# NanthAI Edge Privacy Policy Last updated: March 7, 2026 This document mirrors the public privacy policy for NanthAI Edge at `https://nanthai.tech/privacy`. ## 1. What this policy covers This Privacy Policy applies to the NanthAI Edge mobile apps, related support operations, and backend services used to operate Edge. It covers information collected directly from users, information generated through app use, and information received when users connect external providers such as Google, Microsoft, Notion, or Apple Calendar. ## 2. Information we collect ### Account and identity information When users sign in, NanthAI Edge uses Clerk for authentication. This may include identifiers such as email address, account ID, session metadata, and basic profile information required to keep accounts signed in and secure. ### App content users create or store - Chats, messages, and related conversation metadata - Personas, persona images, persona settings, and avatar assets - Memories and memory embeddings when memory is enabled - Uploaded files, generated files, and file attachment metadata - Scheduled jobs, recurring prompts, execution history, and job settings - Model preferences, tool settings, and integration preferences ### Connected account and integration data If users connect third-party services, NanthAI Edge stores the minimum tokens, credentials, or connection metadata needed to use those integrations. Depending on provider, this may include access tokens, refresh tokens, expiry times, scopes, account email addresses, workspace identifiers, or connection status. For Apple Calendar, the current connection flow uses Apple Account email plus an Apple app-specific password for iCloud Calendar access. Those credentials are stored server-side so Edge can perform calendar actions until users disconnect or revoke the password in Apple Account settings. ### Diagnostics and device information NanthAI Edge may collect device tokens for notifications, app diagnostics, error logs, feature usage signals, and basic technical metadata needed for reliability, troubleshooting, and product improvement. ## 3. How we use information - Authenticate users and keep accounts secure - Deliver chat, persona, memory, file, and scheduled-task features - Connect to external providers users explicitly authorize - Run requested or scheduled user-facing actions across connected tools - Troubleshoot issues, provide support, and improve quality - Enforce product limits, entitlements, and anti-abuse controls ## 4. External services and processors NanthAI Edge relies on third-party services to operate. These include services such as Clerk for identity, Convex for backend data and functions, OpenRouter for model access when users connect it, Apple and Google for app store billing and platform services, and provider APIs such as Google, Microsoft, Notion, or iCloud when users connect them. Those providers process data under their own terms and privacy policies. ## 5. How connected provider data is used Connected provider data is accessed only when users explicitly connect a provider and use a related feature, such as a chat tool call, scheduled job, or provider-specific action. When users ask Edge to use a connected provider, provider responses may be: - Read by the app - Stored in backend records needed to complete the request - Included in context sent to the selected AI model through OpenRouter or another model provider This happens only to deliver requested features such as summarizing an email, drafting a reply, creating a calendar event, or updating a Notion page. ### Google Workspace data If users connect Google, Edge may access Gmail, Google Drive, and Google Calendar data required for enabled tools. This can include email content and metadata, file metadata and contents, and calendar event data. Google Workspace data is used only to provide or improve user-facing features requested inside Edge. NanthAI Edge does not sell Google user data and does not use it for advertising. Human access to Google Workspace data is limited to cases reasonably necessary for security, support, legal compliance, or user request/consent. ### Microsoft 365 data If users connect Microsoft 365, Edge may access Outlook mail, OneDrive files, and Microsoft calendar data needed for enabled tools. This data is used only to execute requested actions through chats or scheduled jobs. ### Notion data If users connect Notion, Edge may access pages, blocks, databases, and workspace metadata explicitly authorized through Notion's connection flow. This data is used only for Notion features users trigger in the app. ### Apple Calendar data If users connect Apple Calendar, Edge may access iCloud Calendar metadata and event content needed to list, create, update, or delete events on their behalf. The connection uses Apple Account email and an Apple app-specific password supplied by the user. ## 6. Payments and Pro features Purchases and refunds for paid features are handled through the platform stores (Apple App Store and Google Play). NanthAI Edge stores entitlement state needed to unlock or remove paid functionality. Certain paid features, including memory, may be disabled when Pro access is revoked. If Pro access is revoked or refunded, Edge may delete memory data associated with that paid feature. ## 7. Data retention and deletion Data is retained for as long as account operation or product usage requires it, unless longer retention is needed for security, legal, or operational reasons. - Chats, personas, files, and settings: retained until users delete them or delete account - Connected-provider tokens/credentials: retained until disconnect, revoke, or account deletion - Apple Calendar credentials: retained until disconnect, account deletion, or app-specific password revocation - Memory data: retained until deletion, account deletion, or Pro revocation-triggered purge - Some operational records: retained for limited periods for reliability/debugging Users can delete some data directly in app and can use in-app account deletion. For account/data deletion requests: `support@nanthai.tech`. ## 8. Security NanthAI Edge uses commercially reasonable technical and organizational measures, including secure authentication, backend access controls, and platform storage mechanisms. No internet/cloud system can guarantee absolute security. ## 9. User choices and revocation - Users choose whether to connect third-party services - Users can remove integrations inside app - Users can disable optional features such as memory where supported - Users can request account or stored-data deletion - Users can revoke provider access from provider account settings For Apple Calendar, access can be revoked by deleting the app-specific password in Apple Account settings. For Google, Microsoft, and Notion, access can be revoked in each provider's app permissions/account settings. ## 10. Sale, advertising, and training NanthAI Edge does not sell personal data. Connected-provider data is not used for advertising. Connected-provider data is processed only to deliver requested user-facing features. If such data is sent to an AI model provider selected by the user through OpenRouter or another model access layer, that provider's handling is governed by its own terms and policies. Use of information received from Google Workspace APIs adheres to the Google User Data Policy, including Limited Use requirements. ## 11. Children NanthAI Edge is not directed to children under 16 and does not knowingly collect personal information from children under 16. ## 12. Changes to this policy This policy may be updated as the product evolves. Material changes update the date at top of policy and may include additional in-app or support notice. ## 13. Contact Privacy questions, deletion requests, or support issues: `support@nanthai.tech`.