← Back to homepage
Privacy Policy
Last updated: June 30, 2026 · NexusGroup Labs LLC is committed to protecting your privacy in accordance with GDPR and applicable data protection laws.
1. Information We Collect
1.1 Personal Information
- Contact Information: Name, email address, phone number, billing address
- Account Information: Username, password (hashed with bcrypt), account preferences
- Payment Information: Processed by Stripe — we do not store card numbers or CVVs
- Communication Records: Support tickets, chat logs (retained 90 days)
1.2 Technical Information
- IP Address: Collected for security, fraud prevention, and geolocation
- Device Information: Browser type, operating system, device type
- Usage Data: Pages visited, features used, API call volumes
- Cookies: Used for authentication, session management, and preferences (see Cookie Policy)
1.3 Voice & AI Data
Voice recordings processed through our Voice AI services are used only for real-time transcription and are deleted within 30 days unless you explicitly request retention. AI-generated outputs remain your property.
2. How We Use Your Information
- To provide, maintain, and improve our services
- To process transactions and send billing confirmations
- To communicate about your account, updates, and promotions (with consent)
- To detect, prevent, and address security issues and fraud
- To comply with legal obligations
- To generate anonymized, aggregate analytics for product improvement
3. Information Sharing
We do not sell your personal information. We share data only with:
- Service Providers: Stripe (payments), Mailcow (email), Cloudflare (CDN/security)
- Legal Compliance: When required by valid law enforcement request or court order
- Business Transfers: In connection with a merger, acquisition, or sale of assets (users notified in advance)
4. Data Security
- All data encrypted in transit (TLS 1.3) and at rest (AES-256)
- Passwords hashed with bcrypt (cost factor 12)
- API keys stored as hashed values, never in plaintext
- Infrastructure secured behind Vaultwarden-managed credentials
- Regular security audits and access controls
5. Your Data Rights (GDPR)
- Right to Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate personal data
- Right to Erasure: Request deletion of your data ("right to be forgotten")
- Right to Portability: Receive your data in a machine-readable format
- Right to Object: Opt out of marketing communications at any time
- Right to Restrict Processing: Limit how we use your data
To exercise these rights: privacy@nexusgrouplabs.com
6. Data Retention
We retain personal data for 90 days after account closure unless longer retention is required by law or you request earlier deletion. Anonymized usage analytics are retained indefinitely.
7. International Transfers
Data may be processed on servers in the United States and European Union. We ensure appropriate safeguards (Standard Contractual Clauses) are in place for international transfers.
8. Children's Privacy
Our Service is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children. If you believe we have, contact us immediately.
9. Contact
Privacy inquiries: privacy@nexusgrouplabs.com