Nerve Core
The Company AI Brain
 Home
Privacy

Privacy Policy

Last updated May 27, 2026

This Privacy Policy explains what information Nerve Core collects, how we use it, who we share it with, and the choices you have. It applies to nervecore.io, the Nerve Core platform, and related services.

1. Overview

Nerve Core ("Nerve Core," "we," "us," or "our") provides an AI visibility operations platform that scans, diagnoses, and ships structured assets to influence how AI assistants describe and recommend a business. This policy covers personal information we handle when you visit our website, join our waitlist, communicate with us, or use the Nerve Core platform as a customer or end user.

By using the site or the platform, you agree to the practices described here. If you do not agree, please do not use the site or the platform.

2. Who we are

Nerve Core is operated by the entity that owns nervecore.io (the "Company"). For privacy matters you can reach us at privacy@nervecore.io. Our mailing address is available on request.

For most processing activities, Nerve Core is the data controller (or, in the United States, the "business") for information collected through the public site and the waitlist. When we provide the platform to a business customer, Nerve Core acts as a processor (or "service provider") on behalf of that customer for customer data, and the customer is the controller. The customer's own privacy notice applies to its end users.

3. Information we collect

3.1 Information you provide directly

  • Waitlist signup. Email address, business URL, and any optional notes you submit.
  • Account and customer data. Name, business name, business URL, billing email, role, and account credentials when you sign up for the platform.
  • Customer content. Prompts, target keywords, business descriptions, brand assets, FAQ inputs, documents, podcast or article transcripts, and other content you submit so we can build the company brain and run scans.
  • Payment information. When we begin billing, payments are processed by a third-party payment processor. We do not store full card numbers on our servers.
  • Communications. Information you provide when you email us, fill out a form, request a demo, or talk to us in chat, on a call, or by SMS.

3.2 Information collected automatically

  • Device and usage data. IP address, browser type, operating system, referring URL, pages viewed, links clicked, session duration, and approximate location derived from IP.
  • Cookies and similar technologies. See our Cookie Policy for details.
  • Analytics. Aggregated traffic and product analytics through our analytics providers.

3.3 Information from third parties

  • Public AI assistant outputs. When we run a prompt battery against ChatGPT, Claude, Perplexity, Gemini, and similar assistants, we collect the public outputs those assistants generate. We treat any third-party brand mentions in those outputs as factual records of what the assistant said.
  • Public business data. Information available on a customer's public website, Google Business Profile, public directories, and citation sources that we use to diagnose recommendation gaps.
  • Partners and integrations. If you connect a third-party service to your account, we receive data from that service as you authorize.

4. How we use information

We use information to:

  • Provide, operate, and improve the platform and the site.
  • Build and maintain the customer's company brain and brain voice profile.
  • Run scans across AI assistants, diagnose recommendation gaps, generate capture assets, and report results.
  • Manage waitlist cohorts and contact members when their cohort opens.
  • Authenticate users, secure accounts, prevent fraud, and enforce our terms.
  • Process payments and manage subscriptions.
  • Communicate with you about the service, updates, security notices, and (with consent where required) marketing.
  • Develop new features, run internal research and analytics, and train and tune our internal models on de-identified or aggregated information.
  • Comply with legal obligations and respond to lawful requests.

We do not sell personal information for money. We do not use personal information to train public foundation models operated by third parties.

If you are located in the European Economic Area, the United Kingdom, or Switzerland, we process personal information under one or more of the following legal bases:

  • Contract. To provide the platform you have requested.
  • Legitimate interests. To operate, secure, and improve our service, prevent fraud, and conduct direct marketing to business contacts, balanced against your rights.
  • Consent. For non-essential cookies and certain marketing communications. You can withdraw consent at any time.
  • Legal obligation. To comply with applicable law.

6. How we share information

We share information with:

  • Service providers (subprocessors). Cloud hosting, database, email delivery, analytics, payment processing, customer support, and AI inference providers that help us operate the platform. See our Subprocessor List.
  • AI assistant providers. When we run prompts on your behalf, the prompt and related context are submitted to those providers under their own terms.
  • Customers. If you are an end user of a customer that uses Nerve Core, your information may be made available to that customer as the controller.
  • Professional advisors. Accountants, auditors, and lawyers bound by confidentiality.
  • Authorities. When required by law, regulation, legal process, or to protect rights, property, or safety.
  • Corporate transactions. In connection with a merger, acquisition, financing, or sale of assets, subject to confidentiality.

7. AI assistant platforms

A core part of Nerve Core involves submitting prompts to third-party AI assistants such as ChatGPT (OpenAI), Claude (Anthropic), Perplexity, and Gemini (Google), and processing the responses they return. We do this to identify recommendation gaps and to draft capture assets.

When we send prompts to these providers:

  • We follow each provider's applicable terms and use API tiers with no-training and data-retention controls where available.
  • We do not knowingly submit special categories of personal information (such as health data or government identifiers) in prompts.
  • Outputs from those providers are stored in our systems as part of your scan history.

AI assistant outputs are generated by third-party models and may be inaccurate, incomplete, or out of date. Nerve Core does not control and cannot guarantee what those models say about any business, ours or yours. See our Terms of Service for the full service disclaimer.

8. Cookies and tracking

We use cookies and similar technologies for authentication, security, preferences, and analytics. For a detailed breakdown, including how to control cookies, see our Cookie Policy.

9. Data retention

We retain personal information for as long as needed to provide the service, comply with legal obligations, resolve disputes, and enforce our agreements. Typical retention periods:

  • Waitlist data. Until you ask us to delete it, or up to 24 months of inactivity.
  • Customer account and content. For the duration of the subscription, plus a reasonable backup window after termination (typically up to 90 days), after which we delete or de-identify it on request.
  • Billing records. For the period required by tax and accounting law (typically 7 years).
  • Logs and analytics. Up to 24 months in identifiable form, then aggregated or deleted.

10. Security

We use administrative, technical, and physical safeguards to protect personal information. These include encryption in transit, encryption at rest for production databases, role-based access controls, least-privilege provisioning, secret management, and vendor diligence on subprocessors. See our Security Overview for more detail.

No system is completely secure. We cannot guarantee absolute security and we ask that you take care with your own credentials and shared content.

11. International transfers

Nerve Core is based in the United States. If you access the platform from outside the US, your information will be transferred to and processed in the US and other countries where we or our subprocessors operate. Where required, we rely on the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, or equivalent mechanisms.

12. Your rights

Depending on where you live, you may have the right to:

  • Access the personal information we hold about you.
  • Correct inaccurate information.
  • Delete personal information.
  • Restrict or object to certain processing.
  • Receive a portable copy of your information.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with a supervisory authority (in the EEA, UK, or your local regulator).

To exercise these rights, email privacy@nervecore.io. We may need to verify your identity before responding. If you are an end user of a business that uses Nerve Core, please contact that business first, since it is the controller of your data.

13. US state privacy rights

Residents of California, Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana, and other US states with comprehensive privacy laws have additional rights, including:

  • The right to know what personal information is collected, used, and disclosed.
  • The right to access and delete personal information.
  • The right to correct inaccurate information.
  • The right to opt out of the sale or sharing of personal information and out of targeted advertising.
  • The right to limit the use of sensitive personal information.
  • The right to be free from discrimination for exercising these rights.

Nerve Core does not sell personal information for money. We do engage in "sharing" or "targeted advertising" only when you have not opted out and only with vendors bound by contract. You can opt out at any time by emailing privacy@nervecore.io or by using the Global Privacy Control signal in your browser, which we honor as a valid opt-out request.

California residents may also designate an authorized agent to make a request on their behalf. Agents must provide written authorization, and we may verify the request directly with the consumer.

14. Children

Nerve Core is a business-to-business product. The platform is not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

15. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top and, where appropriate, notify you by email or through the platform. Your continued use after the changes take effect constitutes acceptance.

16. Contact us

Questions, requests, or complaints can be sent to privacy@nervecore.io.

Quick referenceData controller for site and waitlist: Nerve Core. Data processor for customer content: Nerve Core, acting on the customer's instructions. Email for all privacy matters: privacy@nervecore.io.