Privacy Policy

1. Who We Are

NexaDigital operates the Architect AI email automation service. This Privacy Policy describes how we collect, use, and protect information when you connect your Google account to our application.

Contact: albaraqagroupofindustries@gmail.com
Website: nexadigital.quantumnextdigital.com

2. Gmail Data We Access

When you connect your Gmail account, we request the following permissions via Google OAuth 2.0:

• gmail.readonly — To read your incoming unread emails for classification and reply generation.
• gmail.send — To send AI-generated replies on your behalf directly from your Gmail account.
• gmail.modify — To mark emails as read after they have been processed and replied to.
• userinfo.email / userinfo.profile — To identify your Google account and display your name in the app.

3. How We Use Your Data

Your email data is used exclusively for the following purposes:

• Classifying inbound emails (Business Inquiry, Support, Newsletter, Spam) using the Groq AI API (Llama 3 model).
• Generating draft or automatic replies powered by AI, sent only through your Gmail account.
• Displaying email history and stats within your private dashboard.
• Tracking which emails have been replied to, pending, or skipped.

We do not use your email content for advertising, analytics, model training, or any purpose beyond direct automation on your behalf.

4. Data Sharing & Third Parties

We do not sell, rent, or share your personal data or email content with any third parties, except as follows:

• Groq API: Email subject and body text are sent to Groq (api.groq.com) solely to generate a reply. Groq's privacy policy applies: groq.com/privacy-policy.
• Google Gmail API: We communicate with Gmail APIs to fetch and send emails under your authorised OAuth token.
• Hostinger Hosting: Our application is hosted on Hostinger servers (EU-based). Your data is not accessed by Hostinger beyond standard hosting operations.

No other third parties receive your data. We do not integrate with ad networks, analytics services, or data brokers.

5. Data Storage & Security

• Your Google OAuth access tokens and refresh tokens are stored encrypted in our MySQL database on Hostinger.
• Email subject, sender, and body (up to 2000 characters) are stored per email record to power the dashboard view.
• All API communication uses HTTPS/TLS.
• No passwords are stored — authentication is entirely via Google OAuth 2.0.
• We do not store your full email thread history — only the emails processed by Architect AI are saved.

6. Your Rights & Data Deletion

You have the following rights regarding your data:

• Revoke Gmail access: Visit myaccount.google.com/permissions and remove "Architect AI / NexaDigital" at any time.
• Delete your account data: Email us at albaraqagroupofindustries@gmail.com with the subject "Delete My Data" — we will remove all stored records within 7 business days.
• Request a data export: You may request a copy of all data we hold about you at any time.

7. Cookies & Sessions

We use one session cookie to maintain your login state after Google OAuth authentication. This cookie:

• Contains no personally identifiable information beyond your session ID.
• Is cleared when you log out or when your browser session ends.
• Is not used for cross-site tracking or advertising.

8. Data Retention

Processed email records are retained in our database to power your dashboard, reply history, and AI improvement. You may request deletion of all records at any time (see Section 6).

OAuth tokens are refreshed automatically and stored only while you maintain an active account. Deleting your account removes all associated tokens immediately.

9. Contact Us

10. Changes to This Policy

We may update this Privacy Policy when our practices change. We will update the "Last Updated" date at the top of this page. Continued use of the application after any changes constitutes acceptance of the updated policy.