Privacy Policy

    Last Updated: July 14, 2026

    This Privacy Policy describes how Qoretx LLC ("Qoretx," "we," "our," "us") collects, uses, and protects your information when you use:

    Your access to and use of the Services is conditioned upon your acceptance of this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please discontinue use of the Services immediately.


    1. Information We Collect

    A. Information You Provide Directly

    We may collect the following types of information that you provide directly to us:

    • Name
    • Email address
    • Phone number
    • Billing address and payment-related details (processed via third-party payment providers)
    • Account profile information
    • Information submitted through forms, support requests, or onboarding flows

    B. Information Collected Automatically

    When you use the Services, we may automatically collect:

    • IP address
    • Device identifiers
    • Browser type and version
    • Operating system and device information
    • Usage information (pages viewed, time on site, actions taken)
    • Cookies and similar tracking technologies

    C. Information from Third-Party Integrations

    If you choose to connect, authenticate, or interact with third-party platforms (such as Facebook / Meta, Google, MLS/IDX providers, or other tools), we may receive:

    • Basic profile information (e.g., name, email)
    • Lead form responses (e.g., from Facebook Lead Ads or Instagram Lead Forms)
    • Authorization tokens or identifiers needed to provide the integration
    • Analytics, attribution, or marketing data (e.g., Meta Pixel events)

    We only receive information from third-party integrations to the extent that you authorize such sharing or as required to provide the Services.


    2. Facebook / Meta Data Compliance

    Our Services may integrate with Facebook / Meta products, including but not limited to Facebook Login, Facebook Lead Ads, Instagram Lead Forms, and Meta Pixel. When we receive data from Facebook / Meta ("Facebook Data"), we comply with Facebook's Platform Terms, Data Protection Terms, and other applicable policies.

    A. Limited Use of Facebook Data

    We use Facebook Data only for the purposes for which it was provided, including:

    • Delivering the Services you have requested (e.g., syncing lead information into your NeuroFlow account)
    • Authenticating your account or login through Facebook, if applicable
    • Providing analytics, reporting, and tools that you or your organization request

    We do not:

    • Sell Facebook Data
    • Share Facebook Data with unaffiliated third parties for their independent marketing or advertising
    • Use Facebook Data for any purpose not permitted by Facebook / Meta policies
    • Combine Facebook Data with other datasets for profiling or marketing without proper legal basis and user consent where required

    B. Security of Facebook Data

    Facebook Data is stored and transmitted using industry-standard security measures, including encryption in transit (HTTPS/TLS), access control, auditing, and secure infrastructure and monitoring practices.

    C. User Control of Facebook Data

    You may request that we:

    • Delete Facebook Data associated with you
    • Provide a copy of Facebook Data we hold about you where legally required
    • Disconnect Facebook integrations linked to your account

    You can make such requests by contacting us at support@neuroflowapp.com. We may need to verify your identity before acting on your request.


    3. Zoom Platform Data Compliance

    Our Services may integrate with Zoom Video Communications, Inc. ("Zoom") through the Zoom App Marketplace, including Zoom Phone, Zoom Meetings, and Zoom Team Chat. When you authorize Zoom in NeuroFlow, we receive and process data from Zoom ("Zoom Data") in compliance with Zoom's Trust Center, Zoom's Privacy Statement, and Zoom's API/SDK terms.

    A. Zoom Data We Receive

    When you connect your Zoom account, we receive only the data necessary to provide the integration:

    • OAuth access and refresh tokens (encrypted at rest)
    • Your Zoom user identifier, display name, and email address
    • The OAuth scopes you have granted
    • Phone call metadata when using the NeuroFlow dialer: the inbound or outbound phone number, call start and end timestamps, call direction, and call disposition codes you log
    • Meeting metadata when using the NeuroFlow meeting integration: meeting ID, topic, scheduled time, duration, and the join URL
    • Webhook event payloads delivered by Zoom for the above lifecycle events

    We do not receive or store call recordings, call audio, meeting recordings, meeting audio or video, chat message bodies, or any Zoom content beyond the metadata listed above.

    B. Use of Zoom Data

    We use Zoom Data only to deliver the integration features you have requested, including:

    • Authenticating your NeuroFlow account against your Zoom account
    • Surfacing inbound-call notifications in NeuroFlow with the matched contact's record
    • Placing outbound calls through the embedded Zoom Phone dialer in NeuroFlow
    • Logging call dispositions and meeting metadata against your NeuroFlow CRM records
    • Creating and tracking the lifecycle of Zoom Meetings scheduled from inside NeuroFlow

    We do not:

    • Sell Zoom Data
    • Share Zoom Data with unaffiliated third parties for their independent marketing or advertising
    • Use Zoom Data to train artificial intelligence or machine-learning models
    • Combine Zoom Data with other datasets for profiling beyond the operational use of the integration

    C. Security of Zoom Data

    Zoom Data is transmitted and stored using industry-standard security measures:

    • TLS 1.2 or higher for all communication between Zoom, NeuroFlow, and our backend infrastructure
    • AES-256 encryption at rest in our Supabase-hosted database (SOC 2 Type II)
    • HMAC-SHA256 verification of every webhook payload Zoom delivers, using a secret token we exchange with Zoom
    • Per-user OAuth scoping — tokens are issued to specific NeuroFlow users and never shared across users
    • Access controls, audit logging, and monitoring on the infrastructure where Zoom Data is persisted

    D. User Control of Zoom Data

    You may at any time:

    • Disconnect your Zoom account from NeuroFlow at Settings → Account → Voice Availability → Reconnect / Disconnect. Disconnection immediately invalidates your stored OAuth tokens.
    • Revoke NeuroFlow's access from your Zoom account directly at marketplace.zoom.us/user/installed.
    • Request deletion of Zoom Data we hold about you by emailing support@neuroflowapp.com. We will action requests within thirty (30) days, subject to identity verification.

    E. Retention of Zoom Data

    OAuth tokens are retained for the lifetime of the active connection and are deleted immediately on disconnect or on user deletion request. Call metadata and meeting metadata are retained for as long as the associated NeuroFlow CRM records exist, subject to your organization's data retention configuration. We honor Zoom's data deletion requirements when Zoom notifies us of an account-level uninstall via the standard app_deauthorized webhook event.


    4. Google User Data

    This section applies when you connect your Google Ads account to NeuroFlow using Google Sign-In. It supplements the rest of this Privacy Policy.

    A. What Google User Data We Access

    When you authorize the connection, NeuroFlow accesses data from your Google Ads account through the Google Ads API:

    • Keyword planning statistics (search volumes, competition metrics)
    • Your campaign, ad group, and ad data
    • Campaign performance metrics (impressions, clicks, conversions, spend)
    • Account identifiers needed to maintain the connection

    We also receive the OAuth tokens Google issues to authorize these requests. We do not access your Gmail, Google Drive, Google Photos, or any other Google service through this connection.

    B. How We Use Google User Data

    Your Google Ads data is used solely to provide user-facing features you operate yourself inside NeuroFlow:

    • Keyword research reports
    • Creation and management of your own advertising campaigns
    • Campaign performance dashboards
    • Marketing recommendations generated for you

    We do not use your Google user data for advertising targeting by us or anyone else, and we never sell it. Aggregated or anonymized Google user data is used only for the same purposes.

    C. Whether and With Whom We Share Google User Data

    Your Google Ads data is processed only by the infrastructure providers that host NeuroFlow (Supabase, Railway, and Netlify), acting as data processors on our behalf. When you use our AI-powered recommendation features, relevant keyword and performance data may be processed by Anthropic's Claude API to generate your recommendations; Anthropic does not use data submitted through its API to train its models. We do not transfer or sell Google user data to data brokers, advertising networks, or any other third parties, and we do not use it to develop, improve, or train generalized artificial-intelligence or machine-learning models.

    D. How We Protect Google User Data

    All Google user data is encrypted in transit using TLS and encrypted at rest. OAuth tokens are stored encrypted and are never exposed to your browser or to other customers. Access is restricted by organization-scoped access controls, so your data is visible only to authorized members of your own organization.

    E. Retention and Deletion

    We retain Google user data only while your Google Ads connection is active. When you disconnect your Google Ads account in NeuroFlow settings, we delete the stored OAuth tokens and stop all access immediately; associated Google-derived data is removed from our systems. You may also request deletion of this data at any time by contacting support@neuroflowapp.com, and you can revoke NeuroFlow's access directly at any time via your Google Account security settings.

    F. Limited Use Disclosure

    NeuroFlow's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.


    5. How We Use Your Information

    We use the information we collect for purposes including, but not limited to:

    • Providing, operating, and maintaining the Services
    • Creating and managing user accounts
    • Syncing leads and other data you request into the platform
    • Responding to inquiries, support requests, and feedback
    • Improving and optimizing the Services
    • Personalizing your experience, including via AI-driven features
    • Sending service-related communications (e.g., security, technical notices, updates)
    • Sending marketing and promotional communications where permitted by law and where you have not opted out of such communications
    • Detecting, preventing, and addressing fraud, security, or technical issues
    • Complying with legal obligations and enforcing our rights

    6. Automated Decision-Making and AI Features

    We may use automated processing, including artificial intelligence and machine learning, to support certain features such as lead scoring, intent-based marketing, recommendations, and workflow automations.

    These tools may be used to:

    • Assign a score indicating potential customer interest
    • Recommend follow-up actions
    • Help prioritize leads, tasks, or opportunities

    You may have the right to object to or opt out of certain automated processing depending on your jurisdiction. To do so, please contact us at support@neuroflowapp.com.


    7. How We Protect Your Information

    We use a variety of technical and organizational measures to protect your personal information, including:

    • Limiting the amount of information collected to what is necessary
    • Using SSL/TLS encryption for data transmission where appropriate
    • Maintaining access controls and authentication for internal systems
    • Maintaining and regularly updating security software and safeguards
    • Monitoring for intrusion and suspicious activity where appropriate
    • Securely disposing of data we no longer need
    • Employee training on security and privacy practices

    8. Cookies and Tracking Technologies

    We use cookies and similar technologies to operate and improve the Services, including for authentication, preference storage, analytics, and advertising/attribution.

    You can manage cookies through your browser settings. Some features of the Services may not function properly if you disable cookies.


    9. Information Retention

    We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, including:

    • To provide and maintain your account
    • To comply with legal obligations
    • To resolve disputes and enforce agreements

    Facebook Data is retained only as long as permitted under Facebook / Meta's terms and applicable law or until you request deletion, whichever occurs first, subject to legal retention requirements.


    10. Sharing and Selling of Personal Information

    We do not sell your personal information.

    We may share personal information with:

    • Service providers who assist in hosting, analytics, communications, payments, security, and other operations, under appropriate contractual safeguards.
    • Professional advisors, such as lawyers and accountants, where necessary for legitimate business purposes.
    • Authorities or third parties when required by law, legal process, or to protect the rights, property, or safety of Qoretx LLC, our users, or others.

    We do not share Facebook Data with third parties except as necessary to provide the Services and as permitted by Facebook / Meta policies.


    11. Children's Privacy

    The Services are intended for use by a general audience and are not directed at children under 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information.


    12. Your Privacy Rights

    Depending on your jurisdiction, you may have rights including:

    • The right to access personal information we hold about you
    • The right to request correction of inaccurate or incomplete data
    • The right to request deletion of your personal information
    • The right to withdraw consent to processing where we rely on consent
    • The right to restrict or object to certain processing
    • The right to data portability (where technically feasible)
    • The right to opt out of direct marketing communications
    • The right to object to certain automated decision-making or profiling
    • The right to lodge a complaint with a relevant supervisory authority

    Exercising Your Rights

    You may exercise your rights by contacting:

    Qoretx LLC — Privacy Team
    Email: support@neuroflowapp.com
    Address: 3200 N. Hayden Rd. Suite 210, Scottsdale, AZ 85251

    We may request information from you to verify your identity before fulfilling your request.


    13. Complaints & Accountability

    Qoretx LLC is responsible and accountable for our privacy practices. You may direct privacy questions, requests, and complaints to our privacy team:

    Email: support@neuroflowapp.com
    Address: 3200 N. Hayden Rd. Suite 210, Scottsdale, AZ 85251

    You may also have the right to lodge a complaint with your local data protection authority, including (where applicable) the Office of the Australian Information Commissioner, the Office of the Privacy Commissioner of Canada, or Quebec's Privacy Commissioner, in accordance with their procedures.


    14. Location of Data Processing

    All data processing activities undertaken by us primarily take place in the United States.


    15. Do Not Track

    Some browsers offer a "Do Not Track" ("DNT") feature. Our Services do not currently respond to DNT signals. You may use other tools and settings (such as cookie preferences) to manage tracking.


    16. Changes to This Privacy Policy

    We may update this Privacy Policy from time to time. Any changes will be posted on this page, and the "Last Updated" date at the top will be revised. Your continued use of the Services after such changes constitutes your acceptance of the updated Privacy Policy.


    17. Contact Us

    If you have any questions about this Privacy Policy or our data practices, please contact us at:

    Email: support@neuroflowapp.com
    Address: 3200 N. Hayden Rd. Suite 210, Scottsdale, AZ 85251