Privacy & Cookie Policy

Version 2.0 — Zero-Risk Compliant

Effective Date: February 2026

Contact: info@noussapient.com

This Privacy Policy describes how Nous Sapient (“Nous Sapient,” “we,” “our,” or “us”), based in Dallas, Texas, United States, collects, uses, discloses, and safeguards personal data when you access or use our websites, applications, subscription offerings, structured reading programs, analytical tools, and any other services that link to this Privacy Policy (collectively, the “Services”). This Policy applies to all users of the Services, regardless of location.

1.Your Agreement to This Privacy Policy

1.1 Affirmative Consent at Registration

Before you may create an account or register for the Services, you must check an unchecked-by-default checkbox confirming: “I have read, understand, and agree to the Nous Sapient Privacy Policy.” The registration or subscription button will remain disabled until this checkbox is checked. By checking this box, you acknowledge that you have read this Privacy Policy in its entirety and consent to the data practices described herein.

1.2 Consent at Checkout and Subscription

If payment or subscription activation occurs at a step separate from registration, you will be presented with a second consent checkpoint: “By completing this purchase, I confirm that I have read and agree to the Privacy Policy and Terms of Use.” This consent is required before the transaction is processed.

1.3 Consent Audit Trail

Each consent event is logged in an immutable audit record containing: your user identifier, the timestamp of consent, your IP address, user agent string, the specific version number of this Privacy Policy you accepted, and the type of consent event (registration, checkout, or re-consent). These records are retained for the duration of your relationship with Nous Sapient plus seven (7) years.

1.4 Re-Consent Upon Material Changes

When we make material changes to this Privacy Policy, we will: (a) notify you via email at the address associated with your account, with a plain-language summary of the changes; (b) present a consent banner or modal upon your next login requiring you to re-acknowledge the updated policy before continuing to use the Services; and (c) provide you the option to delete your account and all associated data if you do not agree to the updated policy.

1.5 Refusal of Consent

If you do not agree to this Privacy Policy, you must not register, subscribe, or use the Services. If you previously consented but no longer agree, you may request deletion of your account and personal data at any time by contacting privacy@noussapient.com.

2.Personal Data We Collect

We collect personal data based on how you interact with the Services. The following describes the categories of personal data collected in the preceding twelve (12) months, organized by source.

2.1 Personal Data You Provide Directly

Account Information. When you create an account, register, subscribe, or participate in Nous Sapient programs, we collect: your name; email address; username or account identifier; password (stored exclusively in cryptographically hashed form); organization affiliation (if applicable); and subscription tier and account preferences. CCPA Category: Identifiers; Commercial Information.

Payment Information. If you purchase subscriptions or paid Services, payments are processed exclusively through PCI-DSS-compliant third-party payment processors. Nous Sapient does not store, process, or have access to full payment card numbers at any time. We receive only limited billing details from our processors, such as billing address, the last four digits of your payment method, payment status, and transaction identifiers. CCPA Category: Identifiers; Commercial Information.

Inputs and Outputs. The Services may allow you to submit prompts, text, annotations, documents, reflections, or other content (“Inputs”). The Services may generate structured responses, analyses, summaries, or other results (“Outputs”). We process Inputs and Outputs solely to provide the Services you have requested. See Section 3.2 regarding any additional use for service improvement. CCPA Category: Internet or Other Electronic Network Activity Information; Inferences.

Communications and Support. If you contact us via email, web forms, support channels, social media, or community spaces, we collect your contact details and the contents of your messages, including feedback, suggestions, and inquiries. CCPA Category: Identifiers; Internet or Other Electronic Network Activity Information.

2.2 Personal Data Collected Automatically

Device and Browser Information. We may collect: device type; operating system; browser type and version; IP address (which may be truncated or anonymized); Internet Service Provider (ISP); language settings; screen resolution; and related technical identifiers. CCPA Category: Identifiers; Internet or Other Electronic Network Activity Information.

Usage Information. We collect information about your interaction with the Services, including: pages visited; features used; actions taken; session duration; timestamps; referral URLs; click patterns; and general usage analytics. CCPA Category: Internet or Other Electronic Network Activity Information; Inferences.

Log and Diagnostics Information. We may collect event logs, crash logs, error reports, performance metrics, and diagnostic data to maintain and improve the reliability and security of the Services. CCPA Category: Internet or Other Electronic Network Activity Information.

Cookies and Similar Technologies. We and our authorized service providers may use cookies, software development kits (SDKs), pixels, web beacons, and similar tracking technologies for the following purposes:

Provide core functionality, including authentication and session management.
Remember your preferences and settings.
Improve the performance and user experience of the Services.
Understand usage patterns and measure the effectiveness of features.

You can manage cookies via your browser settings or through our cookie preference center (where available). Disabling essential cookies may limit the functionality of the Services. We honor Global Privacy Control (GPC) signals and other Universal Opt-Out Mechanisms (UOOMs) as required by applicable law. See Section 6.2 for details.

2.3 Information We Receive from Other Sources

We may receive information from the following categories of third-party sources:

Payment processors: payment confirmation, transaction metadata, and fraud screening results.
Security and fraud-prevention services: threat intelligence and risk scoring.
Analytics providers: aggregated usage and performance data.
Marketing partners: contact information and campaign attribution data (only where permitted by applicable law and where appropriate consent has been obtained).

2.4 Sensitive Personal Information

Nous Sapient does not intentionally collect sensitive personal information. Sensitive personal information includes, but is not limited to:

Social Security numbers or government-issued identifiers.
Precise geolocation data (within 1,750 feet / 533 meters).
Racial or ethnic origin.
Religious or philosophical beliefs.
Sexual orientation or gender identity.
Genetic or biometric data processed for identification purposes.
Health, medical, or disability information.
Citizenship or immigration status.
Contents of private communications not directed to Nous Sapient.

If any of the above categories are inadvertently submitted through Inputs, we will not use such data for any purpose beyond providing the specific Service requested. You may request deletion of any such data at any time. If we determine it is necessary to process sensitive personal information for any purpose, we will obtain your explicit, opt-in consent prior to such processing and limit use to what is strictly necessary for the purpose disclosed.

2.5 Categories Summary Table (CCPA Compliance)

The following table summarizes the categories of personal information collected in the preceding twelve (12) months, as required by the California Consumer Privacy Act:

CCPA Category	Examples Collected	Source(s)
A. Identifiers	Name, email, username, IP address, account ID	You; Automatic; Third parties
B. Personal information per Cal. Civ. Code 1798.80(e)	Name, address (billing)	You; Payment processor
C. Protected classifications	Not intentionally collected	N/A
D. Commercial information	Subscription tier, purchase history, transaction records	You; Payment processor
E. Biometric information	Not collected	N/A
F. Internet or electronic network activity	Browsing history, search history, interaction with Services, usage data	Automatic
G. Geolocation data	Approximate location from IP address only (not precise)	Automatic
H. Sensory data	Not collected	N/A
I. Professional or employment info	Organization affiliation (if provided)	You
J. Education information	Not collected	N/A
K. Inferences drawn	Usage patterns, content preferences, reading engagement metrics	Automatic; Derived

3. How We Use Personal Data

3.1 Provide and Operate the Services

We use personal data to: create and manage your account; authenticate users and maintain secure sessions; deliver subscription benefits and program access; provide customer support and respond to your inquiries; process payments and administer subscriptions; and personalize your experience within the Services based on your preferences and usage patterns.

3.2 Improve, Maintain, and Develop the Services

We use personal data for: debugging, error correction, and performance optimization; feature development and service quality evaluation; research and development to improve our systems, algorithms, and user experience; and security testing and vulnerability assessment.

Use of Inputs and Outputs for Improvement. We may use de-identified or aggregated Inputs and Outputs to improve the Services, including system performance, quality, and safety. We will not use your identifiable Inputs and Outputs to train machine learning models or artificial intelligence systems without your explicit, affirmative opt-in consent. You may opt out of having your Inputs and Outputs used for any improvement purpose at any time by: (a) adjusting your settings in your account dashboard (where available); or (b) contacting privacy@noussapient.com. Opting out will not affect the quality or availability of the Services you receive.

3.3 Automated Decision-Making and AI Processing

The Services may use automated processing, including artificial intelligence and algorithmic analysis, to generate Outputs, provide recommendations, and enhance your experience. Nous Sapient is committed to transparency regarding automated processing:

We do not use automated decision-making technology (ADMT) to make decisions that produce legal or similarly significant effects concerning you without meaningful human oversight.
If we implement ADMT for decisions with significant effects in the future, we will provide advance notice before such processing occurs.
You will have the right to opt out of such processing, to receive information about the logic involved and its significance, and to contest the results and request human review.
Where applicable under Minnesota law (MCDPA) or other state laws, you may access the data used in profiling decisions, correct inaccuracies in that data, and request reevaluation based on corrected data.

3.4 Communications

We may use your contact information for:

Administrative and transactional notices related to your account (e.g., password resets, subscription confirmations).
Customer support communications in response to your inquiries.
Service updates and new feature announcements.
Subscription and billing notifications.
Marketing communications, only where you have provided affirmative consent or where permitted by applicable law without consent.

You may opt out of marketing communications at any time by using the unsubscribe link included in every marketing email or by contacting privacy@noussapient.com. Opting out of marketing communications will not affect transactional or administrative communications necessary for your account.

3.5 Safety, Integrity, and Legal Compliance

We may process personal data to: prevent fraud, abuse, and unauthorized use of the Services; enforce our Terms of Use and Acceptable Use Policy; protect the Services, our users, and third parties from harm; comply with legal obligations, regulations, and lawful requests; exercise or defend legal claims; and conduct privacy risk assessments and data protection impact assessments as required by applicable law. Nous Sapient does not process sensitive personal data for the purpose of inferring consumer characteristics.

4. How We Disclose Personal Data

4.1 Service Providers (Processors)

We share personal data with the following categories of service providers who perform services on our behalf:

Cloud hosting and infrastructure providers (for data storage and application delivery).
Payment processing services (for transaction processing and billing).
Customer support and communication tools (for help desk and ticket management).
Security monitoring and fraud prevention services (for threat detection and access controls).
Analytics and performance monitoring services (for usage analysis and service optimization).

All service providers are bound by written data processing agreements that: restrict their use of personal data solely to providing services to Nous Sapient; require them to implement technical and organizational security measures consistent with this Privacy Policy; prohibit them from selling, sharing, or using your personal data for their own commercial purposes; and require prompt notification to us in the event of a data breach.

4.2 Business Transfers

If Nous Sapient is involved in a merger, acquisition, financing, reorganization, bankruptcy, receivership, or sale or transfer of business assets, personal data may be disclosed or transferred as part of that transaction. In such event, we will: provide notice to affected users; where required by applicable law, obtain consent before any such transfer; and require the acquiring entity to honor the commitments made in this Privacy Policy or provide you the opportunity to withdraw consent and request deletion.

4.3 Legal, Safety, and Rights Enforcement

We may disclose personal data if we reasonably believe disclosure is necessary to: comply with applicable law, regulation, subpoena, or court order; respond to lawful governmental or regulatory requests; investigate or prevent fraud, abuse, security threats, or technical issues; protect the rights, property, and safety of Nous Sapient, our users, or the public; and enforce our Terms of Use, Acceptable Use Policy, and related agreements.

4.4 With Your Consent

We may disclose personal data when you explicitly direct us to do so or when you provide affirmative consent for a specific disclosure.

4.5 Sale and Sharing of Personal Data

Nous Sapient does not sell your personal data for monetary or other valuable consideration. Nous Sapient does not “share” your personal data for cross-context behavioral advertising as defined under the California Consumer Privacy Act (CCPA/CPRA) or any equivalent state law.

If our practices change in the future, we will update this Privacy Policy, provide notice, and offer appropriate opt-out mechanisms—including honoring Global Privacy Control (GPC) signals—before any such sale or sharing occurs.

To exercise your right to opt out (now or in the future), you may:

Use the “Do Not Sell or Share My Personal Information” link displayed in the footer of our website.
Enable Global Privacy Control (GPC) in your browser; we will honor this signal automatically.
Contact us at privacy@noussapient.com with the subject line “Opt-Out Request.”

4.6 Financial Incentive Programs

Nous Sapient does not currently offer financial incentive programs (such as discounts, rewards, loyalty points, or other benefits) in exchange for the collection, retention, sale, or sharing of your personal data. If we introduce such programs in the future, we will provide a separate notice describing: the material terms of the program; the categories of personal data involved; the value of your data as it relates to the incentive offered; your right to opt in voluntarily; and your right to withdraw from the program at any time without penalty.

5. Your Rights and Choices

Regardless of where you reside, Nous Sapient honors the following rights for all users to the maximum extent practicable. Where applicable state or national law provides additional or more protective rights, those additional protections also apply.

5.1 Universal Rights

Right to Know / Access. You have the right to know what categories and specific pieces of personal data we collect, the categories of sources from which it is collected, the business or commercial purposes for collection, and the categories of third parties with whom we share it. You may request a copy of your personal data.
Right to Correction. You have the right to request correction of inaccurate personal data we maintain about you.
Right to Deletion. You have the right to request deletion of your personal data, subject to certain legal exceptions (such as data required for legal compliance, security, or completing a transaction you requested).
Right to Data Portability. You have the right to receive your personal data in a structured, commonly used, and machine-readable format and, where technically feasible, to have it transmitted to another service provider.
Right to Opt Out of Sale/Sharing. You have the right to opt out of the sale or sharing of your personal data, targeted advertising, and certain types of profiling.
Right to Restrict or Object to Processing. You have the right to restrict or object to certain processing activities involving your personal data.
Right to Withdraw Consent. Where processing is based on your consent, you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing conducted prior to withdrawal.
Right to Non-Discrimination. We will not discriminate against you—through denial of services, different pricing, or different quality—for exercising any of your privacy rights.
Right to Appeal. If we deny your privacy rights request in whole or in part, you have the right to appeal that decision. See Section 5.4 below.
Right to Contest Profiling. Where applicable law provides, you have the right to contest decisions made about you through profiling or automated decision-making, access the data used, correct inaccuracies, and request human review of automated decisions.

5.2 How to Exercise Your Rights

To exercise any of the rights described above, you may:

Email: privacy@noussapient.com with the subject line “Privacy Rights Request.”
Account Settings: Use the privacy controls in your account dashboard (where available).
Mail: [Insert Physical Mailing Address], Dallas, Texas, United States.

5.3 Response Timeframes

We will acknowledge receipt of your request within ten (10) business days. We will provide a substantive response within forty-five (45) calendar days of receiving your verifiable request. If we reasonably require additional time, we will notify you in writing and may extend the response period by one additional forty-five (45) calendar day period, for a maximum total response time of ninety (90) calendar days. If we cannot fulfill your request, we will explain the reason in our response.

5.4 Appeal Process

If we deny your privacy rights request, you may appeal by contacting privacy@noussapient.com with the subject line “Privacy Rights Appeal” within sixty (60) days of receiving our denial. We will respond to your appeal within forty-five (45) calendar days. If your appeal is denied, our response will include: the reason for the denial; any further steps available to you; and your right to contact the Attorney General or applicable regulatory authority in your state of residence to file a complaint.

5.5 Authorized Agents

You may designate an authorized agent to submit a privacy rights request on your behalf. To process such requests, we may require: a signed written authorization or valid power of attorney from you; independent verification of your identity; and verification of the agent’s identity and authority to act on your behalf. Authorized agents may submit requests to privacy@noussapient.com.

5.6 Identity Verification

Before fulfilling a rights request, we may ask you to verify your identity through one or more of the following methods: confirming information associated with your account; responding to a verification email sent to the email address on file; or other reasonable verification methods proportionate to the sensitivity of the data involved. We will not collect more personal information than reasonably necessary to verify your identity.

6. State-Specific Privacy Rights

In addition to the universal rights described in Section 5, residents of the following states may have additional rights under their state’s privacy laws. Nous Sapient complies with all applicable state privacy requirements.

6.1 California Residents (CCPA / CPRA)

You have the right to know the categories and specific pieces of personal information collected in the preceding 12 months, the categories of sources, the business or commercial purposes for collection, and the categories of third parties with whom personal information is shared or disclosed.
You have the right to request deletion, correction, and data portability.
You have the right to opt out of the sale or sharing of personal information and to limit the use and disclosure of sensitive personal information.
We do not use or disclose sensitive personal information for purposes beyond those authorized under the CCPA.
We do not offer financial incentive programs related to the collection or use of personal information.
California consumers may submit verifiable consumer requests up to twice per twelve-month period.
We honor Global Privacy Control (GPC) signals as a valid opt-out of sale/sharing under the CCPA.

6.2 Global Privacy Control (GPC) and Universal Opt-Out Mechanisms

Nous Sapient implements server-side detection of Global Privacy Control (GPC) browser signals in compliance with the requirements of California, Colorado, Connecticut, Maryland, Minnesota, and any other jurisdiction that mandates recognition of universal opt-out mechanisms. When a GPC signal is detected, we will automatically: suppress any data sharing that could constitute a “sale” or “sharing” under applicable law; disable targeted advertising based on your personal data; and apply these preferences across your account for the duration of your session and any future sessions while the signal remains active.

6.3 Texas Residents (TDPSA)

You have the right to confirm whether we are processing your personal data, access your data, correct inaccuracies, delete your data, and obtain a portable copy. You may opt out of the sale of personal data, targeted advertising, and profiling that produces legal or similarly significant effects. We will respond within 45 days, with one 45-day extension if reasonably necessary.

6.4 Colorado, Connecticut, Virginia, Oregon, Montana, and Delaware Residents

You have rights to access, correct, delete, and obtain a portable copy of your personal data. You may opt out of targeted advertising, sale of personal data, and profiling in furtherance of decisions that produce legal or similarly significant effects. Where required, we will conduct data protection assessments for high-risk processing activities. We will respond to requests within 45 days with one 45-day extension if reasonably necessary.

6.5 Minnesota Residents (MCDPA)

In addition to standard rights, you have the right to question the results of profiling used for decisions producing legal or similarly significant effects, including the right to: be told the reason such profiling resulted in a specific decision; access the personal data used in the profiling; correct inaccuracies in that data; and request that the profiling decision be reevaluated based on corrected data. Our Chief Privacy Officer’s contact information is provided in Section 12 of this Privacy Policy, as required by the MCDPA.

6.6 Maryland Residents (MODPA)

We will not process your personal data for targeted advertising if you are under 18 years of age and we know or should know your age. Our data collection practices are limited to what is reasonably necessary and proportionate to the purposes for which the data is processed, as required by the MODPA.

6.7 Iowa, Indiana, Tennessee, New Hampshire, New Jersey, Kentucky, Nebraska, and Rhode Island Residents

If you reside in any of these states, you may exercise the rights provided under your state’s comprehensive privacy law by contacting privacy@noussapient.com. We will process your request in accordance with the specific requirements of your state’s law. Where state-specific requirements differ, Nous Sapient will apply the standard most protective of your rights.

6.8 Tennessee Affirmative Defense

Nous Sapient maintains documented privacy policies and procedures designed to reasonably align with the National Institute of Standards and Technology (NIST) Privacy Framework, consistent with the affirmative defense provisions available under Tennessee’s Information Protection Act.

7. Data Retention

We retain personal data only as long as reasonably necessary for the purposes described in this Privacy Policy. The following table provides specific retention periods by data category:

Data Category	Retention Period	Legal / Business Basis
Account information	Duration of active account plus 3 years after account deletion or deactivation	Service delivery; dispute resolution; legal compliance
Payment and billing metadata	7 years after the date of the transaction	IRS record-keeping requirements; financial compliance; audit obligations
Inputs and Outputs	Duration of active account; securely deleted within 90 calendar days of account deletion, unless you have opted in to improvement use	Service delivery; user-directed processing
Usage and analytics data	24 months from the date of collection	Service improvement; performance monitoring
Device, browser, and log data	12 months from the date of collection	Security monitoring; debugging; incident investigation
Customer support communications	3 years after resolution of the support inquiry	Quality assurance; legal compliance; dispute resolution
Consent and audit records	Duration of user relationship plus 7 years	Legal compliance; regulatory audit trail; enforcement defense
Marketing preferences and opt-out records	Until you change your preference or your account is deleted	Compliance with your communication preferences
Cookie and tracking data	As specified in cookie settings; session cookies expire at end of session; persistent cookies expire per their stated duration (maximum 13 months)	Functionality; analytics; legal compliance

Upon expiration of the applicable retention period, personal data will be securely deleted, anonymized, or de-identified using industry-standard methods. We may retain data beyond the stated periods only if required by applicable law, regulation, court order, or active legal proceedings.

8. Security Controls

We implement reasonable and appropriate technical and organizational security measures designed to protect personal data against unauthorized access, disclosure, alteration, loss, or destruction. These measures include, but are not limited to:

Encryption of personal data in transit using Transport Layer Security (TLS 1.2 or higher) and encryption of personal data at rest using industry-standard algorithms.
Access controls that limit data access to authorized personnel on a strict need-to-know basis, enforced through role-based access control (RBAC) and multi-factor authentication for administrative access.
Regular security assessments, penetration testing, and vulnerability scanning.
Mandatory security awareness training for all employees and contractors who handle personal data.
Documented incident response procedures, including defined roles, escalation paths, and communication protocols.
Secure data disposal practices, including cryptographic erasure and physical destruction where applicable.
Regular privacy risk assessments and Data Protection Impact Assessments (DPIAs) for processing activities that present heightened risks to individual privacy.

No method of transmission over the Internet or method of electronic storage is completely secure. While we use commercially reasonable efforts to protect your personal data, we cannot guarantee absolute security. We continuously evaluate and improve our security posture in response to evolving threats.

9. Data Breach Notification

In the event of a data breach involving your personal data that is reasonably likely to result in a risk to your rights or interests, Nous Sapient will:

Notify affected individuals without unreasonable delay and within the timeframes required by all applicable state and federal breach notification laws (for example, within 60 days for Texas residents under the Texas Identity Theft Enforcement and Protection Act).
Provide information about: the nature and scope of the breach; the categories of personal data affected; the steps we have taken and are taking to address the breach and mitigate harm; and the steps you can take to protect yourself, including any applicable credit monitoring or identity protection services.
Notify relevant regulatory authorities, law enforcement agencies, and consumer reporting agencies as required by applicable law.
Document the breach, our investigation, the remediation steps taken, and the outcomes, in compliance with our internal incident response procedures and regulatory requirements.

10. Children’s Privacy

10.1 Age Restriction

The Services are designed exclusively for users aged eighteen (18) and older. We do not knowingly collect, solicit, maintain, or use personal data from anyone under the age of eighteen (18).

10.2 COPPA Compliance (Children Under 13)

The Services are not directed to children under thirteen (13) years of age, and we do not knowingly collect personal information from children under 13 as defined by the Children’s Online Privacy Protection Act (COPPA), as amended by the Federal Trade Commission’s Final Rule effective June 23, 2025. In compliance with the 2025 COPPA amendments:

We do not knowingly collect, use, or disclose personal information from children under 13.
We do not retain any personal information from children under 13 beyond what is strictly necessary to respond to a one-time request (if applicable) and will promptly delete such information after the purpose is fulfilled.
If we discover that we have inadvertently collected personal information from a child under 13, we will promptly delete all such information and, where appropriate, notify the child’s parent or guardian.
If any personal data from a child under 13 has been used in any automated system, model, or algorithm, we will take commercially reasonable steps to identify and remove or mitigate the use of such data.
We maintain a written information security program that applies to any personal information of children that may be inadvertently collected, as required by the 2025 COPPA Rule.

10.3 Minors Aged 13 to 17

We do not knowingly collect personal data from individuals aged 13 to 17. In compliance with applicable state laws (including New Jersey, Maryland, and others): we will not process data of individuals under 18 for targeted advertising, sale of personal data, or profiling for decisions producing legal or similarly significant effects; and if we learn that a user is between 13 and 17 years of age, we will promptly delete their account and all associated personal data unless verifiable parental or guardian consent is obtained.

10.4 Parental / Guardian Contact

Parents or guardians who believe their child under 18 has provided personal data to Nous Sapient may contact us at privacy@noussapient.com to request review, access, and deletion of such data. We will respond within the timeframes described in Section 5.3.

11. Data Transfers

Nous Sapient is headquartered in Dallas, Texas, United States. Your personal data is primarily processed and stored in the United States. Your personal data may also be processed in other locations where our service providers operate.

The United States and other jurisdictions where data may be processed may not provide the same level of data protection as your home jurisdiction. Where required by applicable law, we implement appropriate safeguards for cross-border data transfers, including written contractual protections with our service providers that require them to protect your data consistent with this Privacy Policy.

If you are located outside the United States, by using the Services and affirmatively consenting to this Privacy Policy through the mechanisms described in Section 1, you acknowledge and consent to the transfer of your personal data to the United States for processing. If Nous Sapient serves users in the European Economic Area (EEA), United Kingdom, or Switzerland in the future, we will implement Standard Contractual Clauses (SCCs) or other legally recognized transfer mechanisms as appropriate.

12. Contact Information (Data Controller)

Nous Sapient is the data controller responsible for the personal data processed under this Privacy Policy.

Nous Sapient

Raanan Group, LLC
Dallas, Texas, USA

Chief Privacy Officer: Name and TItle

Email: privacy@noussapient.com

Mailing Address for Privacy Requests: [Insert dedicated mailing address, if different from above]

Telephone: [Insert phone number, if applicable]

For California residents: You may also submit requests through the methods described in Section 5.2. For Minnesota residents: The Chief Privacy Officer identified above is the individual responsible for compliance with the Minnesota Consumer Data Privacy Act (MCDPA), as required by that law.

13. Accessibility

Nous Sapient is committed to making this Privacy Policy accessible to all users, including individuals with disabilities. This Privacy Policy is designed to comply with Web Content Accessibility Guidelines (WCAG) 2.1 Level AA and to be compatible with screen readers and assistive technologies. If you need this Privacy Policy in an alternative format (such as large print, audio, or Braille), or if you experience any difficulty accessing this document, please contact us at privacy@noussapient.com and we will work to provide it in a format that meets your needs.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other operational factors. When we make changes to this Privacy Policy:

We will update the Effective Date and Version Number at the top of this document.
For non-material changes (such as formatting, clarifications, or typographical corrections), the updated policy will become effective upon posting.
For material changes (such as new data collection categories, new purposes of processing, new third-party disclosures, or changes to your rights), we will: (a) notify you via email at the address associated with your account, with a plain-language summary of the changes; (b) present a re-consent mechanism (banner or modal) upon your next login, requiring your affirmative re-acknowledgment before you may continue using the Services; and (c) provide you the option to delete your account and all associated data if you do not agree to the updated policy.
We will maintain a publicly accessible changelog of all Privacy Policy versions at Privacy Policy page .
Previous versions of this Privacy Policy are available upon request by contacting privacy@noussapient.com.

Your continued use of the Services after you have been notified of a material change and have re-acknowledged the updated Privacy Policy (where required) indicates your acceptance of the updated terms. If you do not agree, you must discontinue use and may request account deletion.

IMPORTANT DISCLAIMER: This Privacy Policy has been prepared to comply with current U.S. federal and state privacy requirements as of February 2026, including the CCPA/CPRA, COPPA (2025 amendments), FTC Act Section 5, and all 20 enacted state comprehensive privacy laws. It does not constitute legal advice. Nous Sapient should have this Privacy Policy reviewed by qualified legal counsel before publication and should conduct periodic legal reviews (at least annually, or whenever material changes occur in applicable law). Bracketed items [like this] require completion with actual business information before publication.