Privacy Policy

Last Updated: April 7, 2026

1. Who We Are

NeuraBoard (“we,” “our,” “us”) provides an AI-powered business insights platform that helps users visualize data, track KPIs, plan strategies, and generate insights across their integrated tools. This Privacy Policy explains how we collect, use, store, and protect your information when you use our platform, integrations, and AI features. NeuraBoard is a product of Tomoor Labs LLC, registered in the United Arab Emirates.

2. Information We Collect

A. Account & Payment Information

Name, email address, and login credentials.

Workspace and team member details.

Payment information is securely processed through Stripe. We do not collect or store full payment details; all card data is handled directly by Stripe in accordance with PCI-DSS standards.

B. Integration Data (Including Google APIs)

Connecting Your Accounts

When you connect third-party services (e.g., Google Analytics, Google Ads, Search Console, Shopify, Meta), you are securely redirected to authenticate and grant permission via OAuth.

Data Access & Minimization

  • We only request access to the minimum data scopes required to provide our services.
  • Access is limited to read-only unless explicitly authorized by you.

Data Storage

  • We receive secure access tokens from the platform.
  • Tokens are encrypted and securely stored.
  • We never store your passwords.

Use of Google API Data

NeuraBoard's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

C. Usage Data

  • Dashboard activity (views, queries, exports).
  • Device, browser, and session data.

D. AI Interaction Data

When you use AI features:

  • Your prompts and relevant business data are processed via Google Gemini APIs.
  • Data is encrypted in transit.
  • We minimize and pseudonymize data where possible.

AI Data Usage Restrictions

  • Data processed through AI is used solely to generate responses within NeuraBoard.
  • We do not use your data to train generalized or external AI models.
  • We do not permit AI providers to use your data for training where such controls are available.

3. How We Use Your Information

We use your data to:

  • Provide, operate, and improve the platform.
  • Fetch and display analytics (traffic, conversions, performance metrics).
  • Generate dashboards, reports, and AI-powered insights.
  • Maintain security and prevent misuse.
  • Communicate product updates and support.

Google API Limited Use Compliance

We do not use data obtained from Google APIs to:

  • Serve advertisements.
  • Sell or share data with third parties for advertising purposes.
  • Train or improve generalized AI or machine learning models.

Internal Data Use

We may use anonymized and aggregated data strictly for internal analytics, system monitoring, and improving platform functionality. This data is not used to train external or generalized AI models.

4. Data Processing & Infrastructure

  • Data is automatically synced from connected platforms at regular intervals.
  • Data is processed to generate insights and reports.
  • Infrastructure is hosted on secure cloud services with AWS.
  • Encryption is applied both in transit and at rest.
  • We do not store personally identifiable information (PII) unless explicitly provided and authorized by you.

5. Reports & Insights

  • You can access your analytics at any time.
  • Reports can be generated and shared.
  • AI insights are optional and based only on your data.

6. Data Retention and Deletion

  • We retain data only as long as necessary to provide our services.
  • Older data may be automatically deleted after a defined period.
  • If you delete your account, all data is permanently removed within 30 days.
  • Backup data may persist in encrypted form for up to 30 days before deletion.

7. Data Security

We implement:

  • HTTPS/TLS encryption.
  • OAuth-based secure authentication.
  • Encrypted token storage.
  • Access controls and monitoring.

All integrations operate under read-only permissions unless explicitly authorized otherwise.

8. Third-Party Services

  • We integrate with third-party platforms (e.g., Google, Shopify, Meta).
  • Your data is accessed only on your behalf using your authorization.
  • We are not responsible for third-party data practices.
  • You may revoke access at any time.

9. Data Transfers

  • Data may be processed in AWS data centers located in the UAE, EU, or United States.
  • AI processing involves Google infrastructure.
  • We comply with applicable data protection laws (GDPR, CCPA, UAE Data Protection Law).

10. Your Rights

You have the right to:

  • Access or export your data.
  • Correct or delete your information.
  • Revoke integrations at any time.
  • Contact us for privacy-related requests at hello@neuraboard.ai.

11. Updates to This Policy

We may update this Privacy Policy periodically. Updates will be posted with a revised effective date.

12. Contact

For privacy-related inquiries: hello@neuraboard.ai