Privacy Policy

1. Introduction

Nahla.AI ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our project intelligence platform at nahla.ai.

2. Information We Collect

Account Information

When you create an account, we collect:

• Email address
• First and last name
• Company name (optional)
• Password (encrypted)

Project Files

When you use our service, you may upload:

• Project schedule files (.XER, .xlsx including MS Project exports)
• These files are processed to generate analytics and reports

Usage Data

We automatically collect:

• Browser type and version
• Pages visited and features used
• Date and time of access

3. How We Use Your Information

We use the information we collect to:

• Provide and maintain our service
• Process and analyze your project files
• Generate reports and visualizations
• Send important service updates and notifications
• Respond to your inquiries and support requests
• Improve our platform and develop new features

4. Data Storage and Retention

Project Files

Your uploaded project files (.XER, .xlsx including MS Project exports) are stored temporarily in secure AWS S3 storage and are automatically deleted after 30 days. We do not retain your raw project files beyond this period.

Reports and Analytics

Generated reports and analytics data may be stored to allow you to access your previous analyses. You can request deletion of this data at any time.

Account Data

Your account information is retained for as long as your account is active. You can request account deletion at any time by contacting us.

5. Data Security

We implement industry-standard security measures including:

• TLS 1.3 encryption for all data in transit
• AES-256 encryption for data at rest
• Secure AWS cloud infrastructure (SOC 2, ISO 27001 compliant)
• Regular security audits and monitoring

6. Third-Party Services

We use the following third-party services to operate our platform:

• Amazon Web Services (AWS) - Cloud hosting, storage, and infrastructure
• Anthropic (Claude AI) - AI-powered analysis and insights generation

These services have their own privacy policies and are bound by data processing agreements with us. We do not sell your data to any third parties.

7. Cookies

We use essential cookies only for authentication and session management. We do not use tracking cookies or third-party analytics services. No advertising cookies are used on our platform.

8. Your Rights

You have the right to:

• Access - Request a copy of your personal data
• Correction - Update or correct your account information
• Deletion - Request deletion of your account and associated data
• Export - Download your reports and analytics data
• Withdraw Consent - Opt out of non-essential data processing

To exercise any of these rights, please contact us at [email protected].

9. International Data Transfers

Our services are hosted on AWS infrastructure in the Asia-Pacific (Sydney) region. If you are accessing our services from outside Australia, please be aware that your data may be transferred to, stored, and processed in Australia.

10. Children's Privacy

Our service is not intended for users under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Email: [email protected]
• Website: nahla.ai/contact