Privacy Policy

Native AI, Inc. Last updated: May 8, 2026

This Privacy Policy explains how Native AI, Inc. ("Native," "we," "us," or "our") collects, uses, discloses, and protects personal data when you visit our website at https://www.usenative.ai, communicate with us, or use our software-as-a-service platform and related services (collectively, the "Services").

This Policy applies to: (a) visitors to our website, (b) prospective customers and business contacts, and (c) authorized users of our customers ("Authorized Users"). Where we process personal data on behalf of our business customers ("Customers"), we act as a data processor; the Customer is the data controller and their privacy notice governs that processing.

1. Information We Collect

1.1 Information You Provide Directly

  • Contact information: name, business email, company name, job title, phone number, and any message you submit through our contact form or other communications.
  • Account information (for Authorized Users of the Services): name, business email, job title, company name, and authentication credentials.
  • Customer Data: content and data submitted to the Services by Customers and their Authorized Users.
  • Communications: sales inquiries, support requests, feedback, and survey responses.

1.2 Information Collected Automatically

  • Log data: when you use the Services, our servers automatically record information such as IP address, browser type, operating system, pages accessed, and timestamps. We use this data for security, troubleshooting, and service operation.

1.3 Information from Third Parties

  • Single sign-on providers (e.g., Google, Microsoft) when you log in via SSO.
  • Integrations you or your Customer connect to the Services.

2. How We Use Personal Data

We use personal data to:

  • Provide, operate, maintain, and improve the Services.
  • Respond to inquiries and provide customer support.
  • Authenticate users and manage accounts.
  • Send transactional communications about the Services.
  • Send business communications to prospective and existing customers (subject to your preferences and applicable law).
  • Detect, prevent, and address fraud, security incidents, and abuse.
  • Comply with legal obligations and enforce our agreements.

We may create aggregated or de-identified data and use it for our internal business purposes, including improving the Services. Such data does not identify any individual and is not considered personal data.

3. Legal Bases for Processing (EU/UK Users)

If you are located in the European Economic Area, United Kingdom, or Switzerland, we rely on the following legal bases under the GDPR/UK GDPR:

  • Performance of a contract: to provide the Services you have requested.
  • Legitimate interests: to operate, secure, and improve the Services, prevent fraud, and conduct B2B communications, balanced against your rights.
  • Consent: where required by law. You may withdraw consent at any time.
  • Legal obligation: to comply with applicable laws and regulatory requirements.

4. How We Share Personal Data

We do not sell personal data. We do not share personal data with advertising partners. We share personal data only with:

  • Service providers who help us operate the Services (such as hosting, email delivery, and authentication providers), bound by contractual data protection obligations.
  • Customers: if you are an Authorized User, we share data with the Customer that controls your account.
  • Professional advisors (lawyers, accountants, auditors) under confidentiality.
  • Authorities, where required by law, court order, or to protect rights, safety, or property.
  • Successors in the event of a merger, acquisition, financing, or sale of assets, with continued protection under this Policy.

Where a Customer specifically authorizes us in writing to use or share insights derived from their data, we will do so only in accordance with that authorization.

5. International Data Transfers

We are headquartered in the United States and process personal data in the U.S. and other countries where our service providers operate. When we transfer personal data from the EEA, UK, or Switzerland to a country not deemed adequate, we rely on appropriate safeguards, including the EU Standard Contractual Clauses and the UK International Data Transfer Addendum. A copy of these safeguards is available on request at privacy@usenative.ai.

6. Data Retention

We retain personal data for as long as needed to provide the Services and for legitimate business purposes such as compliance, dispute resolution, and contract enforcement. Specific retention periods depend on the type of data:

  • Contact form submissions and business inquiries: up to 24 months after our last interaction.
  • Account data: for the life of the account, plus 30 days after termination.
  • Customer Data: deleted or returned per the applicable customer agreement after termination.
  • Billing records: retained for 7 years to comply with tax and accounting obligations.
  • Backup copies: purged on a rolling 90-day cycle.

7. Your Rights

7.1 Rights of EU/UK Users (GDPR)

Subject to applicable law, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Request erasure ("right to be forgotten").
  • Restrict or object to certain processing.
  • Receive your data in a portable format.
  • Withdraw consent at any time, where processing is based on consent.
  • Not be subject to a decision based solely on automated processing, including profiling, that produces legal or similarly significant effects on you.
  • Lodge a complaint with your local supervisory authority.

7.2 Rights of California Residents (CCPA/CPRA)

California residents have the right to:

  • Know what personal information we collect, use, and disclose.
  • Request deletion of personal information, subject to exceptions.
  • Correct inaccurate personal information.
  • Limit the use of sensitive personal information.
  • Be free from discrimination for exercising your rights.

We do not sell or share personal information as defined under the CPRA.

7.3 How to Exercise Your Rights

To exercise any of these rights, contact us at privacy@usenative.ai. We will respond within the time required by applicable law (generally 30 days under GDPR, 45 days under CCPA). We may need to verify your identity before fulfilling your request. If you are an Authorized User, we will direct your request to the relevant Customer.

8. Security

We maintain administrative, technical, and physical safeguards designed to protect personal data, including encryption in transit (TLS 1.2+) and at rest, access controls, and incident response procedures. No system is completely secure, and we cannot guarantee absolute security of data transmitted to or from the Services.

9. Children's Privacy

The Services are intended for business use and are not directed to individuals under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us at privacy@usenative.ai and we will delete it.

10. Cookies and Analytics

Our website does not currently use cookies other than strictly necessary cookies required to operate the site. We use analytics services to measure aggregate website usage and performance. These services collect information such as page views, referrers, approximate location derived from IP, and Core Web Vitals on our behalf as a service provider. If we begin using cookie-based analytics or other non-essential cookies, we will update this Policy and, where required, request your consent.

11. Third-Party Links

The Services may contain links to third-party sites. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies.

12. Changes to This Policy

We may update this Policy from time to time. We will post the updated version with a new "Last updated" date and, for material changes, provide additional notice. Continued use of the Services after the effective date constitutes acceptance of the updated Policy.

13. Contact Us

Data Controller: Native AI, Inc. Address: 50 California Street, Suite 1500, San Francisco, CA 94111, United States Privacy contact: privacy@usenative.ai