Legal

Privacy Policy

We take your privacy seriously. This policy explains exactly what data we collect, why we collect it, and how we protect it.

Last updated: May 24, 2025

🚫No Data Selling
🔒End-to-End Encrypted
🇮🇳DPDP Act Compliant
You Own Your Data

1. Who We Are

AINurtura is an AI-powered lead automation platform operated by AINurtura Technologies Pvt. Ltd., a company incorporated in India. We provide a multi-tenant Software-as-a-Service (SaaS) platform that helps businesses across industries — including education, real estate, healthcare, finance, and more — capture, score, nurture, and convert leads using intelligent automation.

In this Privacy Policy, "AINurtura", "we", "us" and "our" refer to AINurtura Technologies Pvt. Ltd. "You" or "User" refers to any individual or organisation that accesses or uses our platform. "Tenant" refers to a business or organisation that has registered for an AINurtura workspace. "End User" refers to the leads and contacts managed within a Tenant's workspace.

2. Information We Collect

2.1 Account & Organisation Information

When you register for AINurtura, we collect:

  • Full name, username, and email address of the account holder
  • Organisation name, industry type, and workspace slug (unique subdomain identifier)
  • Mobile number (optional)
  • Job designation / role within your organisation
  • Billing information (processed securely by our payment partners — we do not store card numbers)

2.2 Lead & Contact Data (Tenant Data)

As part of using the platform, Tenants input and manage data about their leads and customers. This may include:

  • Names, email addresses, phone numbers, and addresses of leads
  • Lead source, campaign attribution, and channel data (WhatsApp, email, SMS, web form)
  • Lead scores generated by our AI scoring engine
  • Conversation history across WhatsApp, email, and SMS channels
  • Pipeline stage, task notes, and activity logs
  • Custom fields and tags created by the Tenant

This data belongs to the Tenant. AINurtura processes it solely to deliver the platform services as instructed by the Tenant.

2.3 Usage & Platform Data

We automatically collect certain technical and behavioural data when you use AINurtura:

  • IP address, browser type, device type, and operating system
  • Pages visited, features used, and time spent within the platform
  • API request logs and error reports
  • Session identifiers and authentication tokens (stored securely as HTTP-only cookies and hashed in our database)
  • Performance metrics to monitor platform health

2.4 Communication Data

When you contact our support team or respond to our communications, we retain those messages to resolve your queries and improve our service.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To create and manage your account and workspace
  • To provide, maintain, and improve the AINurtura platform and all its features
  • To run AI lead scoring — your lead data is processed by our rule-based and machine-learning models to generate priority scores
  • To deliver automation workflows — sending WhatsApp messages, emails, and SMS on behalf of the Tenant per their configured sequences
  • To generate analytics, dashboards, and reports within your workspace
  • To process subscription payments and manage billing
  • To send transactional notifications (password resets, plan renewals, workspace alerts)
  • To send product updates and feature announcements (you may opt out at any time)
  • To detect, investigate, and prevent fraud, abuse, or security incidents
  • To comply with legal obligations under Indian law and other applicable regulations

We do not use Tenant lead data to train generalised AI models, sell to third parties, or use for any purpose outside the scope of delivering services to that specific Tenant.

4. Multi-Tenancy & Data Isolation

AINurtura is architected as a multi-tenant platform. Each Tenant's workspace is logically isolated — your leads, pipelines, conversations, templates, and settings are accessible only to authorised users within your workspace. Our infrastructure enforces strict tenant-level access controls at both the application and database layers.

No Tenant can access another Tenant's data. Our team members may access Tenant data only when explicitly authorised by the Tenant (e.g. for support purposes), and all such access is logged.

5. Communication Channel Integrations

AINurtura integrates with third-party communication platforms to enable lead nurturing across channels:

  • WhatsApp Business API — messages are routed through Meta's API. Lead phone numbers and message content are transmitted to Meta in accordance with their Business API terms.
  • Email — outbound emails are delivered via configured SMTP providers or our email gateway. Delivery logs and open/click events are tracked.
  • SMS — messages are sent via integrated SMS gateway providers. Carrier data may be involved in delivery.

Tenants are responsible for obtaining appropriate consent from their leads before initiating communications via these channels. AINurtura provides the infrastructure; the Tenant determines what messages are sent and to whom.

6. AI Features & Automated Decision-Making

AINurtura's AI lead scoring engine analyses lead attributes — such as source, engagement level, demographic data, and historical interactions — to assign a priority score. This score helps sales teams focus on the most promising leads. Key facts:

  • Scoring is a recommendation tool, not a binding decision — humans always make the final call
  • Scoring weights and rules are fully configurable by each Tenant via Settings → Lead Scoring
  • No personal data is shared with external AI providers for scoring purposes
  • Tenants can disable AI scoring and use purely manual qualification

Workflow automation features allow Tenants to build sequences that trigger messages automatically. These automations act on behalf of the Tenant based on rules they configure. AINurtura does not autonomously decide what messages to send to any lead without Tenant configuration.

7. Data Sharing & Disclosure

We do not sell, rent, or trade your personal data. We may share data in the following limited circumstances:

7.1 Service Providers

We engage trusted third-party providers to operate our infrastructure (cloud hosting, database, email delivery, SMS gateways, payment processors). These providers process data only on our instructions and are bound by data processing agreements.

7.2 Legal Compliance

We may disclose data when required by law, court order, or government authority in India or other applicable jurisdictions, or when we believe disclosure is necessary to protect our rights, prevent fraud, or ensure the safety of any person.

7.3 Business Transfers

In the event of a merger, acquisition, or asset sale, Tenant data may be transferred as part of that transaction. We will provide notice before any such transfer and give Tenants the opportunity to export their data.

8. Data Retention

  • Account data is retained for the duration of your subscription and for up to 90 days after account closure, after which it is permanently deleted.
  • Lead and contact data within a Tenant's workspace is retained as long as the workspace is active. Tenants can delete individual records at any time.
  • Conversation history is retained for up to 2 years unless deleted by the Tenant.
  • Billing records are retained for 7 years as required by Indian tax regulations.
  • Platform logs and audit trails are retained for 12 months for security purposes.
  • Data export is available at any time via Settings → General. Tenants can download their full dataset in JSON or CSV format.

9. Security

We implement industry-standard security measures to protect your data:

  • All data in transit is encrypted using TLS 1.2+ (HTTPS)
  • Passwords are hashed using bcrypt — we never store plaintext passwords
  • JWT authentication tokens are short-lived and refreshed securely
  • Role-based access control (RBAC) limits what each user can see and do within a workspace
  • Database backups are encrypted and stored in geographically separate locations
  • Our infrastructure undergoes regular security reviews and vulnerability assessments
  • Access to production systems by AINurtura employees requires multi-factor authentication

While we take all reasonable precautions, no system is completely impenetrable. If you believe your account has been compromised, please contact us immediately at privacy@ainurtura.com.

10. Cookies & Tracking

We use cookies and similar technologies for the following purposes:

  • Authentication — an HTTP-only session cookie keeps you logged in securely
  • Tenant preference — remembers your workspace, theme, and currency settings
  • Analytics — aggregated, anonymised usage data to improve platform performance
  • Security — CSRF protection tokens

We do not use advertising cookies or cross-site tracking cookies. You can manage cookies through your browser settings. Disabling authentication cookies will require you to log in on every visit.

11. Your Rights

Under the Digital Personal Data Protection (DPDP) Act 2023 (India) and other applicable laws, you have the following rights with respect to your personal data:

  • Right to Access — request a copy of the personal data we hold about you
  • Right to Correction — request that inaccurate or incomplete data be corrected
  • Right to Erasure — request deletion of your personal data (subject to legal retention requirements)
  • Right to Data Portability — export your data in a machine-readable format at any time via Settings
  • Right to Withdraw Consent — withdraw consent for optional data processing (e.g. marketing emails) at any time
  • Right to Grievance Redressal — raise a complaint with our Data Protection Officer

To exercise any of these rights, contact us at privacy@ainurtura.com. We will respond within 30 days.

12. Children's Privacy

AINurtura is a business-to-business platform intended for use by organisations and adults aged 18 or above. We do not knowingly collect personal data from individuals under 18. If you believe a minor has provided data to us, please contact us and we will promptly delete it.

13. International Data Transfers

AINurtura primarily stores and processes data on servers located in India. If data is transferred to or processed in other countries (e.g. by our cloud infrastructure or communication partners), we ensure appropriate safeguards are in place through standard contractual clauses or equivalent mechanisms.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email and/or a prominent notice within the AINurtura platform at least 14 days before the changes take effect. Continued use of the platform after the effective date constitutes acceptance of the updated policy.

The date at the top of this page always reflects the most recent revision.

15. Contact Us & Grievance Officer

For privacy-related questions, requests, or complaints, contact our Data Protection Officer:

AINurtura Technologies Pvt. Ltd.

Grievance / Data Protection Officer

privacy@ainurtura.com

We aim to respond to all privacy requests within 30 calendar days.