Nurtureme CRM - Privacy Policy
Effective date: April 1, 2024
Nurtureme CRM ("us", "we", or "our") operates the Nurtureme CRM website (hereinafter referred to as the "Service").
Information Collection and Use
We collect several different types of information for various purposes to provide and improve our Service to you.
Types of Data Collected
Personal Data
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally identifiable information may include, but is not limited to:
- Email address
- First name and last name
- Phone number
- Address, State, Province, ZIP/Postal code, City
- Cookies and Usage Data
Use of Data
Nurtureme CRM uses the collected data for various purposes:
- To provide and maintain the Service
- To notify you about changes to our Service
- To allow you to participate in interactive features of our Service when you choose to do so
- To provide customer support
- To gather analysis or valuable information so that we can improve our Service
- To monitor the usage of the Service
- To detect, prevent and address technical issues
Disclosure of Data
Legal Requirements
Nurtureme CRM may disclose your Personal Data in the good faith belief that such action is necessary to:
- To comply with a legal obligation
- To protect and defend the rights or property of Nurtureme CRM
- To prevent or investigate possible wrongdoing in connection with the Service
- To protect the personal safety of users of the Service or the public
- To protect against legal liability
Security of Data
The security of your data is important to us but remember that no method of transmission over the Internet...
Retention and Deletion of Google User Data
Data Retention: We retain Google user data only for as long as necessary to provide our services and fulfill the purposes for which it was collected, unless a longer retention period is required by law.
User Control and Deletion Requests: Users can request the deletion of their Google user data at any time by contacting us through [insert contact method]. Upon request, we will delete the requested data within a reasonable timeframe, except where retention is necessary for legal, security, or operational purposes.
Automatic Deletion: Inactive user data may be automatically deleted after [specify timeframe], in accordance with our data retention policies.
Third-Party Sharing: We do not share Google user data with third parties except as necessary to provide our services or as required by law.
Compliance with Google Policies: We adhere to Google’s data use policies and guidelines, ensuring that data is handled securely and in compliance with all applicable regulations.
Use of Google Workspace APIs and AI/ML Model Training
Google Workspace APIs Usage: Nurtureme CRM does not use Google Workspace APIs or any data obtained from these APIs to develop, improve, or train generalized AI and/or ML models. We strictly use Google Workspace APIs for the sole purpose of providing the Service as described in this Privacy Policy.
Data Usage for AI/ML: We do not use the data provided through Google Workspace APIs to develop, improve, or train any AI or machine learning models, including generalized models or models for predictive analysis. All data used by Nurtureme CRM is used exclusively for the operation and improvement of the Service.
Commitment to Privacy: We are committed to maintaining the privacy and security of your data and strictly adhere to the guidelines set by Google for the handling of user data. Your data will never be used for AI/ML model training purposes without your explicit consent.
OAuth verification process: In order to protect your sensitive data during the OAuth verification process, we implement industry-standard security measures, including encryption of all data in transit and at rest, secure token handling, and role-based access control. We ensure that only the necessary data is collected during authentication and that you are fully informed about the permissions being requested. We also adhere to strict monitoring and audit practices to detect and prevent unauthorized access. You can revoke your consent at any time by accessing your account settings.
Google User Data Limited Use Compliance
The use of raw or derived user data received from Google Workspace APIs will adhere to the Google User Data Policy, including the Limited Use requirements.
Nurtureme CRM only uses access to read, write, modify, or control Gmail message bodies (including attachments), metadata, headers, and settings to provide user-facing features that are visible and prominent to users within the application.
We do not use Google user data for serving advertisements, including retargeting, personalized, or interest-based advertising.
We do not transfer Google user data to third parties except as necessary to provide and improve our services, comply with applicable laws, or as part of a merger, acquisition, or sale of assets.
We do not allow humans to read Google user data unless: (1) we have obtained your explicit consent for specific messages, (2) it is necessary for security purposes such as investigating abuse, (3) it is required to comply with applicable law, or (4) the data is aggregated and anonymized for internal operations.
Email accounts and Gmail / Google Workspace access
If you choose to connect a Google account (for example Gmail or Google Workspace mail) to NurtureMe, you will be asked to authorize Google OAuth access to your mailbox so that NurtureMe can provide email-related product features tied to your account only.
Scope we may request
Depending on integration and provider requirements, NurtureMe may request the Gmail-related scope identified by Google as
https://mail.google.com/, described by Google as permission to read, compose, send, and permanently delete email in the connected Gmail account.
Alternative or additional connection methods (such as SMTP/IMAP with app passwords or provider-specific OAuth) may be offered separately where applicable; disclosures for those methods appear in-product when you configure them.
How we use mailbox data
- Display recent mailbox messages in product areas such as Conversations and the Mail Box, so recruiting teams can review candidate-related email in context.
- Send email that you or an authorized teammate initiate from NurtureMe using your connected sending identity where that feature is enabled.
- Maintain a reliable mailbox connection compatible with operational requirements (including IMAP-aligned OAuth flows where the provider mandates this scope).
We do not use your mailbox content for third-party advertising, we do not sell your email contents, and we do not train generalized unrelated machine-learning models on the bodies of private messages solely for unrelated purposes. Access is limited to what is reasonably necessary to operate the features above and is subject to organizational access controls consistent with delivering the Service.
Why a broad Gmail scope may be requested
Narrower Gmail API scopes may suit read-only REST integrations, but do not always satisfy combined read/send workflows or mailbox connectivity that aligns with OAuth-based access patterns required for IMAP-compatible mailbox features.
Where we request https://mail.google.com/, it is limited to delivering the mailbox features described in this section for the accounts you explicitly connect—not for undisclosed secondary uses.
Retention, security, and your choices
Mailbox data processed through NurtureMe is protected in transit (for example TLS) and handled according to the rest of this Privacy Policy—including retention timelines, subprocessors where applicable, and your rights requests. You may disconnect Google access or revoke NurtureMe’s authorization at any time in your Google Account security settings; some product features may stop working until you reconnect or use another permitted connection method.
Last updated mail-scope disclosure: May 2026. If this section conflicts with the policy body above regarding email, notify us; we will reconcile the wording.