Privacy Policy

Last updated: January 30, 2026

1. Introduction

Nudgey AI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our follow-up automation service (the "Service"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last updated" date of this Privacy Policy. Any changes or modifications will be effective immediately upon posting the updated Privacy Policy, and you waive the right to receive specific notice of each such change or modification.

2. Google User Data (Google APIs)

Nudgey AI integrates with Google services using Google OAuth to provide email follow-up features. This section explains what Google data we access, how we use it, what we store, and user controls.

2.1 What Google Data We Access

When you connect a Google account, we may request:

  • Basic account identity: openid, userinfo.email, userinfo.profile (used for sign-in and account linking)
  • Gmail sending access: gmail.send (used to send emails you configure from your Gmail account)
  • Gmail read-only access: gmail.readonly (used to display relevant threads/messages in the app and detect replies so sequences can stop/cancel)

2.2 How We Use Google Data

We use Google user data only to provide user-facing features in Nudgey AI, including:

  • Sending follow-up emails from your connected Gmail account based on workflows you configure
  • Displaying relevant email threads/conversation context inside the app
  • Detecting replies to prevent duplicate follow-ups and to stop/cancel future scheduled follow-ups

2.3 What We Store

We store the minimum necessary data to operate the integration, such as:

  • Your connected Google account identifier (e.g., email address)
  • OAuth tokens needed to maintain the connection (stored securely and encrypted)
  • Workflow configuration you create in Nudgey AI
  • Gmail message/thread IDs, timestamps, and conversation snippets for tracking follow-up sequences
  • We do not store complete email bodies or attachments from your Gmail

2.4 How We Share Google Data

  • We do not sell Google user data
  • We do not use Google user data for advertising or marketing targeting
  • We do not allow humans to read your Gmail data except with your explicit permission for customer support purposes
  • We may share limited data with our service providers solely to operate Nudgey AI (e.g., hosting, database, logging) under strict confidentiality and security obligations

2.5 Data Retention and Deletion

We retain Google connection data and any stored Gmail-related identifiers for as long as your account is active or as needed to provide the features above.

You can disconnect Gmail at any time in the app at: Settings → Integrations → Disconnect Google.

After disconnect:

  • We immediately revoke OAuth access tokens
  • Stored Gmail thread/message references are deleted within 30 days
  • Your workflow configurations are preserved unless you delete your account

2.6 User Controls and Revoking Access

You can revoke Nudgey AI's access at any time:

  • In-app: Navigate to Settings → Integrations → Disconnect Google
  • Google Account: Visit Google Account → Security → Third-party apps with account access and remove Nudgey AI

2.7 Security of Google User Data

We use reasonable administrative, technical, and physical safeguards to protect Google user data, including:

  • Encryption in transit using TLS/SSL protocols
  • Encryption at rest for stored OAuth tokens and sensitive data
  • Access controls and least-privilege access principles
  • Regular security audits and monitoring
  • Secure credential storage using industry best practices

2.8 Limited Use Disclosure

Nudgey AI's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Nudgey AI's use of Google user data is limited to the purposes described in this policy and to providing or improving user-facing features visible in Nudgey AI's interface. We do not use Google data for any other purpose.

3. Information We Collect

3.1 Personal Information

We collect information that you provide directly to us when you:

  • Create an account and register for our Service
  • Use our Service to send or schedule emails
  • Import or add contact information
  • Communicate with us via email, phone, or contact forms
  • Subscribe to our newsletters or marketing communications

This information may include:

  • Name, email address, and contact information
  • Account credentials (username and password)
  • Billing and payment information
  • Contact lists including names, email addresses, and any custom data fields you create
  • Email content, templates, and communication preferences
  • Profile information and preferences

3.2 Automatically Collected Information

When you access the Service, we automatically collect certain information about your device and usage, including:

  • IP address and browser type
  • Operating system and device identifiers
  • Pages viewed, links clicked, and features used
  • Time and date of access
  • Referring website addresses
  • Cookies and similar tracking technologies

3.3 Email Engagement Data

We collect data about how recipients interact with emails sent through our Service, including open rates, click-through rates, bounce rates, and unsubscribe actions. This data helps improve our Service and provides you with analytics.

4. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Service
  • Process transactions and send related information
  • Send administrative information, updates, and security alerts
  • Respond to your comments, questions, and customer service requests
  • Send you marketing and promotional communications (with your consent)
  • Monitor and analyze trends, usage, and activities
  • Detect, prevent, and address technical issues and security vulnerabilities
  • Personalize and improve your experience
  • Enforce our Terms of Service and protect our legal rights
  • Comply with legal obligations and regulatory requirements

5. Information Sharing and Disclosure

5.1 Service Providers

We may share your information with third-party service providers who perform services on our behalf, including:

  • Payment processing and fraud detection
  • Email delivery services
  • Cloud hosting and storage
  • Analytics and performance monitoring
  • Customer support tools

These service providers are contractually obligated to use your information only as necessary to provide services to us and are prohibited from using or disclosing your information for any other purpose.

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities, including to meet national security or law enforcement requirements, or to:

  • Comply with legal obligations, court orders, or legal process
  • Enforce our Terms of Service and other agreements
  • Protect the rights, property, or safety of Nudgey AI, our users, or the public
  • Detect, prevent, or address fraud, security, or technical issues

5.3 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Service of any change in ownership or uses of your personal information.

6. Data Security

We implement appropriate technical and organizational security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest using industry-standard protocols
  • Regular security assessments and vulnerability testing
  • Access controls and authentication mechanisms
  • Employee training on data protection and confidentiality
  • Incident response procedures and monitoring systems

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When determining the retention period, we consider:

  • The nature and sensitivity of the information
  • The purposes for which we process the information
  • Legal, accounting, or reporting requirements
  • Whether we can achieve those purposes through other means

When we no longer need your information, we will securely delete or anonymize it in accordance with our data retention policies.

8. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your information in a structured format
  • Objection: Object to processing of your information
  • Restriction: Request restriction of processing
  • Withdrawal of consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us using the information provided in Section 13. We will respond to your request within the timeframe required by applicable law.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your use of our Service. For detailed information about the cookies we use and your choices, please see our Cookie Policy.

10. Third-Party Links

Our Service may contain links to third-party websites and services that are not owned or controlled by Nudgey AI. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

11. International Data Transfers

Your information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. By using our Service, you consent to the transfer of your information to our facilities and to the third parties with whom we share it as described in this Privacy Policy.

12. Children's Privacy

Our Service is not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from children without verification of parental consent, we will take steps to remove that information from our servers.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us at:

Nudgey AI

Email: nudgeyai@gmail.com

Location: Ohio, United States

14. California Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

  • The right to know what personal information we collect, use, disclose, and sell
  • The right to request deletion of your personal information
  • The right to opt-out of the sale of your personal information (we do not sell personal information)
  • The right to non-discrimination for exercising your CCPA rights

To exercise these rights, please contact us using the information provided in Section 13.

15. GDPR Compliance

If you are located in the European Economic Area (EEA), you have certain rights under the General Data Protection Regulation (GDPR). We process your personal information based on the following legal grounds:

  • Contract: Processing is necessary to perform our contract with you
  • Legitimate interests: Processing is in our legitimate interests, such as improving our Service
  • Consent: You have given clear consent for processing for specific purposes
  • Legal obligation: Processing is necessary to comply with legal obligations

You have the right to lodge a complaint with a supervisory authority if you believe we have violated your rights under GDPR.