NedAI
Back to NedAI
Legal

Privacy Policy

Last updated: June 2026

NedAI is a product of Nedora SRL, Bucharest, Romania. We take data privacy seriously and comply with the EU General Data Protection Regulation (GDPR). This policy describes what data we collect, why, how we protect it, and your rights.

1. What data we collect

When you submit a demo request, we collect your name, work email address, phone number (optional), company name, industry, and company size.

When you subscribe to our newsletter, we collect your email address and your explicit consent.

When NedAI handles calls on behalf of our clients, we process caller data (voice, intent, and booking information) as a data processor under our clients' data controller responsibility.

2. How we use your data

Demo request data is used solely to prepare and conduct your demo session, and to follow up with you on the NedAI product.

Newsletter email addresses are used to send product updates, case studies, and AI insights. We send roughly twice per month.

We do not sell, rent, or share your personal data with third parties for marketing purposes.

3. How we protect your data

All personally identifiable information (PII) is encrypted at rest using AES-256-GCM encryption with per-subject keys. This means your data is encrypted before it reaches our database.

Emails are stored as HMAC-SHA256 hashes for lookup purposes; the plaintext email is separately encrypted and accessible only via authenticated server-side operations.

All data is stored on servers located within the European Union (Microsoft Azure, EU data centres), ensuring GDPR jurisdictional compliance.

We use role-based access controls and Row Level Security (RLS) to ensure that only authorised personnel can access your data.

4. Your rights under GDPR

You have the right to access, rectify, erase, restrict, or port your personal data at any time. To exercise any of these rights, contact us at privacy@nedora.co.

You have the right to withdraw consent for newsletter communications at any time, without affecting the lawfulness of processing based on consent before withdrawal.

You have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.

  • Right of access — request a copy of the data we hold about you
  • Right to rectification — correct inaccurate personal data
  • Right to erasure — request deletion of your data ("right to be forgotten")
  • Right to restriction — limit how we use your data
  • Right to data portability — receive your data in a machine-readable format
  • Right to object — object to processing based on legitimate interests

5. How long we keep your data

Demo request data is retained for 24 months from the date of submission, or until you request deletion.

Newsletter subscriber data is retained until you unsubscribe or request deletion. Unsubscribed records are marked as inactive and purged after 6 months.

Call interaction data processed by NedAI on behalf of clients is retained according to each client's data retention policy.

6. Cookies and analytics

We use Vercel Analytics for page view statistics. This service collects anonymised, aggregated data and does not use cookies or track individual users across sites.

We do not use advertising cookies or third-party tracking pixels on this website.

7. Contact us

For any privacy-related questions, data subject requests, or concerns, contact our data protection contact at: privacy@nedora.co

Nedora SRL · Bucharest, Romania · EU

Questions about this policy?

We're happy to explain anything in plain language. Email us or book a call.

privacy@nedora.co