How quickly can I set up Naxora?

Most businesses are live within 5 minutes. Upload your business info, configure your agents, and deploy across all channels instantly.

Does it really sound natural on phone calls?

Yes. Naxora uses state-of-the-art voice AI that handles natural conversation, understands context, manages interruptions, and sounds remarkably human.

Can I use my own AI API keys?

Absolutely. Naxora supports BYOK (Bring Your Own Key) for OpenAI, Anthropic, and other providers. Use our included AI or plug in your own.

What channels does Naxora support?

Phone/Voice, WhatsApp, SMS, Email, and an embeddable Web Widget. All channels are unified under one AI brain — no separate configurations needed.

Is there a free plan?

Yes! The Free plan includes 3 AI agents, 100 conversations per month, and the web widget. No credit card required. Upgrade whenever you're ready.

Can I pay with Bitcoin?

Yes. We accept Lightning Network and on-chain Bitcoin payments with a 10% discount on all paid plans.

How does the approval queue work?

You set autonomy levels per agent. For sensitive actions (refunds, cancellations), the AI queues them for your approval. You stay in control of what matters.

← Back to Naxora

Privacy Policy

Last updated: March 4, 2026

This Privacy Policy explains how Naxora (“we,” “us,” or “our”) collects, uses, discloses, and protects your information when you use our Service. We are committed to protecting your privacy and being transparent about our data practices.

Naxora operates as a sole proprietorship in the United States. For purposes of the EU General Data Protection Regulation (“GDPR”), we act as the data controller for account and billing data we collect directly. For business data you process through our software (customer conversations, knowledge bases, etc.), you are the data controller. Your data runs in an isolated container and we do not access it except for essential infrastructure maintenance.

1. Our Core Principle: Isolation & Privacy

Naxora is built with data isolation as a fundamental design principle:

Your business data, customer conversations, knowledge bases, and configurations run in your own isolated container with no cross-customer access.
We do not access, read, or view your business data except for essential infrastructure operations (backups, security patches, debugging at your request).
We never store conversation content outside your isolated environment.
If you use BYOK (Bring Your Own Key), your API keys are stored encrypted in your container and requests go directly to your AI provider — we never intercept or log them.
You have full ownership and control over all your business data at all times.
Sovereign Plan: For maximum privacy, our Sovereign plan runs entirely on your own hardware — we have zero access to your infrastructure.

2. Information We Collect

2.1 Information You Provide

Account Information: Email address, name, and password when you create an account
Billing Information: Payment method details processed through Stripe (we do not store full card numbers)
Support Communications: Information you provide when contacting our support team

2.2 Information Collected Automatically

Usage Analytics: Aggregate feature usage, conversation counts (not content), error reports, and performance metrics
Device Information: Operating system, app version, and device type
Log Data: IP address, browser type, access times, and referring URLs when visiting naxora.ai

2.3 Information We Do NOT Access

Conversation content between your AI agent and your customers
Your knowledge base or business documents
Your BYOK API keys (stored encrypted, never transmitted to us)
Your customers' personal information
Any data in your isolated container (except for essential infrastructure operations)

3. How We Use Your Information

To provide, maintain, and improve the Service
To process payments and manage subscriptions
To send service-related communications (billing confirmations, security alerts, product updates)
To provide customer support
To detect, prevent, and address fraud, abuse, or technical issues
To analyze aggregate usage patterns and improve our product
To comply with legal obligations

Legal Basis (GDPR): We process your data based on: (a) performance of our contract with you; (b) our legitimate interests in operating and improving the Service; (c) your consent where required; and (d) compliance with legal obligations.

4. AI Processing

Default AI Model: When using our default AI model (Anthropic Claude), conversation data is sent to the AI provider for processing. This data is transmitted in real-time and is not stored by us. Anthropic's data practices are governed by their own privacy policy. We use a commercial API agreement that prohibits the use of your data for model training.

BYOK Mode: When you use your own API keys, all AI requests go directly from your container to your chosen provider. We do not proxy, intercept, log, or have any visibility into these requests. Your API keys are stored encrypted within your isolated container.

5. Cookies & Tracking Technologies

Our website (naxora.ai) uses the following cookies and tracking technologies:

Essential Cookies: Required for authentication, security, and basic site functionality. Cannot be disabled.
Analytics Cookies: Help us understand how visitors interact with our website. We use privacy-focused analytics that do not track individual users across sites.
Preference Cookies: Store your settings and preferences (e.g., theme, language).

We do not use advertising cookies or sell data to advertisers.

6. Third-Party Services

We share limited data with the following third-party service providers:

Stripe — Payment processing. Receives billing information necessary to process transactions. Stripe Privacy Policy
Anthropic — Default AI model provider. Receives conversation data for processing (not stored). Anthropic Privacy Policy
DigitalOcean — Cloud infrastructure provider. Hosts isolated customer containers. DigitalOcean Privacy Policy
Analytics Provider — Receives aggregate, anonymized usage data
Email Service Provider — Receives email addresses for transactional emails (billing receipts, security alerts)

We do not sell, rent, or share your personal information with third parties for their marketing purposes. Ever.

7. Data Retention

Account Data: Retained for the duration of your account, plus 30 days after deletion to allow recovery
Billing Records: Retained for 7 years as required for tax and accounting compliance
Usage Analytics: Aggregated and anonymized data retained indefinitely; identifiable analytics data deleted after 24 months
Support Communications: Retained for 3 years after resolution
Server Logs: Retained for 90 days
Your Container Data: Stored in your isolated container — retention is entirely under your control. Deleted within 30 days of account termination.

8. Data Security

We implement industry-standard security measures to protect the data we do collect, including: encryption in transit (TLS 1.2+), encryption at rest for server-stored data, isolated containers per customer, regular security assessments, access controls and authentication, and secure coding practices. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

9. Data Breach Notification

In the event of a data breach affecting your personal information, we will: (a) notify affected users via email within 72 hours of becoming aware of the breach; (b) notify relevant supervisory authorities as required by applicable law (including GDPR requirements); (c) provide details about the nature of the breach, data affected, and steps we are taking; and (d) offer guidance on steps you can take to protect yourself.

10. Your Rights & Choices

10.1 All Users

Access: Request a copy of the personal data we hold about you
Correction: Request correction of inaccurate data
Deletion: Request deletion of your account and associated data. We will process deletion requests within 30 days. Note: some data may be retained for legal compliance.
Data Portability: Request your data in a machine-readable format
Opt-Out: Unsubscribe from non-essential communications at any time

10.2 European Users (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the GDPR, including: the right to restrict processing, the right to object to processing based on legitimate interests, the right to withdraw consent at any time, and the right to lodge a complaint with your local data protection authority.

10.3 California Users (CCPA/CPRA)

If you are a California resident, you have the right to: (a) know what personal information we collect, use, and disclose; (b) request deletion of your personal information; (c) opt out of the “sale” or “sharing” of personal information — we do not sell or share your personal information; (d) non-discrimination for exercising your CCPA rights. To exercise these rights, contact support@naxora.ai. We will verify your identity before processing requests.

11. International Data Transfers

Our servers are located in the United States. If you are accessing the Service from outside the United States, your account, billing data, and container data may be transferred to and processed in the United States. We ensure appropriate safeguards are in place for international data transfers, including Standard Contractual Clauses (SCCs) where required by GDPR.

12. Do Not Track Signals

Some browsers send “Do Not Track” (DNT) signals. There is currently no industry standard for how to respond to DNT signals. We do not currently respond to DNT signals, but we minimize tracking as described in our Cookies section. We do not engage in cross-site tracking.

13. Children's Privacy

Naxora is not directed at children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under the applicable age, we will promptly delete that information. If you believe a child has provided us with personal information, please contact us at support@naxora.ai.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and sending an email notification at least 30 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

15. Contact Us

For any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@naxora.ai
Website: naxora.ai
Data Protection Inquiries: support@naxora.ai (subject line: “Data Protection Request”)