Privacy Policy

Nevo, [Postal Address], is the data controller responsible for the processing of personal data described in this Policy.

You can contact us at privacy@nevochat.com.

Account data: name, email, password (hashed), company, role.

Billing data: company name, billing address, VAT number, payment method (stored by our payment processor Stripe — we do not store full card numbers).

Usage data: IP address, browser/device information, pages viewed, actions taken, log files.

Customer Data: messages, contacts, and content you process through the Service on behalf of your end users.

Performance of contract: to provide and operate the Service.

Legitimate interest: to secure the Service, prevent fraud, and improve features.

Legal obligation: to comply with accounting, tax, and regulatory requirements.

Consent: where required (e.g. marketing communications, certain cookies).

Provide, operate, and maintain the Service.

Process payments and manage subscriptions.

Send service-related communications (account, billing, security).

Provide customer support and respond to requests.

Detect and prevent fraud, abuse, and security incidents.

Comply with legal obligations.

We share personal data only with subprocessors necessary to operate the Service, including: cloud hosting (Google Cloud Platform), payment processing (Stripe), email delivery (Gmail/Google Workspace), AI providers (OpenAI, Anthropic, Google), and messaging providers (Meta/WhatsApp).

A current list of subprocessors is available on request. Each subprocessor is bound by a data processing agreement.

We do not sell personal data to third parties.

Some of our subprocessors are located outside the European Economic Area. Transfers are protected by appropriate safeguards, such as the European Commission's Standard Contractual Clauses or equivalent mechanisms.

Account data is retained for the duration of your subscription and up to 12 months after termination, unless a longer retention period is required by law.

Customer Data is retained as long as your account is active, and deleted within 30 days after termination unless you request export beforehand.

Billing and tax records are retained for 10 years as required by applicable accounting law.

We implement technical and organizational measures including encryption in transit (TLS), encryption at rest, access controls, audit logging, and regular security reviews.

No system is perfectly secure; we will notify affected users and supervisory authorities of any breach as required by law.

Subject to applicable law, you have the right to access, rectify, erase, restrict, port, or object to the processing of your personal data, and to withdraw consent at any time.

To exercise these rights, contact privacy@nevochat.com. You also have the right to lodge a complaint with your local data protection authority (e.g. CNIL in France).

We use strictly necessary cookies to operate the Service (e.g. authentication session).

With your consent, we may use analytics or preference cookies. You can manage your preferences at any time from the cookie banner or your browser settings.

The Service is not directed to children under 16. We do not knowingly collect personal data from children.

We may update this Policy from time to time. Material changes will be notified by email or in-app at least 30 days before they take effect.

For any question regarding this Policy or your personal data, contact privacy@nevochat.com or write to Nevo, [Postal Address].