Cyrano.ai is Committed to
Protecting Your Information
Your Trust Matters. Your Privacy is Important. Our Responsibility is Critical.
We at Cyrano understand the value and importance of conversations, and we make you a promise to keep your information and data absolutely private and secure.
Cyrano's data privacy and security practices have been independently reviewed and tested by Nylas (SOC2, GDPR, CCPA, HIPAA, FINRA authorized) and Leviathan Security (threat testing, penetration testing, security audit, code review) to make sure that your data is always private and protected.
If you have any other questions, please don’t hesitate to contact us directly.
What We Do
You might have reached this page at the request of a colleague who has asked for approval to use Cyrano Navigate.
Cyrano Navigate analyzes conversations and provides information and advice to users about the people they’re in communication with. Our analysis uses our patented neurolinguistic technology that looks at words people use in conversation.
We offer integrations to a number of conversational platforms, including email systems like Gmail and Microsoft 365. For a list of the platforms we currently support, visit our Navigate Integrations page.
Personally Identifiable Information
When you create an account in Navigate, we collect Personally Identifiable Information (PII) from you, including name, email address, and phone number.
Securing Sensitive Data
Additionally, when you create an account or authorize our access to a platform, we index conversational data from that platform. If that platform is Gmail, for example, we index email conversations from your inbox and continue to index those emails while your account is active.
As we index conversations, we encrypt the conversations themselves and the PII of those participating in the conversation.
Your data is encrypted at all times:
All incoming and outgoing data is encrypted in transit using SSL/TLS 1.2.
Conversational data is encrypted at rest using xxxxxxxx.
Our databases are encrypted on secure cloud file systems hosted by Amazon Web Services.
Authentication tokens are encrypted at rest using xxxxxxxx.
We leverage AWS KMS for secure encryption key storage and management.
We use OAuth to request authorization to their platform accounts from users. This means that we never see your account passwords and you have the ability to turn off our access at any time.
The information we have access to is different for each platform we integrate with. Whenever available, we request the lowest level of permission that allows us to provide our service. In the case of email, calendar and contacts, we request read-only access. Details about the level of authorization we require for each platform can be found on our Integrations page.
In the case of email, calendar, and contacts, we integrate with Nylas who provides a secure common API across multiple vendors. See Nylas under Third-party Vendors below for more information.
The following is a list of the major third-party vendors we use to provide the service.
Amazon Web Services
Nylas provides a common API for email, calendar, and contacts. For users who authorize Gmail. Microsoft 365, or Exchange, for example, are authenticating through Nylas. For authorized accounts, Nylas manages users’ authentication tokens directly and Cyrano.ai has no direct access to them.
GDPR Note: If you are located in the European Economic Area, Nylas is a “processor” of your data.
Data Deletion Policy
Cyrano will automatically schedule data retrieved from a given platform for deletion when you disable or uninstall an integration from your account.
Vulnerability Disclosure Policy
We encourage third parties to report bugs and vulnerabilities that they may have discovered.
For any reports, please provide supporting information, such as your account information (if applicable), relevant software platform details, and steps to reproduce.
Please submit reports by emailing email@example.com.