Legal

Privacy Policy

Last updated: April 1, 2026

At NexusAI, we take your privacy seriously. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our platform and services.

1. Information We Collect

Account Information

When you create a NexusAI account, we collect your name, email address, and authentication credentials through our third-party auth provider (Clerk). If you subscribe to a paid plan, payment information is processed securely by Stripe — we never store your full credit card number.

Usage Data

We collect information about how you interact with our platform, including the AI tools you use, number of generations, conversation metadata (not content), timestamps, and device/browser information. This helps us improve performance and personalize your experience.

Generated Content

Content you generate using NexusAI (text, images, code, audio, video) is stored on our servers to provide conversation history and gallery features. You own all content you generate.

Uploaded Files

If you upload documents for the AI Summarizer or RAG features, files are processed and stored securely. You can delete uploaded files at any time from your dashboard.

2. How We Use Your Information

We use your information to:
• Provide and maintain the NexusAI platform and all AI tools• Process your subscriptions and manage billing• Send transactional emails (receipts, usage alerts, security notifications)• Improve our AI models and platform performance through aggregated, anonymized usage analytics• Enforce our Terms of Service and prevent abuse• Respond to support requests• Send product updates and marketing emails (with your consent, and you can unsubscribe anytime)

3. How We Share Your Information

We do not sell your personal information. We share data only with:
Service providers: Clerk (authentication), Stripe (payments), Vercel (hosting), Neon (database), OpenAI/Anthropic/Groq (AI model providers), Resend (email), Upstash (rate limiting), UploadThing (file storage)AI model providers: Prompts and inputs are sent to AI providers to generate responses. We do not send your personal information — only the content you submit for generationLegal requirements: We may disclose information if required by law, regulation, or legal processBusiness transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred

4. Data Security

We implement industry-standard security measures including:
• Encryption in transit (TLS 1.3) and at rest (AES-256)• SOC 2 compliant infrastructure through our hosting providers• Regular security audits and penetration testing• Role-based access controls for internal systems• Automatic session expiration and secure token management

5. Data Retention

We retain your data for as long as your account is active. After account deletion:
• Personal information is deleted within 30 days• Generated content is deleted within 30 days• Uploaded files are deleted immediately• Anonymized usage analytics may be retained indefinitely• Billing records are retained as required by tax law (typically 7 years)

6. Your Rights

Depending on your jurisdiction, you may have the right to:
• Access the personal information we hold about you• Correct inaccurate information• Delete your account and associated data• Export your data in a portable format• Opt out of marketing communications• Object to certain processing activities• Lodge a complaint with your local data protection authority
To exercise any of these rights, contact us at privacy@nexusai.com or use the data management tools in your account settings.

7. Cookies & Tracking

We use essential cookies for authentication and session management. We use analytics cookies (with your consent) to understand how the platform is used. We do not use advertising trackers. You can manage cookie preferences in your browser settings.

8. Children's Privacy

NexusAI is not intended for users under 16 years of age. We do not knowingly collect personal information from children. If we discover that a child under 16 has created an account, we will delete it promptly.

9. International Data Transfers

Your data may be processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses where applicable.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on the platform. Continued use of NexusAI after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:• Email: privacy@nexusai.com• Address: NexusAI Inc., 548 Market St, Suite 36879, San Francisco, CA 94104

Have questions about your data? Contact our privacy team