Privacy Policy
Last updated: June 23, 2026
This Privacy Policy explains how Nuera, Inc. (“Nuera,” “we,” “us,” or “our”) collects, uses, discloses, and protects information in connection with our websites at nuera.ai and nuera.framer.website (the “Site”), our application at app.nuera.ai, and the Nuera AI workspace and related services (collectively, the “Platform”).
Nuera is an AI workspace that turns your data, tools, and workflows into autonomous agents that plan, act, and ship work. Because the way we handle information depends on the capacity in which we act, this Policy distinguishes between:
Account and Site data, where Nuera acts as a controller (we decide why and how the data is processed); and
Customer Data that you connect to or process through the Platform (documents, databases, API content, prompts, and the inputs and outputs of agent and workflow runs), where Nuera acts as a processor on your behalf. Our processing of Customer Data is governed by our Terms & Conditions and our Data Processing Agreement (DPA), which control in the event of any conflict with this Policy.
By using the Site or the Platform, you acknowledge the practices described here.
1. Information we collect
1.1 Information you provide to us
Account and profile information. When you create a workspace or sign in, we collect your name, email address, and authentication credentials. If you sign in through a single sign-on (SSO) provider or SAML identity provider, we receive the identifiers and profile attributes that provider shares (such as your name, email, and group or role assignments).
Workspace and configuration data. Settings for your workspace, agents, workflows, guardrails, roles and permissions (RBAC), and connected integrations.
Billing information. For paid plans (Pro at $49/month and Enterprise), we collect billing contact details and payment information. Card payments are processed by our payment processor; Nuera stores limited billing records (such as the card brand, last four digits, expiry, billing address, and invoice history) but does not store full card numbers.
Communications. When you contact us through our contact form, by email (for example, hello@nuera.ai, sales@nuera.ai, or press@nuera.ai), or through in-product chat, we collect your name, email address, the contents of your message, and any attachments. Sales and demo inquiries may include your company name and role.
1.2 Customer Data you connect or process
To deliver the Platform’s core functionality, you may connect and process content through Nuera, including documents, files, databases, APIs, and third-party integrations, as well as the prompts, instructions, intermediate steps, and outputs generated when your agents and workflows run. We also generate execution traces (run-level records used for observability, debugging, and quality measurement).
Customer Data may contain personal data about your own customers, employees, or other individuals. We process Customer Data only to provide and support the Platform, on your documented instructions, and as described in the DPA. We do not sell Customer Data and we do not use Customer Data to train foundation models.
1.3 Information we collect automatically
Usage and telemetry. Metrics about how the Platform is used, such as the number and type of agents, runs and tasks executed, throughput, latency, error rates, and feature usage.
Log and device data. IP address, browser and device type, operating system, referring pages, timestamps, and similar log information.
Cookies and similar technologies. We use strictly necessary cookies to authenticate sessions and keep the Platform secure, and limited analytics cookies to understand and improve usage. See Section 6.
1.4 Information from third parties
We may receive information from your SSO/identity provider, our payment processor (payment confirmation and fraud signals), and infrastructure providers (security and abuse signals). We do not purchase personal data for marketing.
2. How we use information
We use information that we control to:
Operate the Platform — authenticate users (including SSO, SAML, SCIM provisioning, and RBAC), run agents and workflows, maintain workspaces, and deliver real-time responses and actions.
Process Customer Data — execute the runs, integrations, and workflows you configure, and generate the observability traces that let you monitor quality, cost, and resolution rates.
Billing and account management — process subscriptions, free trials, plan limits (such as monthly run allowances), invoicing, and renewals.
Support and communications — respond to inquiries (we aim to reply within one business day), send service and security notices, and, where permitted, share product updates.
Security and abuse prevention — monitor for fraud, abuse, and policy violations; enforce usage limits; and protect the Platform, our users, and the public.
Improve the Platform — analyze aggregated and de-identified usage to debug, measure quality, and develop features. We do not use your Customer Data to train foundation models.
Legal and compliance — comply with law, enforce our Terms, and establish, exercise, or defend legal claims.
Legal bases (EEA/UK). Where the GDPR or UK GDPR applies and Nuera is a controller, we rely on: performance of a contract (operating accounts and the Site you request); legitimate interests (securing, maintaining, and improving the Platform, and B2B communications); consent (non-essential cookies and certain marketing, where required); and legal obligation. For Customer Data, your organization is the controller and determines the legal basis; Nuera acts as processor.
3. How agents and AI models process information
When your agents and workflows run, Nuera may transmit prompts and the specific context required for a task to AI model providers that perform inference, and to the integrations and tools you have connected, in order to plan steps, call tools, and produce outputs. We send only the data needed to perform the requested task, apply the guardrails and approvals you configure, and bind our model and infrastructure providers to confidentiality and data-protection obligations. Customer Data is processed to provide the service to you and is not used to train Nuera’s or any provider’s foundation models. Because AI systems can produce inaccurate or incomplete results, the Platform supports human-in-the-loop review and approvals, and you remain responsible for reviewing agent outputs before relying on them.
4. Cookies and analytics
We use cookies and similar technologies for authentication, security, load balancing, preference storage, and analytics. Strictly necessary cookies are required to operate the Platform and cannot be switched off. Where required by law, we request consent for non-essential analytics cookies and honor browser-based opt-out signals (such as Global Privacy Control). You can control cookies through your browser settings; disabling some cookies may affect Platform functionality.
5. How we share information
We share information only as described here:
Service providers and subprocessors. We use vetted vendors to host and operate the Platform and to provide inference, payments, communications, and analytics — including cloud infrastructure and hosting, AI model providers, payment processing, content delivery and security, transactional email, product analytics, customer-support chat, and marketing-site hosting. A current list of subprocessors that process Customer Data is maintained in, and available under, our DPA.
Your connected integrations. When you direct an agent or workflow to act, we share the relevant data with the third-party tools and integrations you have connected. Your use of those services is governed by their terms and privacy policies.
Within your organization. Workspace administrators and authorized members may access account information, usage data, and run traces according to the roles and permissions you configure.
Legal and safety. We may disclose information to comply with law, regulation, legal process, or enforceable governmental request, and to protect the rights, property, and safety of Nuera, our users, and the public.
Business transfers. If Nuera is involved in a merger, acquisition, financing, or sale of assets, information may be transferred subject to this Policy and applicable law.
We do not sell personal information, and we do not “share” it for cross-context behavioral advertising as those terms are defined under California law.
6. International data transfers
Nuera is based in the United States and may process information in the United States and other countries where we or our subprocessors operate. Where we transfer personal data from the EEA, the United Kingdom, or Switzerland to a country without an adequacy decision, we rely on appropriate safeguards, including the European Commission’s Standard Contractual Clauses and the UK International Data Transfer Addendum, together with supplementary measures where needed. A copy of the relevant transfer mechanism is available on request at privacy@nuera.ai.
7. Data retention
We retain account and Site data for as long as your account is active and as needed to provide the Platform, then for the period required to meet legal, accounting, security, and dispute-resolution obligations. Customer Data is retained according to your configuration and the DPA: while your subscription is active, and, after termination, for a limited export window after which it is deleted or returned as described in the DPA. Aggregated or de-identified data that no longer identifies an individual may be retained to operate and improve the Platform.
8. Security
We protect information using administrative, technical, and physical safeguards appropriate to its sensitivity, including encryption in transit and at rest, role-based access controls, SSO/SAML, audit logging, tenant isolation, and continuous monitoring. Nuera maintains a SOC 2 Type II program. For details, see our Security Policy. No method of transmission or storage is completely secure, but we work continuously to protect your data and to notify you of incidents as required by law and our agreements.
9. Your privacy rights
Depending on where you live, you may have rights over your personal data. For Customer Data, please direct requests to the relevant Nuera customer (the controller); we will assist them as required under the DPA.
EEA/UK/Switzerland (GDPR). You may request access, rectification, erasure, restriction, portability, and objection to certain processing, and you may withdraw consent where processing is based on consent. You may also lodge a complaint with your supervisory authority.
California (CCPA/CPRA). You may request to know, access, correct, and delete personal information, and to obtain it in a portable form. You have the right not to receive discriminatory treatment for exercising these rights. Because we do not sell or share personal information for cross-context behavioral advertising, no opt-out of sale/share is required, but you may still submit requests as described below.
Other U.S. states and jurisdictions. Where applicable law grants similar rights, we honor them.
To exercise any right, email privacy@nuera.ai. We will verify your request (for example, by confirming control of the account email) and respond within the timeframes required by law. You may use an authorized agent where permitted.
10. Children’s privacy
The Platform is a business tool intended for organizations and is not directed to children. We do not knowingly collect personal data from individuals under 16. If you believe a child has provided us personal data, contact privacy@nuera.ai and we will delete it.
11. Changes to this Policy
We may update this Policy from time to time. When we make material changes, we will update the “Last updated” date and, where appropriate, provide additional notice (for example, by email or in-product). Your continued use of the Platform after an update means you accept the revised Policy.
12. Contact us
Nuera, Inc. A Delaware corporation with its principal place of business in San Francisco, California, United States.
Privacy requests: privacy@nuera.ai
General: hello@nuera.ai
Data Protection Officer / EU & UK matters: dpo@nuera.ai
If you are in the EEA or UK and have an unresolved concern, you have the right to contact your local data protection authority.