Version 2.0 · Last updated: 10 Jul 2026
Nuro CX OÜ ("Nuro CX", "we", "our", or "us") is a company registered in Estonia and is the data controller responsible for the personal data described in this policy. We provide an AI-powered, omni-channel contact-centre platform. We are committed to protecting your privacy and handling personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Estonian law.
For any privacy matter, contact us at privacy@nurocx.com.
We collect the following categories of personal data:
We use personal data to:
Under the GDPR (Article 6), we rely on the following legal bases:
Where Nuro CX processes communication content on behalf of a business customer, that customer is the controller and Nuro CX acts as a processor under a data processing agreement.
Your data is hosted on secure cloud infrastructure in the European Union (Google Cloud, Frankfurt — europe-west3). AI inference for messaging channels is performed on EU-resident infrastructure, and providers are configured not to train their models on your data. We implement appropriate technical and organisational measures — including encryption in transit and at rest, access controls, and regular security assessments — to protect personal data against unauthorised access, alteration, disclosure, or destruction.
We work with trusted sub-processors to operate the platform — for example cloud infrastructure, AI conversation and voice services, telephony/messaging connectivity, and workflow automation. Sub-processors are contractually bound to protect your data and to process it only on our documented instructions. A current list of sub-processors is available on request.
Some sub-processors may process data outside the European Economic Area (EEA). Where that occurs, we ensure an appropriate safeguard is in place — such as an adequacy decision or the European Commission's Standard Contractual Clauses (SCCs) — so that your data continues to receive a level of protection consistent with the GDPR.
We retain personal data only for as long as necessary to provide our services and fulfil the purposes described in this policy, or as required by law. Retention periods vary by data category and by the instructions of our business customers. When data is no longer required, we securely delete or anonymise it. You may request deletion at any time, subject to legal retention requirements.
Subject to applicable law, you have the right to:
To exercise any of these rights, contact privacy@nurocx.com. Where Nuro CX acts as a processor for a business customer, we will direct your request to the relevant controller.
If you believe we have not handled your personal data lawfully, you have the right to lodge a complaint with your local supervisory authority. Our lead supervisory authority is the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon), aki.ee. We would, however, appreciate the chance to address your concerns first — please contact us before doing so.
We use cookies and similar technologies to enable the platform to function, to analyse usage, and to improve our services. Essential cookies are necessary for the platform to operate. You can manage non-essential cookie preferences through your browser settings.
Our services are intended for business use and are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a minor, please contact us and we will delete it.
We may update this Privacy Policy from time to time. We will post the updated policy here, bump the version, and update the "Last updated" date. Material changes will be communicated where required.
If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:
Nuro CX OÜ
Email: privacy@nurocx.com
Website: nurocx.com