Privacy Policy

Overview

This Privacy Policy explains what Invokora collects, uses, shares, and retains for organization subscriptions, hosted Skills, BYOK, model credits, add-ons, refunds, audit, and support.

Operator

Invokora is operated by NEXUSCORTEX LLC. Contact: [email protected].

Data we collect

We collect information needed to operate Invokora, including account profile data, authentication state, consent records, organization members and roles, permission settings, Skill metadata, delivery modes, invocation and model-usage metadata, encrypted BYOK key records, billing references, subscription status, model credit grants, add-ons, refund or billing correction records, audit logs, security logs, device and browser metadata, support messages, and privacy request records. We do not need to store full card numbers or card security codes.

Hosted Skills and invocation data

Hosted-only Skills, reference files, and workflow configuration may be encrypted and executed server side. Invocation records usually store request, organization, skill, version, user, model, token, charge, error code, block reason, and timestamp metadata. Except as needed to provide the Service, troubleshoot, protect security, comply with law, or as authorized by you, we do not deliver hosted-only source to unauthorized members.

BYOK and model providers

BYOK key plaintext only passes through backend memory briefly when saving or invoking. The database stores provider, key suffix, encrypted key, and encryption material. When you use BYOK, requests may still be sent to the third-party model provider you choose and are subject to that provider's terms, privacy policy, and logging practices.

Billing, subscriptions, and model credits

We store organization subscriptions, payment status, Stripe or other provider references, billing portal state, model credit grants, add-ons, usage deductions, refunds, and corrections to provide billing, credits, audit, tax, dispute, and fraud-prevention capabilities.

How we use data

We use data to create and protect accounts, operate organization workspaces, run Skill invocations, sync allowed delivery content, manage permissions, bill organization subscriptions and model credits, process BYOK, add-ons, cancellation, and refunds, provide support, troubleshoot, enforce security policies, create audit records, comply with law, prevent fraud, and improve reliability.

Sharing

We do not sell personal information. When necessary, we may share limited data with payment processors, model providers, cloud hosts, identity providers, security or analytics vendors, communications services, professional advisors, enterprise customer administrators, authorities, or dispute processors to operate the Service, complete payments, support customers, comply with law, and protect security.

Retention

Account, organization configuration, Skill metadata, billing, model credit, audit, security, support, consent, and DSAR records are retained as needed for service operation, plan audit retention, contracts, tax, disputes, fraud prevention, security, and legal obligations. After organization cancellation or account deletion, some transaction, audit, security, and compliance records may continue to be retained with restricted use.

Your choices

You may request access, export, correction, or deletion of personal data by emailing [email protected] or using the logged-in privacy entry. Some billing, tax, audit, dispute, fraud-prevention, security, and compliance records may be retained where permitted or required by law.