What we collect
Submitting information through any form on this site is entirely voluntary. You can read this website, browse our product information, and consume our marketing content without providing any personal information at all. If you choose to submit a form, you do so freely and by your own decision — you can decline to provide information at any point without consequence.
Three things, all of them ordinary for a marketing website.
Form submissions
When you fill in a form on this site — the Contact form, the Book-a-demo form, or the Partner intake form — we collect what you type. That typically includes your name, work email, company name, country, and the message you write. The Book-a-demo and Partner forms additionally collect job title and partnership type when you supply them. Every form submission also includes a Cloudflare Turnstile bot-check token so we can tell humans from automated abuse.
Analytics
Our hosting provider (Cloudflare) keeps edge request logs for diagnostic purposes for approximately 24 hours. We don’t operate a separate log store and don’t retain server logs ourselves.
We also use Google Analytics 4 to understand which pages and links visitors engage with. Google Analytics receives a pseudonymous identifier (a GA4 client ID stored in a first-party cookie), the page URL you’re viewing, your device and browser type, and the country your IP address resolves to. IP addresses themselves are anonymised by Google before storage.
We do not link Google Analytics events to your form submissions or to any identifying information, so we don’t have a direct way to look up “your” GA data on request. If you’d like to remove your analytics data, the most practical paths are:
- Clear the `_ga` cookie via your browser’s site-data settings, or
- Decline analytics via the “Cookie preferences” link in the Footer (this stops GA from setting cookies on future visits), or
- Send us your `_ga` client-ID (visible in your browser’s DevTools under Application → Cookies) through the contact form with topic “Privacy” — we’ll forward the deletion request through Google’s user-data deletion API on your behalf.
Cookies
The site uses only strictly-necessary cookies for visitors outside the European Union and the United Kingdom: a Cloudflare Turnstile cookie that protects forms from bots, and a Next.js session cookie that helps the site render correctly. We do not use cookies for marketing or cross-site tracking.
For visitors from the European Union and the United Kingdom, we show a consent banner on first visit. Until consent is granted, Google Analytics runs in cookieless mode (sending aggregated pings via Google’s Consent Mode v2 without setting any analytics cookies). If you accept analytics, GA4 sets a first-party _gacookie (Google’s own cookie) to track your session, and we set a small first-party cookie called nexora_consentto remember your choice for six months. You can revoke consent any time via the “Cookie preferences” link in the Footer.
How we use it
We use what you give us to do the obvious things: reply to your enquiry, follow up on a demo or partner conversation, schedule and run product walk-throughs, and keep the site running and secure. We use server logs to spot abuse and plan capacity.
We do not sell your personal information. We do not share it with marketing networks or advertising networks.
Who we share with
To respond to your enquiry and run our business, we share your information with the following categories of recipients:
- Regional sales partners— to help respond to enquiries in your region or handle local relationship management. Sales partners receive only what’s needed to respond to you (typically name, company, country, and the content of your message). They are bound by confidentiality and data-protection obligations under their contract with Nexora Labs.
- Customer-relationship management (CRM) and transactional-email providers — to log your enquiry, send you replies and acknowledgments, and keep a record of our correspondence. These providers process your information on our instructions under a data-processing agreement and cannot use it for their own purposes.
- Bot-protection, analytics, and infrastructure providers— to keep the site online, secure, and improvable. These providers receive minimal information necessary for their function (e.g. an IP address and request headers for bot protection; a pseudonymous client ID for analytics).
- Our technology partner ThinkerWave AI— the underlying Nexora Voice and Nexora Chat technology is provided under a reseller contract with ThinkerWave AITech. When you submit a form on this website, your form data is processed by Nexora Labs alone — it is NOT routed to ThinkerWave AI. ThinkerWave AI only processes data you’d send to a Nexora-powered agent during a live customer-service conversation if you become a customer.
- Legal and regulatory authorities— when required by law, court order, or to protect the rights, safety, or property of Nexora Labs or others.
We do not transfer your information to any other party for any other purpose without your consent.
International data transfers
Nexora Labs is based in New Zealand. Our service providers may be located in New Zealand, Australia, the European Union, the United Kingdom, India, or the United States. When your personal information moves outside your country, we take steps to ensure it remains protected:
- For information transferred from the European Union or United Kingdom, we rely on the European Commission’s Standard Contractual Clauses (or equivalent UK transfer mechanisms) and assess each transfer for adequacy.
- For information transferred from Australia, we ensure recipients are bound to standards consistent with the Australian Privacy Principles, particularly APP 8 on cross-border disclosure.
- For information transferred from California, we comply with the cross-border transfer obligations of the California Consumer Privacy Act, including contractual safeguards with recipients.
- For information transferred from New Zealand, we ensure recipients are bound to comparable safeguards to those required under the NZ Privacy Act 2020, consistent with Information Privacy Principle 12.
If you’d like more detail on the safeguards applied to a specific transfer, contact us via the form with the topic “Privacy”.
Your rights
Your rights depend on where you live when you submit information to us. We honor the strongest applicable standard.
If you’re in New Zealand, the Privacy Act 2020 gives you the right to ask what information we hold about you, the right to ask us to correct it if it’s wrong, and the right to complain to the Office of the Privacy Commissioner if you’re not happy with how we’ve handled your information.
If you’re in Australia, the Privacy Act 1988 and the Australian Privacy Principles give you the right to know what personal information we hold, the right to access and correct it, and the right to complain to the Office of the Australian Information Commissioner (OAIC).
If you’re in California, the California Consumer Privacy Act (as amended by the CPRA) gives you the right to know what personal information we have collected, the right to delete it, the right to correct inaccurate information, the right to opt out of any “sale” or “sharing” of your personal information (we don’t sell or share for cross-context behavioral advertising), and the right to non-discrimination for exercising these rights.
If you’re in the United Kingdom, the UK GDPR gives you the right to access, correct, erase, restrict use of, port, or object to specific uses of your personal information. You can also complain to the Information Commissioner’s Office (ICO).
If you’re in the European Union, the GDPR gives you those same rights and you can complain to your national data protection authority.
To exercise any of these rights, send us a request through the contact form with the topic “Privacy”. We aim to respond within thirty days of receiving the request — sooner where local law requires it.
Contact us about your information
The fastest way to reach us about your information is the contact form. Tell us what you need; we’ll route it to the right person.
If you’re not satisfied with how we’ve responded and you’re in New Zealand, you can refer the matter to the Office of the Privacy Commissioner at privacy.org.nz.
Last updated: 13 May 2026 · Version v1
We update this page as our data practices change. The most recent version is always at /privacy.