Privacy Policy

Native AI Labs Inc. ("Native AI", "we", "us", or "our") operates the Native AI platform at deepnative.ai (the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect information about you and your organisation when you use our Service.

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree, do not use the Service.

We use your information exclusively to:

• Provide, personalise, and operate the Native AI Service for your organisation.
• Extract tasks, events, decisions, and insights from your connected communications and surface them back to you and your team.
• Power your organisation's Business Learning Model (BLM) — a private, organisation-specific knowledge graph that helps your AI assistant understand your business.
• Send transactional and billing emails.
• Diagnose and fix technical issues.

We do not:

• Sell, rent, or trade your data to any third party.
• Use your data to train AI models (including our own or third-party models).
• Use your Google, Microsoft, or WhatsApp data for any purpose other than providing the Service to you.
• Show you advertising based on your data.

We share your data only as necessary to operate the Service, and only with the following categories of recipients:

• AI Inference Providers (Google Gemini): Your data is sent to Google's Gemini API to generate AI responses. Google processes this data as a data processor under their terms. This data is not used to train Google's models.
• Infrastructure (Supabase / AWS): Your data is stored in Supabase (PostgreSQL), hosted on AWS infrastructure with encryption at rest and in transit.
• Payment Processors (Stripe, Razorpay): Billing and payment information is handled directly by Stripe (US/global) or Razorpay (India). We do not store full card numbers.
• Legal Compliance: We may disclose data if required by law, court order, or to protect the rights and safety of Native AI Labs Inc. or its users.

We do not share your data with any other third parties.

We retain your data for as long as your account is active. When you close your account, we delete your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

You may request deletion of your data at any time by emailing jsg@deepnative.ai.

Native AI encrypts all data both in transit and at rest to ensure the confidentiality and integrity of your information:

• In Transit: All data transmitted between your device and our servers is protected using TLS 1.2+ encryption. This applies to all API calls, web traffic, and third-party integrations.
• At Rest: All data stored in our databases is encrypted using AES-256 encryption. This includes account information, messages, and any data ingested from connected integrations.
• Database Isolation: Row-level security (RLS) is enforced in our database so each organisation's data is logically isolated and inaccessible to other organisations.
• Authentication: OAuth 2.0 is used for all third-party connections, and passwords are stored as secure hashes — never in plain text.

No system is perfectly secure. If you believe your account has been compromised, contact us immediately at jsg@deepnative.ai.

To exercise any of these rights, contact us at jsg@deepnative.ai.

The Service is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with data, contact us and we will delete it.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by a notice on the Service at least 14 days before the change takes effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

For any privacy-related questions or requests: