Cyrano.ai is Committed to
Protecting Your Information

Your Trust Matters. Your Privacy is Important. Our Responsibility is Critical.

Trust

We at Cyrano understand the value and importance of conversations, and we make you a promise to keep your information and data absolutely private and secure.

In addition to our diligent efforts to enforce technical security, an important part of that promise is our commitment to transparency. Transparency in what information we have and transparency in how we protect it. This page aims at answering any of your privacy and security questions. You should also review our Privacy Policy and Terms of Service.

Cyrano's data privacy and security practices have been independently reviewed and tested by Nylas (SOC2, GDPR, CCPA, HIPAA, FINRA authorized) and Leviathan Security (threat testing, penetration testing, security audit, code review) to make sure that your data is always private and protected.

 

If you have any other questions, please don’t hesitate to contact us directly.

What We Do

You might have reached this page at the request of a colleague who has asked for approval to use Cyrano Navigate. 

Cyrano Navigate analyzes conversations and provides information and advice to users about the people they’re in communication with. Our analysis uses our patented neurolinguistic technology that looks at words people use in conversation.

We offer integrations to a number of conversational platforms, including email systems like Gmail and Microsoft 365. For a list of the platforms we currently support, visit our Navigate Integrations page.

Personally Identifiable Information

When you create an account in Navigate, we collect Personally Identifiable Information (PII) from you, including name, email address, and phone number. 

Securing Sensitive Data

Additionally, when you create an account or authorize our access to a platform, we index conversational data from that platform. If that platform is Gmail, for example, we index email conversations from your inbox and continue to index those emails while your account is active.

As we index conversations, we encrypt the conversations themselves and the PII of those participating in the conversation.

Application Security

360° Encryption

Your data is encrypted at all times:

  • All incoming and outgoing data is encrypted in transit using SSL/TLS 1.2.

  • Conversational data is encrypted at rest using xxxxxxxx.

  • Our databases are encrypted on secure cloud file systems hosted by Amazon Web Services.

  • Authentication tokens are encrypted at rest using xxxxxxxx.

  • We leverage AWS KMS for secure encryption key storage and management.

Secure Authentication

We use OAuth to request authorization to their platform accounts from users. This means that we never see your account passwords and you have the ability to turn off our access at any time.

The information we have access to is different for each platform we integrate with. Whenever available, we request the lowest level of permission that allows us to provide our service. In the case of email, calendar and contacts, we request read-only access. Details about the level of authorization we require for each platform can be found on our Integrations page.

In the case of email, calendar, and contacts, we integrate with Nylas who provides a secure common API across multiple vendors. See Nylas under Third-party Vendors below for more information.

Third-party Vendors

The following is a list of the major third-party vendors we use to provide the service.

Amazon Web Services

We use AWS to securely host Cyrano Navigate application services, data and content. Our services are hosted in the “us-west-2” region, across multiple availability zones to ensure high availability.

More information:

aws.amazon.com | Amazon Cloud Security | Amazon Cloud Compliance

Nylas

Nylas provides a common API for email, calendar, and contacts. For users who authorize Gmail. Microsoft 365, or Exchange, for example, are authenticating through Nylas. For authorized accounts, Nylas manages users’ authentication tokens directly and Cyrano.ai has no direct access to them.

GDPR Note: If you are located in the European Economic Area, Nylas is a “processor” of your data.

More information:

nylas.com | Nylas Privacy Policy | Nylas Security Information

Hubspot

We use Hubspot to host our website, www.cyrano.ai, and as our marketing automation platform. In addition to storing customer information, we sync some user-specific application usage data for marketing and operational purposes.

More information:

hubspot.com | Hubspot Security

Intercom

We use Intercom as our customer support platform. In addition to storing customer information, we sync some user-specific application usage data for support and operational purposes.

More information:

intercom.com | Intercom Security

Mixpanel

We use Mixpanel to track application usage data.

mixpanel.com | Mixpanel Security

Data Deletion Policy

As described in the Cyrano.ai Privacy Policy, you may request the deletion of your account at any time.

Cyrano will automatically schedule data retrieved from a given platform for deletion when you disable or uninstall an integration from your account.

Vulnerability Disclosure Policy

We encourage third parties to report bugs and vulnerabilities that they may have discovered. 

For any reports, please provide supporting information, such as your account information (if applicable), relevant software platform details, and steps to reproduce. 

Please submit reports by emailing support@cyrano.ai.