Security & privacy
Connected AI work, with clear data boundaries.
Nurii is built around scoped connectors, encrypted credentials, selected resources, permission checks, and reviewed writes so teams can use AI across tools without giving it unnecessary access.
Scoped access
Nurii works from the apps, files, calendars, channels, properties, sites, and member-owned accounts your team authorizes.
Encrypted credentials
Connector credentials are stored in a private credentials store and encrypted before storage using AES-256-GCM.
Reviewed action
Supported updates are designed so people can review important changes before they reach connected tools.
Access model
Nurii starts from what your team intentionally connects.
The product is designed for operational context, not unlimited access. The exact data Nurii can use depends on the integration, selected resources, member permissions, and approved workflows.
Organization and member boundaries
Shared organization connections, individual member connections, team membership, and permissions shape which data Nurii can use.
Selected files and resources
Google Drive files are used when selected, and supported connectors can be limited to approved calendars, properties, channels, sites, portals, or workspaces.
Context-aware AI processing
AI chat, dashboards, automations, Knowledge, and memory use the context needed for the workflow instead of treating every connected source as open-ended access.
Human review for supported updates
Nurii can prepare updates and follow-up work, but supported changes route through an approval path before execution.
Data handling
What Nurii stores and protects.
Nurii keeps the information needed to provide AI chat, dashboards, automations, approved actions, Knowledge, memory, billing, support, and security.
Account, organization, membership, role, billing, trial, and demo scheduling information.
Connector metadata, selected resource settings, encrypted credentials, synced records, and provider identifiers.
AI chat, dashboard, automation, Knowledge, file, memory, approval, action history, and audit content.
Operational logs, diagnostics, security events, and support communications needed to run the service.
Security implementation, in plain English.
A practical look at how Nurii limits access, protects credentials, and keeps important changes reviewable.
Authentication
Supabase authentication protects app access, with organization membership and route-level checks shaping product access.
Credential storage
Connector credentials are encrypted using AES-256-GCM before being written to the private credentials store.
Transport and storage
Nurii uses TLS in transit and relies on hosting and database providers that support encryption at rest.
Connector boundaries
Supported connectors use selected resources, server-side checks, member ownership, or organization permissions to limit data reach.
Webhook and API safety
Provider webhooks and API surfaces use controls such as signature verification, explicit CORS, rate limits, and server-side validation.
Monitoring
Nurii uses diagnostic monitoring for reliability while avoiding secrets and unnecessary payloads in logs.
Privacy controls should be visible, not buried.
Teams can manage connections, permissions, memories, chat history, files, and support requests from the product or by contacting Nurii.
No data sales
Nurii does not sell personal information or use customer content for advertising.
Disconnect paths
Authorized users can disconnect integrations, revoke access, and request data deletion according to the Privacy Policy.
Approval and auditability
Action proposals, delivery history, and audit records help teams understand what happened and why.
Service provider clarity
Nurii lists core service providers and feature-specific providers so teams can review how data moves.
Service providers
Current service providers by role.
Some providers apply only when a feature is configured or used. Connected service providers are chosen by your team.
Infrastructure and data
- Supabase
- Render
- Vercel
Reliability and communications
- Sentry
- Resend
Billing and scheduling
- Stripe
- Calendly
AI and retrieval
- Cerebras
- Baseten
- xAI
- OpenRouter for configured model routes
- Voyage
- Exa when web search is used
Connected services you authorize
- Slack
- QuickBooks
- HubSpot
- Asana
- Notion
- Trello
- Mailchimp
- Planning Center
- Subsplash
- WordPress
- Stripe
Security FAQ
A few direct answers.
The short version for teams evaluating AI access, data boundaries, and approved action.
How does Nurii protect connected app data?
Nurii uses scoped connectors, selected resources, organization and member permissions, encrypted connector credentials, server-side validation, monitoring, and reviewed write paths to keep AI work inside authorized boundaries.
Does Nurii sell customer data or use it for ads?
No. Nurii does not sell personal information, rent customer data, or use customer content for advertising.
Can Nurii access every file in Google Drive?
No. Drive files are used when a connected member selects them for AI chat or related product workflows.
Can Nurii AI actions change connected systems automatically?
Supported write actions are designed to show people proposed changes for review before they run.
Where are connector credentials stored?
Connector credentials are stored in a private credentials store and encrypted before storage using AES-256-GCM.
Which service providers does Nurii use?
Nurii uses service providers for infrastructure, hosting, monitoring, email, billing, scheduling, AI inference, embeddings, retrieval, web search, and the connected services your team authorizes. The current categories are listed on this page and in the Privacy Policy.
Where can I read the full Nurii Privacy Policy?
The Privacy Policy explains data categories, AI processing, service providers, retention, disconnects, deletion, and user rights in more detail.
See what is happening. Move the work forward.
Connect your tools and give your team one AI workspace for answers, dashboards, automations, and approved actions with clear controls.