Privacy Policy

Nuviax Privacy Policy

Effective date: July 16, 2026

This Privacy Policy describes how Nuviax ("Nuviax", "we") collects, uses, retains, and protects information gathered through nuviax.ai and its contact surfaces. It does not describe the data-handling practices of Nuviax product deployments inside customer environments. Those are governed by the Master Services Agreement, the Data Processing Agreement, and any Business Associate Agreement in force between Nuviax and the customer.

What we collect

We collect information you submit through the contact form at nuviax.ai/contact. This includes your name, email address, company, role, use case, and message. We also collect standard server-side request metadata (IP address, user agent) for rate-limiting and abuse prevention.

We use Vercel Analytics for aggregate page-view analytics. Vercel Analytics is privacy-respecting and does not use cookies. It does not track individual users across sites. We use Vercel Speed Insights for Core Web Vitals measurement, which samples anonymous performance data.

How we use it

Contact-form submissions are used to respond to your inquiry, schedule architecture reviews, and follow up on the specific topics you raise. We do not use contact-form submissions for cold outreach unrelated to your inquiry.

Aggregate analytics are used to understand which pages are read, which posts drive engagement, and where performance can be improved. Analytics data is not linked to your identity.

Where it goes

Contact-form submissions are stored in a Supabase-backed database inside the Nuviax operational boundary, and a notification is sent via Resend to connect@nuviax.ai. Rate-limiting metadata is stored in Upstash Redis with a 1-hour TTL. Analytics data is stored by Vercel.

Retention

Contact-form submissions are retained for as long as the inquiry is active plus 24 months for legitimate business-record purposes, after which they are deleted or anonymized. You may request deletion at any time by emailing connect@nuviax.ai.

Your rights

You may request access to, correction of, or deletion of information you have submitted. For residents of the EU/UK, California, or other jurisdictions with specific data-protection rights, we honor requests consistent with GDPR, UK-GDPR, CCPA, and equivalent frameworks. Send requests to connect@nuviax.ai.

Data we do not collect

We do not use tracking cookies. We do not sell or share your information with third parties for advertising. We do not use your contact-form submissions to train any AI model.

Product data (customer deployments)

For questions about how Nuviax products handle customer data (including PHI, PCI, CJI, or ITAR-scoped data), see the Trust page. Nuviax product deployments do not use customer data to train foundation models, and do not share customer prompts or outputs with third-party LLM providers outside the scope the customer explicitly approves.

Changes

We will update this policy as our practices evolve. Material changes will be announced at the top of this page with a new effective date.

Contact

Privacy questions: connect@nuviax.ai. Include "Privacy" in the subject line so it routes correctly.