal process
  • Business transfers — in connection with a merger, sale, or acquisition of our business

6. How Long Do We Keep Your Information?

We keep your personal information only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required by law. Specifically:

  • Mailing list data — retained until you unsubscribe
  • Order and transaction data — retained as required for tax, accounting, and legal purposes
  • Anonymous analytics data — retained in aggregate form (no personal data is stored)

When we no longer need your information, we will delete or anonymize it.

7. What Are Your Privacy Rights?

Depending on your location, you may have the following rights:

  • Access — request a copy of the personal information we hold about you
  • Correction — request that we correct inaccurate information
  • Deletion — request that we delete your personal information
  • Portability — request a copy of your data in a portable format
  • Objection — object to certain types of processing
  • Withdraw consent — where processing is based on consent, withdraw it at any time

To exercise any of these rights, please contact us at nicholas@derk.io. We will respond in accordance with applicable data protection laws.

Opting out of marketing emails: You can unsubscribe at any time by clicking the unsubscribe link in any email we send, or by contacting us directly.

If you have questions or complaints about your privacy rights, you may email us at nicholas@derk.io.

8. Do-Not-Track Features

Some browsers and devices include a Do-Not-Track ("DNT") feature. There is no uniform standard for recognizing or implementing DNT signals, so we do not currently respond to them. If a standard is adopted that we must follow, we will update this policy accordingly.

9. United States Residents — Specific Privacy Rights

If you are a resident of California, Colorado, Connecticut, Delaware, Indiana, Iowa, Montana, Oregon, Tennessee, Texas, Utah, or Virginia, you may have additional rights under your state's privacy law, including:

  • The right to know what personal information we collect, use, and share
  • The right to request deletion of your personal information
  • The right to correct inaccurate personal information
  • The right to opt out of the sale or sharing of personal information (we do not sell or share your data)
  • The right to non-discrimination for exercising your rights

What we collect: For US residents, the categories of personal information we may collect include identifiers (name, email, IP address), commercial information (purchase history), and internet activity (pages visited, app usage). We do not collect sensitive personal information, biometric data, or geolocation data.

To exercise your rights, contact us at nicholas@derk.io or visit derk.io/contact. If we decline your request, you may appeal by emailing us, and we will respond within the timeframe required by your state's law.

10. Other Regions — Specific Privacy Rights

Australia and New Zealand

We process your personal information under Australia's Privacy Act 1988 and New Zealand's Privacy Act 2020. You have the right to request access to or correction of your personal information by contacting us. If you believe we have breached applicable privacy principles, you may complain to the Office of the Australian Information Commissioner or the Office of the New Zealand Privacy Commissioner.

Republic of South Africa

You have the right to request access to or correction of your personal information. If you are unsatisfied with how we handle a complaint, you may contact the Information Regulator (South Africa) at enquiries@inforegulator.org.za.

11. Updates to This Policy

We may update this privacy policy from time to time. The updated version will be indicated by a revised "Last updated" date. If we make material changes, we may notify you by posting a prominent notice on our website or by sending you a notification. We encourage you to review this policy periodically.

12. How to Contact Us

If you have questions or comments about this policy, you may contact us at:

Nicholas Derk Email: nicholas@derk.io Website: derk.io

To review, update, or delete the personal information we have collected from you, please contact us at nicholas@derk.io or visit derk.io/contact