Nocean

Privacy Policy

Last updated: January 5, 2025

Introduction

At Nocean, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered sales and customer success platform.

By using Nocean, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

Information We Collect

We collect several types of information from and about users of our platform:

1. Information You Provide to Us

We collect information that you voluntarily provide when you:

  • Register for an account (name, email address, company name)

  • Use our services (content you create, sales portals, deal rooms)

  • Contact our support team (support tickets, messages)

  • Subscribe to our newsletter or marketing communications

  • Participate in surveys or provide feedback

2. Information Collected Automatically

When you access our platform, we automatically collect:

  • Usage Data: Pages viewed, features used, time spent, click patterns

  • Device Information: Browser type, operating system, device identifiers

  • Location Data: IP address, approximate geographic location

  • Cookies and Tracking Technologies: Session data, preferences, analytics

3. Information from Third Parties

We may receive information from:

  • Authentication providers (Google, Microsoft) if you use SSO

  • CRM integrations (HubSpot, Salesforce) if you connect them

  • Payment processors (Stripe) for billing information

  • Analytics providers (Google Analytics, Mixpanel, Hotjar)

How We Use Your Information

We use the information we collect for the following purposes:

  • Provide, operate, and maintain our services

  • Process your transactions and manage your account

  • Send you important updates, security alerts, and support messages

  • Respond to your comments, questions, and customer service requests

  • Analyze usage patterns to improve our platform and user experience

  • Generate AI-powered content and recommendations

  • Detect, prevent, and address technical issues or fraudulent activity

  • Send you marketing communications (with your consent)

  • Comply with legal obligations and enforce our terms

AI and Data Processing

Nocean uses artificial intelligence to power several features of our platform:

  • AI Content Generation: We process your website content and product information to generate personalized sales portals

  • AI Agents: Our prospect-facing AI uses your content to answer customer questions

  • Analytics AI: We analyze engagement patterns to provide insights and recommendations

Important: Your proprietary business content and customer data are processed securely. We do not use your data to train public AI models or share it with third parties for their AI development.

Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

1. Service Providers

We share data with trusted third-party vendors who help us operate:

  • Cloud hosting providers (Vercel, AWS)

  • Database services (Vercel Postgres)

  • Analytics tools (Google Analytics, Mixpanel, Hotjar)

  • Customer support (Crisp Chat)

  • Payment processing (Stripe)

  • Email services (SendGrid, Postmark)

2. Integrations You Enable

If you choose to integrate third-party services (HubSpot, Salesforce, Slack, etc.), we will share relevant data with those platforms according to your integration settings.

3. Legal Requirements

We may disclose your information if required by law or in response to:

  • Valid legal processes (subpoenas, court orders)

  • Government investigations

  • Protection of our rights, property, or safety

  • Prevention of fraud or security threats

4. Business Transfers

If Nocean is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data is encrypted in transit (TLS/SSL) and at rest (AES-256)

  • Access Controls: Role-based permissions and multi-factor authentication

  • Regular Audits: Security assessments and vulnerability testing

  • Data Backups: Regular automated backups with encryption

  • Compliance: SOC 2 Type II, GDPR, and CCPA compliance standards

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

Data Retention

We retain your information for as long as necessary to provide our services and fulfill the purposes outlined in this policy:

  • Account Data: Retained while your account is active

  • Content: Retained until you delete it or close your account

  • Analytics Data: Aggregated data retained indefinitely

  • Backups: Retained for 90 days

  • Legal Hold: Data may be retained longer if required by law

When you close your account, we will delete or anonymize your personal information within 30 days, except where we must retain it for legal compliance.

Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

Data Rights

  • Access: Request a copy of your personal data

  • Correction: Update or correct inaccurate information

  • Deletion: Request deletion of your data (right to be forgotten)

  • Portability: Receive your data in a machine-readable format

  • Objection: Object to certain data processing activities

  • Restriction: Request limitation of processing in certain circumstances

Communication Preferences

  • Opt-out of marketing emails (unsubscribe link in every email)

  • Disable browser cookies through your browser settings

  • Adjust notification preferences in your account settings

To exercise these rights, please contact us at privacy@nocean.com. We will respond within 30 days.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

Types of Cookies We Use

  • Essential Cookies: Required for authentication and security

  • Functional Cookies: Remember your preferences and settings

  • Analytics Cookies: Track usage patterns (Google Analytics, Mixpanel, Hotjar)

  • Marketing Cookies: Measure campaign effectiveness

You can control cookies through your browser settings. Note that disabling cookies may limit certain features of our platform.

Third-Party Links and Services

Our platform may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

Children's Privacy

Nocean is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately so we can delete it.

International Data Transfers

Nocean is headquartered in the United States. If you access our services from outside the U.S., your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

We ensure that such transfers comply with applicable data protection laws through appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

  • Right to Know: What personal information we collect, use, and share

  • Right to Delete: Request deletion of your personal information

  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell data)

  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To submit a CCPA request, email us at privacy@nocean.com or call 1-800-XXX-XXXX. We will verify your identity before processing your request.

European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA) or the UK, you have rights under the General Data Protection Regulation:

  • Legal Basis for Processing: We process your data based on consent, contract performance, legal obligations, and legitimate interests

  • Data Protection Officer: Contact our DPO at dpo@nocean.com

  • Supervisory Authority: You have the right to lodge a complaint with your local data protection authority

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of material changes by:

  • Posting the updated policy on this page

  • Updating the "Last Updated" date at the top

  • Sending you an email notification (for significant changes)

Your continued use of Nocean after changes become effective constitutes your acceptance of the revised policy.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Nocean, Inc.

Email: privacy@nocean.com

Address: [Company Address]

Phone: 1-800-XXX-XXXX

We will respond to all legitimate requests within 30 days.