NeKu.AI Privacy Policy

Last Updated: June 19, 2025

This Privacy Policy explains how NeKuDos Technology (“NeKu.AI”, “we”, “us”, or “our”) collects, uses, and protects your personal data when you visit our website [https://neku.ai] and when you use the NeKu.AI platform available at [https://app.neku.ai] (collectively, the “Service”).

By using our website or the Service, you agree to the terms of this Privacy Policy.

1. Who we are

NeKu.AI is a B2B AI automation platform that connects SAP systems, n8n workflows, and large language models to create secure digital assistants for enterprise use.

Controller:
NeKuDos Technology
NEKUDOS TEKNOLOJİ LİMİTED ŞİRKETİ
2000 EVLER MAH. ÜNİVERSİTE ALANI KÜME EVLER KAPADOKYA TEKNOPARK NO: 13 İÇ KAPI NO: Z26 MERKEZ/ NEVŞEHİR, Türkiye
Email: [[email protected]]

If you have any questions about this Privacy Policy or how we process your data, you can contact us at the email address above.

2. Scope of this Privacy Policy

This Privacy Policy applies to:

  • Visitors of our marketing website [https://neku.ai]
  • Registered users of the NeKu.AI platform [https://app.neku.ai]
  • Individuals who interact with us via email or other communication channels

It does not apply to third party websites, services, or applications that we do not control.

3. Personal data we collect

We may collect and process the following categories of personal data:

3.1 Information you provide to us

  • Account information
    • Name and surname
    • Business email address
    • Company name
    • Role or job title
    • Password (stored in encrypted form)
  • Billing and subscription data
    • Plan selection and subscription details
    • Partial billing details as needed for invoicing
    • Payment status information (actual payment data such as credit card numbers are processed by our payment provider, Paddle, not by us)
  • Support and communication data
    • Content of emails or support tickets
    • Feedback, questions, or other messages you send to us
  • Data you send through the platform
    When you use NeKu.AI, you may send:
    • SAP queries, report parameters, or configuration data
    • n8n workflow data and execution results
    • Text prompts, documents, and other content that you choose to share with AI agents

You are responsible for ensuring that you have the right to process and share such data with us and with our service providers.

3.2 Information we collect automatically

When you use our website or platform, we may automatically collect:

  • Usage data
    • IP address
    • Browser type and version
    • Device information
    • Pages viewed and actions taken in the application
    • Date and time of visits
  • Log data
    • Technical logs for debugging and security
    • Error messages and performance data

3.3 Cookies and similar technologies

We use cookies and similar technologies to:

  • Maintain session and authentication
  • Remember your preferences
  • Improve performance and analytics

You can manage your cookie preferences through your browser settings. For more information, see our Cookie Policy (if applicable).

4. How we use your personal data

We use the data we collect for the following purposes:

  • To provide and maintain the Service
    • Create and manage your user account
    • Authenticate you when you log in
    • Run your workflows and AI interactions
    • Integrate with your SAP systems and n8n workflows based on your configuration
  • To process payments and manage subscriptions
    • Handle subscription creation, upgrades, downgrades, and cancellations
    • Work with Paddle as our payment provider and Merchant of Record
  • To communicate with you
    • Send important transactional emails such as account notifications and service updates
    • Respond to your support requests and questions
    • Send product updates and optional marketing communications (where permitted by law and your preferences)
  • To improve and secure our Service
    • Monitor usage and performance
    • Troubleshoot issues and improve user experience
    • Detect, prevent, and address security incidents or abuse
  • To comply with legal obligations
    • Maintain records as required by applicable laws
    • Cooperate with lawful requests from regulators or authorities

If you are in the European Economic Area or the United Kingdom, we rely on legal bases such as contract performance, legitimate interests, and compliance with legal obligations for processing your data.

5. AI models and data processing

NeKu.AI uses large language models and related AI services. When you send prompts, SAP related questions, or other content into the platform, this data may be processed by:

  • Our own infrastructure
  • Trusted third party AI providers, under data processing agreements

We use technical and organizational measures to protect the confidentiality of your data and restrict its use to providing the Service, improving performance, and ensuring security. We do not sell your data to third parties.

Customers remain responsible for the nature of the data they send to the platform and should avoid including unnecessary personal data or sensitive data where possible.

6. How we share your personal data

We do not sell your personal data. We may share your personal data with:

  • Payment provider (Paddle)
    Paddle acts as our Merchant of Record and processes billing and payment information. They may receive your name, email, and purchase details in order to complete the transaction and meet compliance obligations.
  • Hosting and infrastructure providers
    Cloud hosting, database, and logging providers that host our application and store data on our behalf.
  • Analytics and monitoring tools
    Providers that help us understand how the Service is used and maintain stability and security.
  • AI service providers
    When needed to process prompts, generate responses, or support model based features.
  • Professional advisors and legal authorities
    Where necessary to comply with legal obligations, enforce our rights, or respond to lawful requests.

All such third parties are only allowed to process your personal data in accordance with applicable laws and our instructions.

7. International data transfers

Your personal data may be stored and processed in countries other than your own. Where required by law, we implement appropriate safeguards for international transfers, such as:

  • Standard contractual clauses approved by the European Commission
  • Other legally recognized mechanisms

We take steps to ensure that your data remains protected in line with this Privacy Policy.

8. Data retention

We keep your personal data only for as long as necessary to:

  • Provide the Service
  • Fulfill the purposes described in this Privacy Policy
  • Comply with legal, accounting, or reporting requirements

In general:

  • Account and profile data are kept while your account is active and for a reasonable period after deletion, unless a longer retention period is required by law.
  • Log and analytics data are retained for a limited period required for security, diagnostics, and trend analysis.
  • Billing and transaction data are retained for the time required by applicable tax and accounting rules.

When data is no longer needed, we will delete or anonymize it.

9. Your rights

Depending on your location, you may have some or all of the following rights regarding your personal data:

  • Right to access your personal data
  • Right to rectify inaccurate or incomplete data
  • Right to erase your personal data
  • Right to restrict or object to processing
  • Right to data portability
  • Right to withdraw consent where processing is based on consent
  • Right to lodge a complaint with a supervisory authority

To exercise these rights, please contact us at [[email protected]]. We may need to verify your identity before responding to your request.

10. Security

We take reasonable technical and organizational measures to protect your personal data against:

  • Unauthorized access
  • Accidental loss or destruction
  • Alteration or disclosure

No system can be completely secure, but we continuously work to improve our security controls.

11. Children

Our Service is intended for business users and is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe that a child has provided us with personal data, please contact us so that we can delete the information.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top indicates when it was last revised. We will post the updated version on our website, and if the changes are significant, we may notify you via email or through the Service.

Your continued use of the Service after changes have been published means that you accept the updated Privacy Policy.

13. Contact us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, you can contact us at:

NeKuDos Technology
Email: [[email protected]]
Address: 2000 EVLER MAH. ÜNİVERSİTE ALANI KÜME EVLER KAPADOKYA TEKNOPARK NO: 13 İÇ KAPI NO: Z26 MERKEZ/ NEVŞEHİR, Türkiye