Privacy Policy

1. Introduction

This Privacy Policy describes how Neuralway Technologies Private Limited (“we,” “us,” “our”) collects, uses, and protects your personal information when you use ScopeKit (“the Service”), available at scopekit.neuralway.ai.

By using ScopeKit, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

• Account information: Name, email address, and password when you create an account.
• URL inputs: Website URLs you submit for analysis.
• Payment information: Processed securely by PayPal. We do not store credit card numbers or payment details directly.
• Branding assets: Logos and brand colors uploaded by Agency plan users.

2.2 Information We Generate

• Strategy briefs: AI-generated marketing strategy documents based on your URL inputs.
• Usage data: Number of briefs generated, features used, and account activity.

2.3 Information Collected Automatically

• Log data: IP address, browser type, operating system, referring URLs, and timestamps.
• Device information: Device type, screen resolution, and language preferences.
• Cookies: Session cookies for authentication and analytics cookies for service improvement.

3. How We Use Your Information

We use collected information to:

• Provide and maintain the ScopeKit service.
• Generate strategy briefs from submitted URLs.
• Process payments and manage your subscription.
• Send transactional emails (account confirmation, brief completion).
• Improve our AI models and service quality.
• Respond to support requests.
• Prevent fraud and abuse.

We do not sell your personal information to third parties. We do not use your generated briefs to train AI models without your explicit consent.

4. Data Storage & Security

Your data is stored securely on Amazon Web Services (AWS) infrastructure, primarily in the ap-south-1 (Mumbai) region. We implement industry-standard security measures including:

• Encryption in transit (TLS 1.2+) and at rest (AES-256).
• Secure password hashing using bcrypt.
• Regular security audits and vulnerability assessments.
• Access controls and principle of least privilege.

5. Third-Party Services

ScopeKit uses the following third-party services that may process your data:

• Amazon Web Services (AWS): Cloud infrastructure, data storage, compute services. AWS Privacy Policy
• PayPal: Payment processing. PayPal Privacy Policy
• OpenAI / Anthropic: AI model providers for brief generation. URLs and scraped content are sent to these providers for analysis. Data is not retained by these providers beyond the request lifecycle per their enterprise data policies.

6. GDPR Compliance

If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation (GDPR):

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate personal data.
• Right to Erasure: Request deletion of your personal data (see Section 7).
• Right to Data Portability: Request your data in a machine-readable format.
• Right to Object: Object to processing of your personal data for certain purposes.
• Right to Restrict Processing: Request limitation of processing in certain circumstances.

Our lawful bases for processing are: performance of a contract (providing the Service), legitimate interests (improving the Service), and consent (marketing communications).

To exercise any of these rights, contact us at zero@neuralway.ai. We will respond within 30 days.

7. Data Deletion Rights

You may request complete deletion of your account and all associated data at any time by:

• Emailing zero@neuralway.ai with the subject “Data Deletion Request.”
• Using the account deletion feature in your Settings page.

Upon receiving a deletion request, we will delete your account, generated briefs, uploaded assets, and personal information within 30 days. Certain data may be retained in encrypted backups for up to 90 days, after which it is permanently purged.

We may retain anonymized, aggregated data that cannot identify you for analytical purposes.

8. Cookies

ScopeKit uses the following types of cookies:

• Essential cookies: Required for authentication and core functionality. Cannot be disabled.
• Analytics cookies: Help us understand how you use the Service. Can be disabled without affecting functionality.

We do not use advertising or tracking cookies.

9. Data Retention

We retain your data for as long as your account is active. If your account is inactive for more than 24 months, we may send a notice before archiving or deleting your data. Generated briefs are retained indefinitely while your account is active.

10. Children's Privacy

ScopeKit is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email at least 15 days before they take effect. The “Last updated” date at the top of this page indicates when the policy was last revised.

12. Contact Us

For questions, concerns, or requests related to your privacy, contact us at: