Privacy Policy

We only collect the information needed to provide and improve Nerra's features.

• Account and profile data: name, email address, tenant/client identifiers.
• Authentication tokens: OAuth tokens for connected services (e.g., Google), stored securely and encrypted at rest.
• Google Calendar data: event metadata and details (title, time, attendees, calendar IDs) as needed to read, create, edit, or delete your events.
• Google Sheets data: spreadsheet metadata, ranges, and cell values you request the system to read or write.
• Google Drive (drive.file and drive.readonly scopes): files created or managed by Nerra for workflow outputs or logs, and read-only access to list your spreadsheets.
• Conversation data: messages sent to/from your AI agents (content, timestamps), sentiment labels, and execution logs for troubleshooting and analytics.
• Usage and device information: IP address, browser/OS, timestamps, and performance telemetry.

We process data to operate, secure, and improve the service.

• Authenticate your account and maintain secure sessions.
• Operate AI agents and run workflow automations (for example: check calendar availability, create events, read/write Google Sheets).
• Provide omnichannel messaging, notifications, and follow-ups as configured by you.
• Display analytics and logs (such as sentiment analysis and execution trace) to help you monitor performance.
• Improve reliability, security, and user experience (performance tuning, debugging errors).
• Comply with legal obligations and enforce our Terms of Service.

We do not sell or rent your personal data. We may share data only when necessary:

• Service providers that help us operate the platform (cloud hosting, monitoring, email/notification delivery).
• To comply with law, legal process, or enforce our agreements.
• To prevent fraud, security incidents, or harm, consistent with applicable law.

We retain data only as long as needed for the purposes above or as required by law. You may request deletion of your account and associated data, subject to applicable legal or operational requirements (for example, logs needed for security or compliance).

We use industry-standard security controls to protect data in transit and at rest. Access to production systems is restricted and monitored. No security program is perfect—please notify us immediately if you suspect an issue.

Depending on your location, you may have rights to access, correct, export, or delete your data, and to object to or restrict certain processing. Contact us to exercise these rights; we may need to verify your identity.

Our service is not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect data from children. If you believe a child has provided data, please contact us and we will take appropriate action.

• We request the minimum Google scopes needed to deliver user-facing features you enable.
• OAuth tokens are encrypted at rest and used only to provide the features you configure (for example, calendar scheduling or spreadsheet updates).
• We do not use Google user data for advertising or unrelated purposes.
• Human access to Google user data is limited to resolving support requests or security issues, and only with your permission when applicable.
• Our use of Google data adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Your information may be processed in countries other than your own. We take steps to protect data in accordance with this Policy and applicable law, including contractual safeguards where required.

We may update this Privacy Policy to reflect changes to the Service or legal requirements. We will post updates here and update the effective date above. Material changes may also be communicated in-app or via email.

For questions or requests about this Policy, contact us at support@nerra.id.