Managing Your Data & Privacy
Control, export, and delete your data. Understand how GDPR rights are built into the product.
Your Data, Your Control
Nutan is built on a simple principle: your data belongs to you. Everything runs on your device, and you have full control over what stays, what syncs, and what gets deleted.
Where Your Data Lives
| Data Type | Location | Synced to Cloud? |
|---|---|---|
| Meeting audio | Your device (deleted after transcription) | Never |
| Transcripts | Your device (encrypted database) | Only if cloud sync enabled |
| Deal intelligence | Your device (encrypted database) | Only if cloud sync enabled |
| Action items | Your device (encrypted database) | Only if cloud sync enabled |
| Knowledge base | Your device (encrypted database) | Only if cloud sync enabled |
| Chat messages | Your device (encrypted database) | Only if cloud sync enabled |
| OAuth tokens | OS keychain | Never |
| Account info | Nutan's servers | Yes (email, name) |
Encryption
Your local database is protected with industry-standard strong encryption. The encryption key is generated on your device and stored exclusively in your operating system's secure keychain — it is never written to disk or stored in the database itself.
Deleting Your Data
Nutan provides granular data deletion controls, built to comply with GDPR Article 17 (Right to Erasure):
Delete Specific Data
From Settings → Privacy, you can individually delete:
- Profile data — Your name, role, and company information
- All deals — Removes deals and all associated signals, stakeholders, chats, and action items
- All chat messages — Removes your conversation history with the AI
- All meetings — Removes meeting records and related action items
- All knowledge items — Removes uploaded documents and indexed content
- All settings — Resets your preferences to defaults
- All integrations — Disconnects CRM, email, and calendar; deletes all OAuth tokens from keychain
Delete Everything
The "Delete All My Data" option performs a complete erasure in a single atomic transaction:
- All deals, contacts, meetings, chats, knowledge, settings, and integrations are deleted.
- OAuth tokens are removed from your keychain.
- If cloud sync is enabled, deletion tombstones are synced so your data is removed from all devices.
- Audit logs are preserved — required under GDPR Article 17(3)(e) for legal compliance obligations.
Cloud Sync
If you enable cloud sync, your data is synced every 5 minutes:
- Data is encrypted in transit (TLS) and at rest.
- Sync payload is limited to 500 rows per request.
- Only structured intelligence syncs — never raw audio.
- Tables synced: deals, contacts, meetings, chat messages, knowledge items, action items, signals, and user settings.
- You can disable cloud sync at any time from Settings.
Your GDPR Rights
- Right to access — Your data is on your device. You have direct access at all times.
- Right to rectification — Edit any data directly in the app.
- Right to erasure — Delete any or all data from Settings → Privacy.
- Right to portability — Your data is in a local database you can export.
- Right to restrict processing — Disable any integration or feature independently.
For GDPR data subject requests, submit online at nutan.ai/privacy/requests — a ticket ID is issued immediately and the privacy agent handles routing. We respond within 30 days.
CCPA Rights
California residents have additional rights under CCPA. Nutan does not sell personal information. For CCPA requests, submit online at nutan.ai/privacy/requests.
Related articles
Configure Single Sign-On for your organization using SAML or modern identity federation with Nutan.
Encryption & Security ArchitectureHow Nutan encrypts your data at rest and in transit with multiple layers of protection.
Audit LoggingHow Nutan maintains tamper-evident audit logs for compliance and security monitoring.