cuehq:

privacy policy.

last updated: 2026-05-31.

This Privacy Policy explains how Nxera Digital LLC, doing business as CueHQ (“CueHQ,” “we,” “us”), collects, uses, discloses, and protects personal information, and your choices and rights. CueHQ is based in the United States.

1. Scope and roles. This policy covers visitors to our websites, waitlist subscribers, and Account holders and their team members. Separately, the Service processes data about public third-party Platform content and the people who created it; where we process such data on a customer’s behalf, we act as a processor under the Data Processing Addendum and the customer’s instructions, and the customer is the controller.

2. Information we collect. You provide: account and contact details (name, email, password), business and brand information, website URL and social handles, competitor identifiers, knowledge-base files, drafts and edits, support messages, and payment details you submit to our payment processor. Collected automatically: usage and log data (actions, timestamps, pages, approximate location derived from IP), device and browser data, and cookie data per the Cookie Policy. From third parties and public sources: to provide the Service, we access publicly available Platform content and websites (your site and named competitor sites) through third-party data providers (such as Apify and TwitterAPI.io) and official Platform APIs. This content can include posts, comments, usernames, and other information the Platform makes public, which may include personal information of people who are not our users.

3. Categories under U.S. state law. For laws such as the CCPA/CPRA, in the past twelve months we may have collected: identifiers (name, email, account ID, IP); customer records and commercial information (subscription and transaction data, held by our processor); internet or network activity (usage and interactions); approximate geolocation (from IP); professional or business information (your brand and role); and inferences drawn to provide voice modeling and scoring. Sources are you, your devices, our providers, and public sources. We do not knowingly collect sensitive personal information and ask that you not submit it. We do not sell personal information for money.

4. How we use information. To provide, operate, secure, and improve the Service; to build brand voice models and generate scores and drafts; to authenticate users and process payments; to communicate about the Service and, with consent where required, to send marketing; to provide support; to detect and prevent fraud and abuse; to comply with law; and to create aggregated or de-identified data as described in our Terms.

5. AI and automated processing. We send certain inputs (such as your scraped site content, uploaded files, social samples, and opportunity context) to AI providers to generate voice models and drafts, under terms restricting their use to providing the service to us. The Service applies automated scoring to surface opportunities; these scores are estimates and do not produce legal or similarly significant effects about individuals. We do not use the substance of third-party Platform posts to train general-purpose AI models.

Cuederator communities. When you connect the cuederator to a Telegram group or Discord server, the Service processes messages posted in that community on your behalf: message text is used to detect questions, links, and suspected bad-faith content, to generate answers, and to keep activity records. Community members’ messages may be processed by our subprocessors, including Anthropic (AI generation). Telegram and Discord operate under their own terms and privacy policies. You are responsible for any notice or consent your community members require.

6. How we disclose information. We disclose to: service providers and subprocessors (hosting, database and authentication, payments, email delivery, AI generation, data providers, security and bot prevention); members of your own Account team; authorities or others when required by law or to protect rights, safety, or the integrity of the Service; and parties to a merger, financing, or sale of assets, including a future spinout of CueHQ. To the extent “sale” or “sharing” is defined broadly under certain laws, you may opt out as described in Section 11.

7. Subprocessors. Current subprocessors include Supabase (database, authentication, serverless functions), Vercel (hosting), Stripe (payments), Resend (email delivery), Anthropic (AI generation), Apify and TwitterAPI.io (social and web data), and Cloudflare (security and bot prevention). A current list is maintained as described in the Data Processing Addendum.

8. Retention. We retain personal information while your Account is active and as needed to provide the Service, then for a reasonable period for legal, accounting, security, and dispute-resolution purposes, after which we delete or de-identify it. Backups are purged on a rolling cycle.

9. Security and incidents. We use reasonable technical and organizational measures, including access controls, encryption in transit, and tenant isolation. No method is completely secure. If a breach affecting your personal information occurs, we will notify you as required by law.

10. International transfers. We are based in the United States and use providers that may process data in the U.S. and elsewhere. For transfers from the EEA, UK, or Switzerland, we rely on appropriate safeguards as described in the Data Processing Addendum, such as the Standard Contractual Clauses.

11. Your rights and choices. Subject to your location and verification, you may request access, correction, deletion, or a copy of your personal information; opt out of targeted advertising, sale, or sharing as those terms are defined by law; limit use of sensitive personal information; and withdraw consent. Submit requests to info@cuehq.social. We will verify your identity and may decline or limit requests as the law allows. You may use an authorized agent. If we deny a request, you may appeal by replying to our decision. We will not discriminate against you for exercising rights. You can unsubscribe from marketing using the link in any marketing email; we may still send service messages. EEA/UK note: our legal bases are contract performance, legitimate interests (operating, securing, and improving the Service, and processing public-source data for the purposes above), consent (where required, such as certain marketing and cookies), and legal obligation. You may complain to your supervisory authority.

12. Do Not Track. Some browsers send Do Not Track signals. There is no common standard, so we currently do not respond to them, but we honor recognized opt-out preference signals where required by law.

13. Third-party links. Our sites and the Service may link to third-party sites and Platforms we do not control. Their privacy practices are their own.

14. Children. The Service is for business and creator users aged 18 and older. We do not knowingly collect information from anyone under 18. Contact info@cuehq.social if you believe we have, and we will delete it.

15. Changes. We may update this policy and will update the effective date; material changes will be notified through the Service or by email.

Contact: Nxera Digital LLC d/b/a CueHQ, info@cuehq.social.