Privacy Policy

Last updated: February 16, 2026

1. Introduction

CORe Inc. ("Company," "we," "us," or "our") operates the Nefia remote PC management gateway service (the "Service"). This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you use our Service, website at nefia.ai, and related applications.

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree with this policy, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, and authentication credentials when you create an account.
  • Billing Information: Payment method details and billing address processed through our payment processor (Stripe). We do not store full credit card numbers on our servers.
  • Support Communications: Information you provide when contacting our support team.

2.2 Information Collected Automatically

  • Usage Data: Device connection logs, command execution metadata (timestamps, host identifiers, success/failure status), and feature usage statistics.
  • Device Information: Operating system type and version, device identifiers, and network configuration data necessary for VPN tunnel establishment.
  • Log Data: IP addresses, browser type, referring pages, and access timestamps when you visit our website.

2.3 Information We Do Not Collect

  • We do not collect or store the content of commands executed on your remote PCs.
  • We do not collect or store the content of files transferred through the Service.
  • Audit logs are generated and stored locally on your operator PC and are not transmitted to our servers.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, maintain, and improve the Service.
  • To process transactions and manage your subscription.
  • To communicate with you about the Service, including updates and security alerts.
  • To monitor and analyze usage trends to improve user experience.
  • To detect, prevent, and address technical issues and security threats.
  • To comply with legal obligations.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: We share information with third-party service providers who assist us in operating the Service (e.g., Stripe for payment processing, Clerk for authentication).
  • Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.
  • With Your Consent: We may share information with your explicit consent.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including encryption in transit (TLS/SSL), encrypted VPN tunnels (WireGuard), and access controls. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. We may retain certain information after account deletion as required by law or for legitimate business purposes such as resolving disputes and enforcing agreements.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to maintain session state, remember preferences, and analyze usage. You can control cookie settings through your browser preferences. Disabling cookies may affect the functionality of the Service.

8. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access, correct, or delete your personal information.
  • Object to or restrict the processing of your personal information.
  • Data portability — receive your data in a structured, machine-readable format.
  • Withdraw consent where processing is based on consent.

To exercise any of these rights, please contact us at the address provided below.

9. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You may request information about the categories and specific pieces of personal information we have collected, the sources of collection, and the purposes for collection.
  • Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out: We do not sell personal information. If this changes, we will provide a "Do Not Sell My Personal Information" link.
  • Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including Japan, where our Company is headquartered. We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy.

11. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete it promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us through our contact page:

CORe Inc.
https://co-r-e.com/contact