Effective Date: February 27, 2025
This Privacy Policy explains how Nemroot Technologies LLC and its subsidiaries and affiliates (collectively, “Nemroot”, “we”, “us”, and/or “our”) collects, uses, and manages your personal information — meaning information that identifies or can be used to identify an individual — in connection with any services and products developed or provided by us. This includes our AI-powered lead management tools, messaging and communication platforms, website widgets, voice call services, vehicle inventory management, web and mobile applications, and any other services Nemroot may offer (collectively, the “Services”). Capitalized terms used but not defined in this Privacy Policy carry the meanings given in Nemroot’s Terms of Service.
This Privacy Policy applies to the following categories of individuals:
This Privacy Policy also covers visitors to our website (“Website”), which forms part of the Services. Throughout this Privacy Policy, “you” and “your” refers to you as the reader, and how we handle your personal information will depend on whether you are a Client, Authorized User, Lead, or Website visitor.
By using the Services or providing personal information to us, you acknowledge that your data will be processed in accordance with this Privacy Policy. We may revise this Privacy Policy periodically as described in the Updates to This Privacy Policy section below.
The personal information we gather depends on your relationship with us and how you interact with the Services. Some information is provided directly by you, while other information is collected automatically or obtained from external sources. Below is an overview of our data collection practices.
If you are a Client or an Authorized User, we collect personal information in connection with your subscription and use (or prospective use) of the Services, including:
During registration and onboarding, we may also collect additional business-related information such as business identification numbers and other relevant details. Payment information is collected and stored by our third-party payment processor.
If you are a Lead, we collect information through your interactions with our Services. This may include your use of our website widget, communication via SMS, email, phone calls, social media (such as Facebook, Instagram, or WhatsApp), or through third-party lead sources (such as TrueCar, CarGurus, CarsForSale, or AutoTrader). Depending on the Services used, we may collect:
When you visit our Website to browse, request a demo, or interact with our content, we may collect:
Additional information may also be gathered automatically when you visit our Website, as described below.
If you are a business partner seeking to integrate with Nemroot, we may collect your name and contact details as part of the integration process.
Certain information is gathered automatically whenever anyone uses our Services, regardless of whether you are a Client, Authorized User, Lead, or Website visitor.
We automatically record details about how you use our Services, such as traffic data, general location data, logs, communication records (including call timestamps, duration, completion status, and phone numbers involved), and resources accessed within the platform. We may also generate inferred or derived data, such as summaries of content processed by our AI features.
Client websites may embed the Nemroot website widget. When you visit a site with our widget installed, we receive certain information including the web page you visited and details about your device.
We collect information about the device and software used to access our Services, including your IP address, browser type, operating system version, phone carrier and manufacturer, device identifiers, mobile advertising identifiers, and push notification tokens.
If you choose to connect a third-party account (such as Google or social media accounts) to our Services, we may receive information from that provider, including profile information and account usage data. Please see Section 3 below for details specific to Google API Services.
Information collected automatically through cookies, web beacons, and similar technologies may include device details such as device type, model, and device ID; browser, language settings, and operating system; IP address; and browsing and usage activity, including referring domains and content interactions on our Services. See the Cookies and Tracking Technologies section for more details.
Depending on your relationship with Nemroot, we may also obtain personal information from third parties, including our marketing and service partners. We may also collect publicly available information about businesses from public search pages or social media channels.
We may receive or create de-identified information that can no longer reasonably be linked to a specific individual. We maintain such information in de-identified form and do not attempt to re-identify it unless required or permitted by law.
Nemroot’s use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
When you connect your Google account to the Nemroot platform, we may request access to the following Google user data:
We request only the minimum permissions necessary to provide the specific features you have chosen to enable. You can revoke access at any time through your Google Account permissions page.
Google user data accessed through our integrations is used solely to provide and operate the features you have explicitly requested. Specifically:
We do not sell, rent, or share Google user data with third parties except in the following limited circumstances:
We do not share Google user data with advertising networks, data brokers, or any other third party for commercial purposes.
Google user data is stored securely on Google Cloud Platform infrastructure located in the United States. We apply the following protections:
We retain Google user data only for as long as necessary to provide the Services or as required by applicable law. Upon account termination, or upon your request, Google user data is deleted from our systems within 30 days.
To request deletion of your Google user data, please contact us at support@nemroot.com with the subject line “Google Data Deletion Request.” We will confirm deletion within 30 days of receiving a verified request.
You may also revoke Nemroot’s access to your Google account at any time by visiting myaccount.google.com/permissions. Revoking access will disable Google-dependent features of the Services.
We use your personal information to deliver and improve the Services, manage our business operations, communicate with you, and for advertising and marketing purposes as permitted by law. The specific uses depend on which Services you interact with and your relationship with Nemroot.
We may use your personal information to:
We may use your personal information to:
See the Your Rights and Choices section for details on opting out of marketing communications.
We may use your information to communicate with you or provide requested information, such as sending service notifications and providing customer support; delivering newsletters and subscription content; and responding to feedback you have provided about our Services or, if you are a Lead, about a Client’s products and services.
We may use your personal information to enforce our Terms of Service and other legal rights; comply with our legal and regulatory obligations; detect, prevent, and investigate security incidents; identify and prevent fraud and other criminal activity; establish, exercise, and defend legal claims; and fulfill our contractual obligations.
Under certain circumstances, Nemroot may share the personal information it processes to deliver the Services and for other purposes described below.
We may share personal information with our Clients and their Authorized Users to operate the Services. If you are a Lead, Nemroot will share your personal information with the relevant Client as part of providing the Services — for example, when you use our website widget, communicate through our AI agent, or interact via any supported channel. This may include your contact details, lead information, and communication content.
If a Client connects Nemroot with other applications or platforms, we may share personal information with those third-party integration partners as instructed by the Client.
We may also share personal information with service providers who assist us in delivering the Services, including hosting, information technology, data analytics, and customer support providers. Personal information may be shared with our subsidiaries and affiliates solely to operate the Services.
Notwithstanding anything to the contrary in this Privacy Policy, SMS opt-in data, phone numbers, and any information collected for the purpose of SMS communications will not be sold, shared, rented, or transferred to any third parties, affiliates, or subsidiaries for their own marketing or advertising purposes.
No mobile information will be shared with third parties/affiliates for marketing/promotional purposes.
We may share personal information when we believe it is necessary to protect our rights or property; to enforce our Terms of Service or other applicable agreements; to investigate, detect, and prevent fraud and security breaches; for public safety and emergency services; and to comply with applicable law, regulation, legal process, or governmental request.
We may share personal information with a buyer or successor in the event of a merger, acquisition, restructuring, dissolution, or other sale or transfer of some or all of Nemroot’s assets, including as part of bankruptcy or similar proceedings where personal information is among the transferred assets.
Nemroot and certain third parties may use cookies, pixels, and other tracking technologies in connection with the Services and for the purposes described in this Privacy Policy.
A “cookie” is a small text file placed in your browser when you access our Services. We use both session cookies (which expire at the end of your visit) and persistent cookies (which remain on your device across visits) to deliver the Services. These may be first-party cookies set by us or third-party cookies set by partners such as Google Analytics. Other tracking technologies, such as pixels, tags, and embedded scripts, consist of small transparent image files or web code that record how you interact with websites and applications.
Nemroot may use these technologies to deliver and authenticate the Services; identify you and/or your device; remember your preferences; support personalization and targeted advertising; protect against fraud and unauthorized access; monitor and analyze the performance of the Services; and understand how you use the Services over time. We use web analytics services such as Google Analytics. You can opt out by downloading the Google Analytics opt-out browser add-on.
You can control or reject cookies through your browser settings. Please note that restricting cookies may limit your ability to use certain features of the Services. Nemroot does not "sell" personal information in the traditional sense. Depending on your location, you may be able to opt out of certain data practices through our cookie management tool or the "Do Not Sell or Share My Personal Information" option on our Website.
We retain personal information for as long as reasonably necessary to provide the Services and fulfill the purposes described in this Privacy Policy. This may include retaining data to comply with legal and regulatory obligations or to protect our interests.
When determining how long to retain personal information, we consider the nature, amount, and sensitivity of the data, whether we can achieve our objectives through other means, and our legal, regulatory, tax, and accounting obligations. Generally, we retain a Client’s data — including that of their Authorized Users and Leads — for the duration of our agreement with the Client, plus a reasonable period following termination.
We aim to provide you with meaningful choices regarding the personal information we process. Depending on your relationship with Nemroot, you may manage your information directly through the Services or by contacting us.
We rely on you to keep your account information accurate and up-to-date. If you are a Client or Authorized User, you may access, update, or correct your account information at any time by logging in. You may also contact us at support@nemroot.com to request access to, correction of, or deletion of personal information we hold about you. Please note that deleting all of your personal information may require closing your Nemroot account.
Clients who wish to manage Lead data that Nemroot processes on their behalf may submit a request by emailing support@nemroot.com. In certain cases, we may retain usage records for billing, troubleshooting, fraud prevention, or as required by law.
When we provide Services to our Clients, we generally act as a data processor on their behalf. This means that when we receive and process information about Leads (such as names, contact details, text messages, and call records), we do so under the Client’s instructions. If you are a Lead and wish to access, modify, or delete your personal information, please direct your request to the relevant Client.
We will respond to verified requests as soon as reasonably practicable and within the time required by applicable law. In certain circumstances, we may be unable to fully accommodate a request due to legal, contractual, or technical requirements.
We may send you marketing and promotional communications about our Services. You may unsubscribe from promotional emails via the unsubscribe link provided in such emails. To stop receiving marketing text messages from Nemroot, reply “STOP” to any Nemroot marketing text. Please note that you may still receive non-marketing, transactional, or account-related communications after opting out.
If you are a Lead, Clients may also send you marketing communications through the Services. Please follow the instructions in those messages or contact the Client directly to opt out.
For information about your choices regarding cookies and similar technologies, see the Cookies and Tracking Technologies section above.
We have implemented reasonable security measures designed to protect the information we maintain. These measures vary based on the sensitivity of the information we collect and process. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Where we have provided you (or you have selected) a password to access certain features, you are responsible for keeping this password confidential. We ask that you do not share your password with anyone. We strongly recommend that Clients enable multi-factor authentication.
This Privacy Policy applies solely to information Nemroot processes when you visit our Website or use our Services. Our Clients are independent businesses that maintain their own privacy practices and policies outside of their relationship with Nemroot. We are not responsible for the privacy policies or data practices of our Clients.
While using the Services or visiting our Website, you may encounter links to third-party websites or services not operated by Nemroot. We are not responsible for the privacy practices of those third parties, and we encourage you to review their privacy policies.
Our Services are not directed at children under the age of 13, and we do not knowingly collect or solicit personal information from children under 13. If you believe a child under 13 has provided personal information to us, please contact us as described in the Contact Us section so that we can take steps to remove the information from our systems.
Our Services are primarily hosted in the United States. If you access the Services from a region with different data protection laws, please be aware that your personal information will be transferred to the United States for processing. We (or our service providers) may also transfer data to other regions as needed. We utilize appropriate safeguards for international data transfers, including contractual arrangements where applicable.
Your use of the Services and provision of personal information constitutes your consent to the transfer and processing of your data as described in this Privacy Policy.
We may update this Privacy Policy from time to time. Any changes will be posted on this page, and the effective date at the top will be revised accordingly. If we make material changes to how we process personal information, we will notify Clients and Authorized Users by email to the primary email address on their account. You are responsible for ensuring we have a current, deliverable email address, and for periodically reviewing this Privacy Policy for any changes.
If you have questions about this Privacy Policy, our data processing practices, or our compliance with applicable privacy laws, please reach out to us:
If you have a disability or are assisting someone with a disability and are having difficulty navigating this Privacy Policy or related information, please contact us at support@nemroot.com for assistance.
