1. Scope and contact
This policy applies to Nerune's Web service. Contact [email protected] for privacy requests or [email protected] for general support.
2. Information we process
We may process account identifiers, email authentication data, age and country eligibility state, conversation messages, user-controlled memories, relationship progress, favorites, reports, notification preferences, security logs, usage records, and subscription records. Government identity, tax, and payout information must be submitted directly to the payment or KYC provider and is not collected through Nerune chat.
3. Why we process information
We process information to authenticate users, provide and personalize conversations, maintain optional memory, enforce safety and quotas, prevent abuse, send requested notifications, provide support, process privacy requests, maintain service reliability, and meet legal or accounting obligations.
4. Service providers
Current technical providers may include xAI for model processing, Supabase for authentication and data services, Railway for hosting, Cloudflare for DNS and edge protection, and Resend for transactional email. Creem remains the intended payment provider pending formal merchant approval. Provider roles, locations, and terms are reviewed before Production activation.
5. Your controls
You can review, edit, pause, or delete saved memories; export your account data; report a message; change notification preferences; and request account deletion from the privacy settings. After deletion, an old session must no longer provide account access. Contact [email protected] if the in-product controls are unavailable.
6. Retention and deletion
Nerune keeps information only as needed for the purposes above, security, disputes, and legal obligations. A deletion request removes or de-identifies user-owned application data through a tracked deletion job. Limited billing or audit records may be retained when legally required, without retaining chat content in billing records. Backup deletion timing depends on the active provider and will be disclosed before Production launch.
7. Security
Controls include signed sessions, least-privilege service credentials, row-level database protections, rate limiting, encrypted transport, secret rotation, audit records, and tested export and deletion flows. No Internet service can guarantee absolute security; report suspected security issues to [email protected].
8. International processing
Nerune is intended for users in multiple countries and uses service providers in different regions. Production availability and cross-border safeguards will depend on the user's location, the final processor contracts, and applicable law.