Privacy Policy (Website)

Privacy Policy for Nurau.com website

This Privacy Policy describes our policies on the collection, use, disclosure and retention of your personal information on www.nurau.com (the "Services"). By using the Services, you consent to the collection, use, transfer, storage, and disclosure of your information as described, subject to your rights under applicable laws.

 

This is the privacy policy for nurau.com only. A separate privacy policy is available for those who use our services.

 

Scope

This Privacy Policy covers personally identifiable information (“Personal Information”) collected when using the Services. It also covers Personal Information shared with or by our business partners, if applicable. It does not apply to third-party services we do not control, including third-party websites or applications linked to the Services. Review their privacy policies before use.

This Privacy Policy may be updated at any time and will be posted here at nurau.com.

 

Data Governance Policies

In compliance with Québec’s Law 25, we maintain data governance policies to ensure responsible handling of Personal Information. These policies cover collection, use, retention, disclosure, and protection of your data.

 

Information Collected

We collect information to personalize, improve, and operate the Services, as disclosed at collection (ie: via consent forms or pop-ups). We collect:

Account Information:

•    Examples are: name and email address when requesting a demo of our product or signing up for newsletters.

•    This information may identify you. We use it to manage accounts, send newsletters, or contact you for critical purposes (ie: account recovery). You may opt out of non-essential communications via your Account settings or email unsubscribe buttons.

User Content:

•    Not applicable at the moment.

Sensitive Personal Information:

•    Not applicable at the moment.

Financial Information:

•    Not applicable at the moment.

IP Address and Automatically Collected Data:

•    IP address, cookie data, browser information collected automatically.

•    Used to fight spam, personalize interactions, and analyze usage (e.g., click frequency). Aggregated data is anonymized for statistical purposes.

Email Communications:

•    Confirmation of email is opened to improve services.

Cookies:

•    Cookies identify your browser to enhance functionality. They do not contain Personal Information unless linked to an Account.

•    Manage cookies via browser settings. Disabling cookies may limit functionality.

Advertising Data:

•    Not applicable at the moment but ads may be served based on anonymized data (e.g., age range) or usage patterns. We do not share Personal Information with ad networks for external use.

Aggregate Information:

•    Statistical data derived from usage, not tied to individuals.

Legal Basis for Processing (GDPR Compliance)

For users in the European Union, our legal bases for processing Personal Information are:

•    Consent: For newsletters, marketing or sensitive data (ie: via checkboxes at sign-up).

•    Contract: To provide Services (e.g., account management).

•    Legitimate Interest: For improving services or fraud prevention, where privacy impacts are minimal.

•    Legal Obligation: To comply with Québec and Canadian laws.

How We May Share Information

a)     Public Information: User Content posted publicly (ie: comments). Not applicable at the moment.

b)     IP Address: IP addresses: shared privately with partners or service providers for security or analytics, not publicly disclosed.

c)     Shared With Your Consent: Only with your express authorization.

d)     Service Providers: Not applicable at this moment.

e)     Aggregate Information: If applicable, shared with partners for analytics, anonymized to prevent identification.

f)      Business Transfers: User information may be transferred in asset sales, acquisitions, or bankruptcy, subject to your rights.

g)     Legal Requirements: Disclosed to comply with laws, enforce policies, prevent fraud, or protect rights, per Québec’s Law 25 and PIPEDA.

h)     With Consent: You’ll be notified and may prevent sharing when required.

Cross-Border Data Transfers

Not applicable at the moment.

Automated Decision-Making

We do not use automated decision-making processes that may significantly affect you on nurau.com.

Data Retention

Personal Information is retained for 90 days or until no longer needed for the stated purposes. After this period, we destroy or anonymize data in accordance with Law 25. To request deletion, contact legal@nurau.com.

Privacy Impact Assessments

When required, we conduct Privacy Impact Assessments for high-risk processing activities (ie: cross-border transfers, automated decision-making) as required by Law 25, to ensure data protection.

 

Data Subject Rights

Under Québec Law 25, PIPEDA, GDPR, and CCPA, you have the following rights to:

•    Access: View your Personal Information by requesting a copy at legal@nurau.com.

•    Rectify: Correct inaccurate data at legal@nurau.com.

•    Delete: Request deletion at legal@nurau.com (subject to legal retention obligations).

•    Port: Receive data in a structured format for portability (request at legal@nurau.com).

•    Restrict: Request restriction of processing at legal@nurau.com

•    Object: Object to processing for certain purposes (ie: marketing) at legal@nurau.com.

•    Know (CCPA): Request details on data collected or shared (California residents, contact legal@nurau.com).

•    Do Not Sell (CCPA): Opt out of data sharing at legal@nurau.com

•    Notice at Collection (CCPA): We collect Account information (not applicable at this moment), User Content, IP addresses, cookies, and usage data for purposes like service delivery, personalization, and analytics. See above for details.

We verify requests to ensure authority. Responses are provided within 30 days unless extended by law.

Security Safeguards

We use industry-standard measures, including encryption, access controls, and secure storage, to protect Personal Information, per PIPEDA and Law 25.However, no system is fully secure. Unauthorized access or failures may compromise data. When applicable, you must protect your password and sign off after use.

Data Breach Notification

Incase of a breach posing a risk of serious harm, we will notify you and Québec’s Commission d’accès à l’information, per Law 25, using contact methods like email or Site notice. We assess harm based on data sensitivity and potential impact.

Changes to Privacy Policy

We may amend this Privacy Policy, notifying you on this Site. Continued use after changes constitutes acceptance.

Compliance with International Laws

We comply with applicable privacy laws, including GDPR, CCPA, and others, where users access the Services. Contact us at info@nurau.com to exercise rights under your local laws.

Privacy Officer Notice

Nurau Inc. has designated a Privacy Officer responsible for ensuring compliance with applicable privacy laws, including Quebec Law 25. If you have any questions or concerns regarding the collection, use, disclosure, or retention of your personal information, or if you wish to exercise your privacy rights, please contact our Privacy Officer using the contact information below:

Privacy Officer

Me. Ava Chisling, BA, BCL, LLB, 
Lawyer, 
Nurau Inc.
 3978 St-André, Montréal, Québec H2L 3W1 legal@nurau.com

We will respond to all inquiries promptly and in accordance with applicable laws

 

Contact

Nurau Inc., 3978 St-André, Montreal, Québec, H2L 3W1, Canada. Email: legal@nurau.com.

 

Updated: July 17, 2025

Questions?

Book a Demo
Home
About
Contact
Blog
Login
Research
Privacy Policy (Website)
Terms of Service
For Investor Relations, please contact investors@nurau.com
 © 2025 Nurau Inc. All rights reserved.
Book a Demo