Legal
Privacy Policy
Last updated March 15, 2026. This policy explains how Nodebase collects, uses, stores, and discloses personal and business data across the platform.
What we collect
- Account information such as name, email, phone, billing details, and authentication records.
- Business configuration data such as listings, schedules, catalogues, templates, and workflow rules.
- Operational records such as conversation logs, action events, approvals, payment interactions, and uploaded verification assets where the customer enables those workflows.
How we use information
- To provide, secure, and improve Nodebase services.
- To operate AI employee workflows using the business context required for those workflows.
- To support onboarding, billing, abuse prevention, debugging, analytics, and lawful requests.
Data boundaries
Nodebase is designed so that customer business context is used to operate the relevant workflow rather than as unrestricted training material for unrelated public systems.
Access to stored information is restricted by role, system need, and legal obligation. Customers are responsible for configuring appropriate workflow boundaries in their own deployment.
Retention and KYC handling
- All imagery processed by Nodebase Eyes for KYC purposes is maintained securely in ephemeral storage and automatically wiped after identity extraction. We never train public models on your sensitive documents.
- We retain non-sensitive operational data for as long as reasonably necessary to provide the service and meet contractual obligations.
- We may disclose information to service providers where necessary to operate the service or comply with legal process.
If your rollout has privacy-sensitive requirements, involve us early.
The best time to design privacy boundaries is before the workflow is live.