Privacy Policy

This Privacy Policy applies to Nebulons AI websites, online products, developer tools, APIs, communications, research programs, events, and related business interactions that link to or reference this Policy. It also applies where Nebulons AI otherwise acts as the organization deciding why and how personal information is processed.

Some products, customer deployments, pilot environments, or enterprise arrangements may be governed by separate contract terms, service notices, or data processing schedules. Where a separate notice or contract applies to a particular service, that document will control to the extent of any inconsistency.

The personal information we collect depends on the services you use, how you engage with us, and the settings, integrations, and permissions associated with your account or organization. In many cases, we collect information directly from you, automatically through your use of our services, and from customers, partners, or service providers acting on your behalf.

The categories of information we may collect include the following:

• Identity and account information, such as name, username, company name, role, contact details, authentication credentials, or profile settings.
• Commercial and relationship information, such as inquiries, purchase history, billing data, contract details, support history, and account preferences.
• Technical and device information, such as IP address, browser type, device identifiers, application logs, crash reports, telemetry, and approximate location inferred from technical signals.
• Usage and interaction information, such as prompts, inputs, uploaded files, command history, output selections, feature usage, clickstream events, diagnostic logs, or performance metadata.
• Communications and feedback, such as emails, meeting notes, surveys, recordings where permitted, support tickets, and product feedback.
• Compliance and security information, such as fraud signals, abuse indicators, identity verification records, access logs, and security event information.

We may collect personal information directly from you when you submit a form, sign up for a product, request a demo, contact support, participate in research, connect a third-party service, or interact with our websites and applications.

We may also receive personal information from your employer or organization, integration partners, analytics providers, payment processors, resellers, publicly available sources, and security or compliance providers where relevant to account administration, product operation, or lawful business purposes.

Nebulons AI uses personal information to provide, operate, secure, improve, and support its products and business operations. We also use information to communicate with you, manage accounts, assess product demand, protect our systems, comply with law, and develop new features and services.

Depending on the context, the purposes for which we use personal information may include the following:

• Providing access to websites, applications, APIs, and customer environments.
• Authenticating users, managing permissions, and administering accounts or organizations.
• Processing transactions, invoices, renewals, procurement requests, and commercial records.
• Maintaining service performance, uptime, diagnostics, troubleshooting, and security monitoring.
• Responding to support requests, product questions, legal notices, and operational communications.
• Measuring product adoption, researching product quality, and improving usability, reliability, and safety.
• Detecting misuse, fraud, policy violations, security threats, or unlawful activity.
• Complying with applicable law, regulation, legal process, or enforceable government request.
• Protecting the rights, safety, property, and legitimate business interests of Nebulons AI, its users, customers, and the public.

Because Nebulons AI develops and deploys AI systems, some service interactions may be used to maintain quality, evaluate safety, detect abuse, improve product functionality, and support internal research and model development. The data used for those purposes depends on the service, customer relationship, configuration, and contractual controls that apply.

Where we offer enterprise, business, or developer services under contract, customer-specific controls, service settings, and negotiated terms may govern whether inputs and outputs are retained, reviewed, or used for improvement purposes. Where required by applicable law or contract, we will respect opt-out choices, retention settings, and other usage restrictions applicable to the relevant service.

We do not sell personal information in exchange for money. We may disclose personal information to service providers, advisors, corporate affiliates, infrastructure providers, analytics providers, payment processors, security partners, and other parties that help us operate the business or provide a requested service.

We may also disclose information where reasonably necessary to protect users, enforce our terms, investigate suspected misuse, prevent fraud, respond to lawful process, complete a financing or corporate transaction, or comply with legal obligations. In those situations, we seek to limit disclosure to what is relevant and reasonably necessary under the circumstances.

When you use Nebulons AI through an employer, customer, educational institution, or other organization, that organization may control your account, provision integrations, access usage records, and set retention or security rules for the environment. In those cases, Nebulons AI may act on behalf of the organization under contract and the organization may separately determine how your information is used.

If you use a company-provided account or organization-managed workspace, you should review your organization policies and understand that administrators may have access to account metadata, usage records, audit events, and certain content associated with the service environment.

Nebulons AI may process and store information in countries other than the country where you are located. Those countries may have data protection rules that differ from the rules in your jurisdiction.

When we transfer personal information across borders, we take steps intended to support lawful transfers and appropriate protections, including contractual commitments, technical safeguards, organizational controls, and additional measures where reasonably appropriate under applicable law.

We retain personal information for as long as reasonably necessary to provide services, maintain business records, comply with legal obligations, resolve disputes, detect misuse, protect our systems, and enforce agreements. Retention periods vary depending on the type of information, the product environment, customer settings, security needs, and legal requirements.

Where required or appropriate, we may delete, aggregate, anonymize, or de-identify information after the relevant retention period ends. Backup copies and archived logs may remain for limited periods as part of standard security and business continuity practices.

Depending on where you live and the services you use, you may have rights to request access to personal information, correction of inaccurate information, deletion, restriction, portability, or objection to certain forms of processing. You may also have choices relating to marketing communications, cookies, and certain product settings.

If you wish to exercise a privacy right, you may contact Nebulons AI using the contact channels made available through our websites or service relationship. We may request information necessary to verify your identity, confirm authority, protect account security, and process the request consistent with applicable law.

Nebulons AI maintains administrative, technical, and physical safeguards designed to protect personal information against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or misuse. These measures may include access controls, authentication mechanisms, logging, encryption where appropriate, secure development practices, vendor review, and incident response procedures.

No system can be guaranteed to be perfectly secure. For that reason, users should also take reasonable steps to protect their credentials, devices, and environments and should notify us promptly if they believe an account or system interaction has been compromised.

Nebulons AI services are not directed to children under the age required by applicable law to use the service independently, and we do not knowingly collect personal information from children in violation of applicable law. If we become aware that personal information has been collected from a child in a manner inconsistent with legal requirements, we will take steps reasonably designed to address the issue.

Parents, guardians, schools, and organizations that believe a child may have provided personal information to Nebulons AI contrary to this Policy may contact us through our website so that we can review the matter.

We may update this Privacy Policy from time to time to reflect changes in law, product design, data practices, or operational needs. When we make changes, we will update the "Last Updated" date at the top of this Policy and, where appropriate, provide additional notice through the relevant service, website, or account interface.

If a change materially affects how personal information is handled, we may provide a more prominent notice or additional communication where required by law. Your continued use of the relevant services after the updated Policy becomes effective will be subject to the revised Policy.

Questions, requests, and notices about this Privacy Policy may be directed to Nebulons AI through the contact channels made available on our website or through the customer relationship associated with your account or organization.

If you are using Nebulons AI through an employer, school, or customer-managed environment and your request concerns organization-controlled data, you may need to direct your request to that organization first.