PRIVACY POLICY

Introduction

NeuroNest Inc. (dba Sellible) ("Sellible," "we," "us," or "our") provides AI-powered B2B SaaS solutions for sales enablement. This Privacy Policy explains how we collect, use, disclose, and protect information when organizations and their users interact with our services (the "Services"). This policy is intended for business customers located in the United States.

Data We Collect

• Business account information (name, business email, company, role).
• Billing and payment information (processed securely via third-party provider, e.g., Stripe).
• Uploaded training materials, sales decks, and simulation content.
• Service usage data (system logs, AI interactions, performance metrics).

How We Use Data

We use data to deliver, maintain, and improve the Services, ensure security and compliance, support billing and account management, and provide customer support. Data is not sold or shared with advertisers or unrelated third parties. Aggregated, anonymized data may be used for analytics and product improvement.

AI Processing & Responsible AI

Inputs provided to the Services (including conversation transcripts, role-plays, and training content) are processed securely to generate outputs. Such data is not retained by third-party AI model providers or used to train their models. Processing is transient and restricted to Sellible’s secure environment.

We are committed to Responsible AI practices: transparency of outputs, mitigation of bias, auditability of system interactions, and alignment with customer usage policies. Customers remain responsible for how they apply AI-generated outputs in their business context.

Sellible uses trusted third-party AI model providers to power specific product features. All interactions are encrypted in transit, processed solely for the purpose of fulfilling the request, and are not retained or used to train the providers’ models. These providers operate under strict contractual and technical controls consistent with the security and data protection standards described in this Policy.

Security & Data Handling

We maintain a robust security program designed to protect Customer Data confidentiality, integrity, and availability. Our controls align with industry best practices and are regularly reviewed and updated to address evolving threats and customer standards.

• Encryption: All data is encrypted in transit using TLS 1.2/1.3 and at rest using AES-256.
• Access Controls & Personnel Safeguards: Access is governed by role-based access controls (RBAC) following least-privilege principles. Personnel with access to Customer Data receive regular security and privacy training. Access rights are reviewed periodically.
• Segregation of Environments: Development, staging, and production systems are logically separated to prevent data leakage and unauthorized cross-access.
• Audit Logging & Monitoring: Access and system events are logged, protected from tampering, and monitored to detect anomalous activity. Logs are retained in accordance with internal policy and applicable requirements.
• Incident Response & Notification: We maintain documented incident response procedures covering identification, containment, remediation, and post-incident analysis. Customers will be notified of security incidents affecting their data within a reasonable timeframe where required by law or contract.
• Business Continuity & Disaster Recovery: Regular encrypted backups are performed and stored securely. Disaster recovery processes are tested periodically to help ensure continuity of service.
• Vulnerability Management: Regular vulnerability scans, penetration tests, and security reviews are conducted to proactively identify and remediate risks.
• Vendor Management: Subprocessors and third-party providers undergo security due diligence prior to engagement and are contractually bound to maintain equivalent or higher security standards.

These measures form the foundation of our program to safeguard Customer Data throughout its lifecycle and are continuously improved to meet evolving industry standards.

Subprocessors

You agree that Sellible may engage Subprocessors to process Customer Data in connection with providing the Services. We do so in three primary ways:

• Hosting & Infrastructure: to deliver secure cloud-based services.
• Product Features & Integrations: to support authentication, analytics, and service functionality.
• Service & Support: including Sellible affiliates or trusted service providers that assist in delivering customer support and operational services.

All Subprocessors are contractually required to adhere to data protection and security standards that are at least as protective as those described in this Policy. Sellible remains responsible for the performance of its Subprocessors.

We maintain a list of current Subprocessors and make it available to customers upon request. We will provide notice of material changes to Subprocessors as required by law or contract. Customers may raise reasonable objections to the engagement of a new Subprocessor, and we will work in good faith to address such concerns.

As our Services evolve, we may add or replace Subprocessors. Any new Subprocessors will be subject to the same or higher data protection and security standards outlined in this Policy. We will update the list of Subprocessors on our website or make it available upon request, and provide notice of material changes where required by applicable law or contract.

Data Retention & Deletion

Customer Data is retained only for as long as necessary to provide the Services or as required by law. Upon account termination, Customer Data will be deleted or anonymized within a commercially reasonable period, subject to backup retention for operational continuity. Customers may request data deletion at any time by contacting us at the address below.

Your Rights

If you are a user of our Services, you may request access, correction, export, or deletion of your information by contacting us at legal@sellible.ai. We will respond within a commercially reasonable timeframe in accordance with applicable U.S. laws.

Changes to this Policy

We may update this Privacy Policy from time to time. If material changes are made, we will provide reasonable notice by email or through the Services. The “Last Updated” date reflects the latest version.

Contact Us

For questions about this Privacy Policy or our data practices, please contact:

NeuroNest Inc. (dba Sellible)
Bronx, New York, USA
Email: legal@sellible.ai