Privacy Policy

At nexvio.ai, accessible from https://nexvio.ai, one of our main priorities is the privacy of our visitors. This Privacy Policy document contains types of information that is collected and recorded by nexvio.ai and how we use it.

If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.

This Privacy Policy applies to visitors to our website and to users of the Nexvio service and its integrations, including our integration for Slack and our Shopify app. It explains what information we collect, how we use it, how long we keep it, and the choices you have.

Consent

By using our website, you hereby consent to our Privacy Policy and agree to its terms.

Information we collect

The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.

If you contact us directly, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

When you register for an Account, we may ask for your contact information, including items such as name, company name, address, email address, and telephone number.

How we use your information

We use the information we collect in various ways, including to:

• Provide, operate, and maintain our website
• Improve, personalize, and expand our website
• Understand and analyze how you use our website
• Develop new products, services, features, and functionality
• Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the website, and for marketing and promotional purposes
• Send you emails
• Find and prevent fraud

Log Files

nexvio.ai follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services' analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users' movement on the website, and gathering demographic information.

Cookies and Web Beacons

Like any other website, nexvio.ai uses "cookies". These cookies are used to store information including visitors' preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users' experience by customizing our web page content based on visitors' browser type and/or other information.

Advertising Partners Privacy Policies

You may consult this list to find the Privacy Policy for each of the advertising partners of nexvio.ai.

Third-party ad servers or ad networks uses technologies like cookies, JavaScript, or Web Beacons that are used in their respective advertisements and links that appear on nexvio.ai, which are sent directly to users' browser. They automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or to personalize the advertising content that you see on websites that you visit.

Note that nexvio.ai has no access to or control over these cookies that are used by third-party advertisers.

Third Party Privacy Policies

nexvio.ai's Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt-out of certain options.

You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers' respective websites.

Shopify Specific Information

Our app integrates with the Shopify platform and adheres to Shopify's API requirements and data protection standards. Specifically:

• We only access data necessary for the functionality of our app
• We respond to data subject requests through Shopify's mandatory webhooks (customers/data_request, customers/redact, shop/redact)
• We delete merchant data upon app uninstallation in accordance with Shopify's requirements
• We do not use merchant or customer data for purposes unrelated to our app's functionality

Information Collected Through Shopify Integration

When you install our app on your Shopify store, we may collect:

• Your Shopify store's URL and Name
• Contact information of the store owner/administrator
• Product data and metadata
• Store configuration data

We do not collect, store, or process personal information of your customers (shop visitors or buyers) unless explicitly authorized by you for specific functionality requirements.

Integration for Slack

When you connect a Slack workspace to Nexvio, we receive workspace and app data from Slack so we can provide AI-powered responses inside Slack. We only access the data needed to operate the integration and follow Slack's privacy and security guidelines, including a zero-copy approach for the Agent or Assistant experience: we store only metadata and pull in data from Slack in real time when needed.

Information Collected Through Slack

When you install and use our integration for Slack, we may collect:

• Workspace and app information: Slack team/workspace ID and name, app ID, bot user ID, granted scopes, and flags that tell us whether the app is installed at the workspace or enterprise level.
• Authentication tokens: OAuth access tokens issued by Slack so our app can post messages and read events according to the scopes you approved.
• Metadata only (no message or file copy): For conversations where the Nexvio bot participates (for example when it is mentioned or in AI agent mode), we store only metadata such as session, channel, and thread identifiers. We do not store Slack message content or file content. We use message and file data from Slack in real time to generate AI responses and do not retain copies (zero-copy approach).

We do not use Slack data to train our own machine learning models or any third-party large language models. Slack data is only sent to AI providers as needed to generate responses to your prompts, under those providers' terms.

How We Use Slack Data

We use data received from Slack to:

• Authenticate your Slack workspace and maintain the connection
• Deliver AI-generated responses back into the correct Slack channel or thread
• Process messages and files in real time when you interact with the bot; we do not store copies of Slack message or file content
• Provide analytics and troubleshooting for your Nexvio account (for example, usage and error rates) using metadata only

How Long We Keep Slack Data

We keep Slack-related data only for as long as necessary to provide the service to you and to comply with our legal obligations:

• Workspace connection data and tokens: We retain Slack OAuth tokens and workspace metadata for as long as the integration for Slack remains connected in your Nexvio account. When you disconnect the Slack integration or uninstall our app from your Slack workspace, we disable the connection and delete associated tokens and connection configuration within 30 days.
• Metadata (no message or file storage): We do not store Slack message or file content. Any minimal metadata we retain (e.g. session or thread identifiers) is kept only as long as needed for the session or for a short period for troubleshooting, then deleted.
• Backups and logs: Only metadata may appear in system backups and application logs; we do not persist Slack message or file content. These are retained for a limited period (typically up to 90 days) for security, troubleshooting, and compliance purposes, after which they are automatically deleted or anonymized.

If your Nexvio account is closed, we delete or anonymize Slack-related personal data associated with that account within 30 days, subject to any longer retention that is required by law.

Your Choices and Rights for Slack Data

You can revoke our app's access to your Slack workspace at any time from the Slack admin interface. You can also request access to, correction of, or deletion of Slack-related personal data we store by contacting us using the details in the Contact Us section below. To request deletion of Slack-related data, you can email support at [email protected]. We will respond to your request in accordance with applicable data protection laws.

ChatGPT Integration

Nexvio integrates with OpenAI's ChatGPT through the Model Context Protocol (MCP). This integration allows you to interact with your AI chatbots, contacts, support tickets, analytics, and help documentation through ChatGPT and other MCP-compatible applications. This section explains what data is shared, what data is returned, and what data we explicitly protect.

Data Shared with ChatGPT

When you invoke Nexvio tools through ChatGPT, your requests are processed by OpenAI's systems before reaching our servers. The Nexvio ChatGPT integration receives only the specific parameters needed to fulfill your request, such as:

• Search queries (e.g., contact names, ticket keywords)
• Filter parameters (e.g., date ranges, status filters)
• Resource identifiers (e.g., agent IDs, contact IDs, ticket IDs)
• Content for creation or updates (e.g., new agent instructions, contact information updates, help article drafts)

We do not receive or store your full ChatGPT conversation history.

Data Returned to ChatGPT

The Nexvio ChatGPT integration returns data from your workspace to ChatGPT to display in your conversation. This data includes:

1. Agent (Chatbot) Information

• Agent names and display names
• Agent types (chat, voice)
• Agent status (enabled, disabled, online, offline)
• System prompts and greeting messages
• AI model configurations
• Public keys and public slugs (non-sensitive identifiers used for embedding widgets)

2. Contact Information

• Contact names, email addresses, and phone numbers (your customers' information)
• Company names and location data (city, state, country, postal code)
• Contact tags and custom fields (data you have added to your CRM)
• Source information (how the contact was created: widget, manual entry)
• Website URLs and last activity timestamps

Note: Contact data represents your business relationships (your customers and leads), not Nexvio user accounts.

We do NOT return: Social Security Numbers, dates of birth, Do Not Disturb settings, internal attribution tracking data, or internal account identifiers.

3. Conversation Analytics

• Total conversation counts and unique user counts
• Message volume statistics (total messages, incoming messages)
• Session status breakdowns (active sessions, completed sessions)
• Agent performance metrics (sessions per agent, unique users per agent)
• Time period summaries

All analytics are aggregated statistics. We do not return individual conversation transcripts or message-level data.

4. Support Ticket Information

• Ticket subjects, descriptions, status, and priority
• Ticket source (email, widget, phone)
• Requester names and email addresses (your customers who submitted tickets)
• Ticket tags and platform identifiers (e.g., Freshdesk, Zendesk)
• Creation and update timestamps

We do NOT return: Internal responder IDs (which would identify your support team members), internal group IDs, or internal product IDs.

5. Help Documentation

• Article titles, descriptions, and content (markdown format)
• Article status (draft, published)
• Category identifiers and public/private visibility settings
• Creation and update timestamps

6. Usage Metrics

• Billing period information (start date, end date, days remaining)
• Resource usage counts (AI responses used, contacts stored, chatbots created)
• Resource limits (based on your subscription plan)
• Usage percentages and warning levels
• Overage status and amounts

Data We Do NOT Return

The Nexvio ChatGPT integration is designed with privacy as a core architectural principle. We explicitly filter out sensitive information before returning data to ChatGPT through our comprehensive data sanitization layer. This filtering happens automatically on every single request. It cannot be disabled or bypassed.

1. Nexvio User PII (You and Your Team Members): Email addresses, names, phone numbers, user IDs, assignee IDs, and responder IDs that identify your team members
2. Credentials and Authentication: API keys, secret keys, OAuth credentials, voice provider credentials (Twilio, Vonage, etc.), integration authentication tokens, and service account passwords
3. Billing and Financial Information: Subscription IDs, payment information, billing addresses, credit card data, and invoice details
4. Internal System Data: Debug flags, internal configuration settings, system logs, error traces, and performance monitoring data
5. Sensitive Customer PII: Social Security Numbers, dates of birth, government-issued ID numbers, and Do Not Disturb preferences
6. Conversation Content: Individual conversation message transcripts and chat histories between your agents and customers (we only provide aggregated analytics)

Tools Available

The Nexvio ChatGPT integration provides 18 tools organized into five categories. All operations are scoped to your authenticated Nexvio workspace and only return data you own:

• Agent Management (6 tools): Test connectivity, create new AI agents, update agent instructions and settings, view agent configuration, and list all agents
• Analytics (3 tools): View usage metrics and billing information, get conversation analytics (counts, users, messages), and get agent performance metrics
• Contact Management (3 tools): Search contacts by name, email, phone, or company; get detailed contact information; and update contact information
• Help Documentation (3 tools): Search help articles by title or description, get full article content, and create new articles in draft status
• Ticket Management (3 tools): Get ticket statistics, list tickets with filtering and pagination, and update ticket status

OpenAI's Data Practices

Data shared through ChatGPT is also subject to:

• OpenAI's Privacy Policy
• OpenAI's Terms of Use

OpenAI may use data from ChatGPT conversations according to their policies and your ChatGPT account settings. Please review OpenAI's documentation for information about how they handle data in ChatGPT conversations.

CCPA Privacy Rights (Do Not Sell My Personal Information)

Under the CCPA, among other rights, California consumers have the right to:

Request that a business that collects a consumer's personal data disclose the categories and specific pieces of personal data that a business has collected about consumers.

Request that a business delete any personal data about the consumer that a business has collected.

Request that a business that sells a consumer's personal data, not sell the consumer's personal data.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.

GDPR Data Protection Rights

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service.

The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.

The right to erasure – You have the right to request that we erase your personal data, under certain conditions.

The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.

The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.

The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.

Children's Information

Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.

nexvio.ai does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Thus, we advise you to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately, after they are posted on this page.

Contact Us

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us.