Skip to main content
Legal

Privacy Policy

Last updated: February 1, 2026

1. Information We Collect

We collect information you provide directly, including your name, email address, company name, and payment information when you create an account or subscribe to our service. We also collect data from the third-party integrations you connect to NuMoon, such as financial transactions, customer records, and marketing campaign data.

2. How We Use Your Data

We use your data exclusively to provide and improve the NuMoon service:

  • Processing and displaying your business intelligence data
  • Generating AI-powered insights and recommendations
  • Sending service notifications and alerts
  • Improving our algorithms and product features
  • Processing payments and managing your subscription

3. Data Security

We implement industry-standard security measures including argon2id password hashing, encrypted OAuth tokens, role-based access control, and TLS encryption for all data in transit. Your integration credentials are encrypted at rest using AES-256 encryption. We conduct regular security audits and penetration testing.

4. Data Sharing

We do not sell your data to third parties. We do not share your business data with other customers. Your data is isolated through multi-tenant architecture with tenant_id filtering on every query. We may share anonymized, aggregated data for benchmarking purposes only if you explicitly opt in.

5. Data Retention

We retain your data for the duration of your subscription plus 30 days. Starter plans retain data for 90 days, Pro plans for 1 year, and Enterprise plans for unlimited duration. You can request full data deletion at any time through your account settings or by contacting support.

6. Third-Party Integrations

When you connect third-party services to NuMoon, we access only the data scopes you authorize through OAuth. We store OAuth tokens securely and use them solely to sync data on your behalf. You can disconnect any integration at any time, which immediately revokes our access.

7. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and all associated data
  • Export your data in standard formats (CSV, JSON)
  • Restrict processing of your data
  • Object to processing for specific purposes

8. Cookies

We use httpOnly, secure cookies for authentication (SameSite=Lax for CSRF protection). We do not use third-party tracking cookies. We use privacy-focused analytics to understand product usage patterns.

9. Contact

For privacy-related inquiries, contact us at privacy@numoon.ai or write to: NuMoon Inc., San Francisco, CA.