Nimbus Value, LLC | Effective Date: July 13, 2026 | Version 3.0
Nimbus Value, LLC, a Virginia limited liability company ("Nimbus Value," "we," "our," or "us"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our sales enablement platform (the "Service"). Please read this policy carefully.
Your use of the Service is also governed by our Terms of Service, which incorporate this Privacy Policy by reference. The Service is a business-to-business product intended for use by organizations and business professionals; it is not directed to consumers acting in a personal capacity.
Where we rely on your consent (for example, when you accept this policy at account registration or authorize a Google Calendar connection), we obtain your affirmative consent and maintain a record of it.
This policy also serves as our notice at collection under California law and describes the rights available to residents of U.S. states with comprehensive privacy laws. See Section 9 (Your Rights).
You are responsible for ensuring that you have all rights, consents, and legal bases required to provide any third-party personal information (such as your customers' contact details) to the Service, as further described in our Terms of Service.
When you connect your Google account to Nimbus Value (for example, by connecting Google Calendar), we may collect the following data from your Google account with your explicit consent:
We access this data using the Google Calendar API with read-only permissions (calendar.readonly scope). We do not access, modify, or delete your Google Calendar events.
Google user data is used exclusively to:
Nimbus Value's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
We do not sell, share, transfer, or disclose Google user data to any third parties, except:
Google user data is never used for advertising, marketing, or any purpose other than providing the calendar integration features described above. We do not use Google user data to train AI models, for targeted advertising, or for any form of data brokering.
Google Calendar data is stored in our database for as long as your Google Calendar connection is active. You can disconnect your Google Calendar at any time from the Connected Services page, which will stop new data from being synced. You may request deletion of all stored Google Calendar data by contacting us at privacy@nimbusvalue.com. Upon disconnection or deletion request, your Google Calendar data will be removed within 30 days.
Google user data is protected using the same security measures described in Section 7 of this policy, including encryption at rest and in transit, role-based access controls, and secure cloud infrastructure. OAuth tokens used to access your Google account are encrypted using AWS KMS (Key Management Service) and are never stored in plaintext.
For transparency and to satisfy California's notice-at-collection requirement, the following table describes the categories of personal information (using the categories defined under the California Consumer Privacy Act) that we may collect. Any category we collect may be disclosed to the service providers and processors described in Section 5 for the business purposes described in Section 3.
| Category (CCPA) | Examples in the Service | Do we collect? |
|---|---|---|
| Identifiers | Name, email address, company name, IP address, account and Google account identifiers | Yes |
| Customer records (Cal. Civ. Code § 1798.80) | Name and business contact details | Yes |
| Commercial information | Subscription plan, seat count, billing and transaction records | Yes |
| Internet or network activity | Usage data, device information, and log data | Yes |
| Geolocation data | Approximate location inferred from IP address only; no precise geolocation | Limited |
| Professional or employment information | Job title, company, sales role, and assessment responses | Yes |
| Audio/visual information | Meeting audio, video, and screen-shared content, plus transcripts, when you invite the recording feature | Only when you invite recording |
| Inferences | AI-generated insights, scores, and seller profiles derived from the data you provide | Yes |
| Sensitive personal information | (e.g., government IDs, precise geolocation, biometric data) | No |
| Education information | — | No |
The Service includes an optional meeting-recording feature. It records a meeting only if you invite the feature by providing a meeting link within the application; if you do not invite it, the Service does not record your meetings. When you invite it, the feature captures the meeting audio and video, including any content shared on screen, and we generate a transcript and AI-derived summaries and analyses from the recording.
Meeting recordings, transcripts, and related outputs are treated as Customer Data and are handled, retained, and deleted as described in Sections 5, 8, and 9. They are processed using our cloud infrastructure and trusted third-party services, and are never used to train AI models.
You are responsible for providing any notice to, and obtaining any consent from, all meeting participants that applicable law requires before you invite the recording feature to a meeting. Some states require the consent of all participants to record a conversation; you are responsible for meeting those requirements.
We use the information we collect to:
We collect and use personal information only for the purposes described in this policy and do not use it for materially different purposes without providing notice and, where required, obtaining consent.
Our Service uses artificial intelligence as a core part of the platform to provide features such as customer analysis, goal recommendations, initiative scoring, news aggregation, product analysis, and chat assistance. AI features are integrated throughout the Service and are part of the standard user experience. When AI-powered features are used:
AI-generated content may contain errors and is provided for informational purposes only. As described in our Terms of Service, you are responsible for reviewing and validating AI-generated output before relying on it.
We may use aggregated, de-identified data — meaning data that has been stripped of any information that could identify you, your organization, or your customers — to analyze usage patterns and improve the quality and relevance of our AI-powered features. This aggregated data cannot be used to identify any individual user or organization. We will never use your identifiable business data, customer information, or content to train AI models. Google user data (as described in Section 2.3) is never used for service improvement or model training in any form.
We may share your information for the business purposes described in this policy, with the following categories of recipients:
We do not sell your personal information, and we do not share it for cross-context behavioral advertising (as those terms are defined under California and other state privacy laws). We have not sold or shared personal information in the preceding 12 months.
The Service is offered to users located in the United States, and your information is stored and processed in the United States (AWS US East, N. Virginia region). If you access the Service from outside the United States, you do so on your own initiative and consent to the transfer to and processing of your information in the United States, where data protection laws may differ from those of your jurisdiction.
We implement security measures to protect your information, including:
While we strive to protect your information, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security. In the event of a data breach affecting your personal information, we will notify you and applicable regulators as required by applicable law.
We retain your information for as long as your account is active or as needed to provide the Service. When you delete your account, we delete or anonymize your personal information within 90 days, except for the specific categories of records identified below that we are required or permitted by law to retain for longer. The long-retention categories are limited to the specific records described — not your entire account — consistent with data-minimization principles. The following schedule applies:
| Data category | Retention period | Basis |
|---|---|---|
| Google Calendar / Google user data | Within 30 days of disconnection or a deletion request | Google API Limited Use requirements |
| Account, profile, and business content | Within 90 days of account deletion | Providing the Service; data minimization |
| Subscription, billing, and auto-renewal consent records | Up to 7 years after the applicable transaction or account closure | Tax and accounting rules; automatic-renewal consent-retention laws (e.g., Virginia and California); and contract limitations periods |
| Records needed to resolve disputes or enforce agreements | Until the applicable limitations period expires | Establishing, exercising, or defending legal claims |
| Security and audit logs | Up to 24 months | Security, fraud prevention, and integrity |
| Encrypted backups | Up to 35 additional days following deletion | Backup rotation; overwritten in the ordinary course |
Because we are required to keep the records above, a request to delete your information will be honored except as to those records; see Section 9. When the retention period ends, we delete or de-identify the information in the ordinary course.
Depending on your state of residence and applicable law, you may have some or all of the following rights:
Because the Service is a business-to-business product, several state privacy laws apply only to information about individuals acting in a personal or household context and may not cover business-contact data processed through the Service; California's law is broader and is addressed in Section 9.2. When you request deletion, we will honor it except for records we are required or permitted by law to retain — such as the subscription, billing, and consent records described in Section 8.
To the extent the California Consumer Privacy Act, as amended by the California Privacy Rights Act (together, the "CCPA"), applies to us, California residents have the following rights regarding the personal information described in Section 2.4:
Shine the Light. We do not disclose personal information to third parties for their own direct marketing purposes, so California's "Shine the Light" law (Cal. Civ. Code § 1798.83) does not apply. Retention. We retain each category of personal information for the periods described in Section 8.
Residents of other states with comprehensive privacy laws — including Virginia, Colorado, Connecticut, and a growing number of others — may have rights to access, correct, delete, and obtain a portable copy of their personal data, and to opt out of targeted advertising, the sale of personal data, and certain profiling that produces legal or similarly significant effects.
We do not sell personal data, engage in targeted advertising, or conduct profiling that produces legal or similarly significant effects, so those opt-out rights generally do not apply. Many of these laws also exclude data processed in a commercial or employment context, so they may not apply to the business-contact information processed through the Service. Where a law grants you these rights, you may exercise them as described in Section 9.4, including the right to appeal a decision.
To exercise any of these rights, contact us at privacy@nimbusvalue.com. We will respond within the timeframe required by applicable law and may need to verify your identity before fulfilling a request; we will not fulfill a request we cannot reasonably verify. You may use an authorized agent to submit a request on your behalf, subject to verification of the agent's authority.
If we decline a request, we will explain why, and you may appeal by replying to our response with the subject line "Appeal"; we will respond to appeals as required by applicable law. We will not discriminate against you for exercising your privacy rights. If you use the Service through an organization account, some requests may need to be directed to and fulfilled through your organization administrator, who controls that account's data; in that case we act on that organization's behalf and will refer your request to them.
We use essential cookies for authentication and session management. We do not use third-party tracking cookies or advertising cookies. You can configure your browser to refuse cookies, but this may affect your ability to use the Service.
The Service is a business product that is not intended for, or directed to, individuals under the age of 16, and we do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.
We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a prominent notice within the Service before the changes take effect, and we will update the effective date and version number above. Prior versions are archived and available upon request. Your continued use of the Service after the effective date of an updated policy constitutes acceptance of the changes; where required by law, we will obtain your consent.
If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:
Nimbus Value, LLC
Email: legal@nimbusvalue.com
Mailing address: 26572 Cadmus Ct., Centreville, VA 20120