Nautex AI

Privacy Policy

Effective Date: November 10, 2025

Last Updated: November 10, 2025 — This version clarifies geographic scope, data controller/processor roles, retention periods, and sub-processor relationships.

This Privacy Policy describes how Nautex AI, Inc. (also referred to as Nautex, we, us, and our) collects, uses, and discloses information from or about an identified or identifiable person, including information that we can associate with an individual person ("Personal Data"), as well as any choices you have with respect to your Personal Data.

Terms

  • Customer, you, your: The organization and users who use Nautex services.
  • Service: The Nautex web application, APIs, managed backend, and the locally installed Nautex utility (CLI + MCP server).
  • Personal Data: Any information relating to an identified or identifiable natural person.
  • LLM (Large Language Model): In the context of the Nautex Service, LLM is synonymous with "AI Assistant." LLMs are artificial intelligence models that process natural language to assist with document creation, requirements authoring, and answering questions.
  • LLM Pre‑training / LLM Fine‑tuning: The practice of using datasets to train or improve LLM model weights. Nautex does not perform Pre‑training or Fine‑tuning of models using Customer data.
  • LLM Context: The information provided to an LLM during a specific inference request to help it understand and respond to a user's query. LLM Context is assembled in-memory for each request and typically includes relevant portions of User Content (Project Documents and Interaction History) selected based on the user's current task.
  • LLM Context Management: The process of selecting and packaging relevant User Content (Project Documents and Interaction History) into LLM Context sent to an LLM for real‑time inference. Context is ephemeral to the inference request and is not used to train models.
  • Customer Personal Data: Personal Data in account information (names, email addresses, user identifiers), organization membership, authentication records, and related account metadata that Nautex processes on behalf of the Customer.
  • Coding Agent: A third‑party IDE/agent tool (e.g., Claude Code, Cursor, others) that runs on the customer's machine and interacts with the customer's local files under the customer's control. Coding Agents are not part of the Nautex Service and are governed by their vendors' policies.
  • User Content: Business and technical content you create within the Service. User Content consists of two data types: (1) Project Documents—structured artifacts including PRD, TRD, file maps, implementation plans, diagrams, and attachments; and (2) Interaction History—the sequence of Prompts and AI responses that create and update Project Documents. User Content is stored to provide continuity, versioning, and auditability of project work.
  • Prompt: A message or instruction a user submits within the Service to request AI assistance.
  • Operational Metadata: Technical telemetry and logs produced by the Service for reliability, security, and troubleshooting.
  • Sub‑processor: A third party engaged by Nautex to process Customer Personal Data on Nautex's behalf to deliver the Service. In this policy, LLM API providers are sub‑processors.

What This Policy Covers

This Privacy Policy applies to your use of Nautex's requirements management platform (the Service), including:

  • The Nautex web application where you create and manage requirements
  • Our backend services that power the platform
  • The Nautex command-line tool and MCP server that run on your computer to sync your work

What This Policy Does NOT Cover:

Third-party tools you choose to use with Nautex have their own privacy policies:

  • Coding Agents (like Claude Code, Cursor, etc.) that help implement your requirements are separate products governed by their vendors' privacy policies
  • LLM providers (OpenAI, Anthropic, Google, xAI) have their own terms for their API services. When Nautex sends requests to these providers on your behalf, those interactions are also subject to their privacy commitments for API usage.

This separation is important: Nautex controls how we handle your data, but we cannot control how third-party vendors operate. We choose vendors with strong privacy practices and use API modes that protect your data (see How We Use AI).

Geographic Scope and Data Location

Service Availability

The Nautex Service is available globally, except where prohibited by applicable law or regulation.

Data Storage and Processing Location

All Personal Data and User Content collected through the Service is stored and processed exclusively in the United States. Our infrastructure, sub-processors, and service providers operate within the United States.

Consent to Transfer for Non-U.S. Users

If you are located outside the United States (including in the European Economic Area, Switzerland, or the United Kingdom), by using the Service, you consent to the transfer of your Personal Data to the United States for storage and processing as described in this Privacy Policy. For information about legal safeguards for international transfers, see International Transfers.

Applicability and Deployment Models

Cloud (General Availability)

This Privacy Policy applies to the cloud‑hosted, multi‑tenant Nautex Service offered as General Availability (GA). All purposes of processing, retention practices, and sub‑processor disclosures in this document describe the GA cloud offering.

On‑Premises / Customer‑Managed (In‑Cluster or Data Center)

Nautex can be deployed in a Customer‑managed environment, private cloud, or data center infrastructure. For these deployments:

  • Governance: Processing is governed by the master agreement and a deployment‑specific DPA/SOW.
  • Identity: The deployment may integrate with the Customer's identity provider (e.g., SSO with SAML or OIDC).
  • LLM Access: All LLM usage is via paid API endpoints for inference only; where available, provider "no data retention" (or equivalent) modes are enabled by default.
  • Data Location: Customer data remains within the Customer's environment except for outbound LLM inference requests carrying minimal, ephemeral context. Providers do not use this data to train models.

Roles and Responsibilities

Under applicable data protection laws, Nautex's role varies depending on the type of data:

Nautex as Data Controller:

  • Nautex acts as a data controller for account and billing information (such as email addresses, organization names, payment details), authentication records, and Operational Metadata necessary to provide and secure the Service. This means Nautex determines the purposes and means of processing this data.

Nautex as Data Processor/Service Provider:

  • Nautex acts as a data processor (or service provider under certain U.S. privacy laws) for User Content—the business and technical specifications you create within the Service. This means Nautex processes User Content on your behalf and according to your instructions.

Sub-processors:

Not Part of the Service:

  • Coding Agents (such as Claude Code, Cursor, and others) are not part of the Nautex Service. They operate solely within your local environment under your control. See Coding Agents and Local Code for details on data boundaries.

Data We Process

  1. Account and Organization Data
  • Contact details, account identifiers, role and organization membership. This is the primary category of Personal Data we process.
  1. Billing and Payment Information
  • For Customers who purchase paid versions of the Service, billing details such as billing address and payment method information. Payment card details are processed directly by Stripe, our payment processor, and are not stored by Nautex. See Data Sharing and Sub-processors for details.
  1. User Content
  • Project Documents: Requirements artifacts (PRD, TRD), file maps, implementation plans, diagrams, and attachments you create or upload in the Service.
  • Interaction History: Prompts and AI responses that create and update Project Documents, stored to provide continuity, versioning, and auditability.
  • User Content primarily consists of business and technical specifications but may include Personal Data depending on what you enter into the Service.
  1. Email Communications Data
  • Email addresses for account communications and notifications. We may collect email engagement metrics (such as whether marketing emails were opened or links were clicked) to measure the effectiveness of our communications and improve our services.
  1. Device and Activity Metadata
  • When you access the Service, we automatically collect information including Internet Protocol (IP) addresses, browser type and version, device type and operating system, access timestamps, pages or features accessed, and request logs. This information is used for security, troubleshooting, and service improvement.
  1. Operational Metadata
  • Timestamps, request IDs, performance metrics, and minimal diagnostics necessary to operate and secure the Service. We do not include User Content in telemetry unless strictly necessary for incident investigation with Customer authorization.
  1. Exclusions
  • Source code in the Customer's repositories and local project files is not collected or stored by Nautex. See Coding Agents and Local Code for details on data boundaries.
  1. Prohibited and Sensitive Personal Data
  • Biometric Data: Nautex does not collect or store biometric information (such as fingerprints, facial recognition data, or voiceprints). If voice input features are used, audio is passed through to third-party services for transcription only and is not stored by Nautex.
  • Payment Card Data: Full payment card numbers (PANs) are processed directly by Stripe and are never stored by Nautex. We receive only limited payment method identifiers (last 4 digits, card brand) for display purposes.
  • Customer Responsibility: Customers should not input the following types of sensitive data into User Content: protected health information (PHI), children's personal information, precise geolocation data, government-issued identification numbers, or other highly regulated personal data types. The Service is designed for business and technical content, not for storing sensitive personal information.

How We Use AI

Understanding LLM Context vs. Training

The Nautex Service uses LLMs fundamentally differently from how LLM providers train their models:

What We Do: Context Management

  • When you use AI features, we perform LLM Context Management: selecting relevant portions of your User Content (Project Documents and Interaction History) and assembling it in-memory for a single inference request.
  • This context exists only for the duration of that request—it's ephemeral data sent to the LLM API to help the model understand your specific question or task.
  • Think of it like providing a consultant with relevant background documents before asking a question—the documents inform the answer, but aren't incorporated into the consultant's permanent knowledge.

What We Don't Do: Training or Fine-tuning

  • We never pre‑train or fine‑tune LLM models using Customer data.
  • Your data does not become part of any model's learned parameters or permanent knowledge base.
  • We do not contribute Customer data to any provider's training datasets.

LLM API Usage

  • We use paid API endpoints of LLM providers (OpenAI, Google Gemini, Anthropic Claude, xAI Grok) strictly for real‑time inference.
  • Each request contains only the minimum context necessary to fulfill your specific request—not your entire project history.
  • Where available, we select provider modes that exclude use of data for training and minimize retention (limited to brief windows for abuse monitoring only).
  • Organization isolation ensures context is sourced only from your organization's materials and respects user permissions—we never use one customer's data to serve another customer.

Data Flow and Boundaries

What Nautex Sees:

  • User Content you create in the Service (requirements documents, plans, diagrams, interaction history)
  • Account and organization metadata
  • Device and activity logs

What Nautex Doesn't See:

  • Your source code or project files on your local machine or repositories
  • Contents of your IDE or file system beyond the .nautex/ sync folder
  • Data processed by Coding Agents operating on your machine

What LLM Providers Receive:

  • Minimal, ephemeral context from your User Content necessary for the specific inference request
  • Technical request metadata (timestamps, API keys, request IDs)
  • No access to your full project history or account details
  • No source code (Nautex doesn't have it to send)

For detailed provider data retention and usage policies, see Appendix: LLM Provider Policies.

Coding Agents and Local Code

What Are Coding Agents?

Coding Agents are third‑party IDE tools (such as Claude Code, Cursor, and others) that run on your machine and interact with your local files under your control. They are separate products with their own privacy policies and are not part of the Nautex Service.

Data Boundaries: What Nautex Accesses

Nautex Does Not Access Your Code:

  • Nautex does not require access to your source repositories or project files to function.
  • The Service does not request repository permissions.
  • Your code never leaves your local environment to reach Nautex servers.

The .nautex/ Folder:

  • The Nautex utility (CLI + MCP server) runs locally and manages only the .nautex/ folder within your project.
  • This folder contains synced requirements, plans, and task definitions—structured metadata about what needs to be built, not the implementation code itself.
  • Coding Agents read this folder to understand approved work items and align their assistance with your project requirements.

How Coding Agents Work with Nautex

  1. You approve tasks in the Nautex Service (web app or CLI).
  2. Nautex syncs task metadata to your local .nautex/ folder.
  3. Your Coding Agent reads the .nautex/ folder to understand what work is approved.
  4. The Coding Agent requests permission to read or modify project files based on approved tasks.
  5. You review and approve each agent action before code is read, modified, or committed.

Human-in-the-Loop Safeguards

  • Coding Agents require your explicit approval before reading, modifying, or committing code.
  • You can restrict agent scope, disable code analysis features, or require manual review gates.
  • Any broader access within your IDE is governed by the Coding Agent's configuration and its vendor's policies—not by Nautex.

For architectural details, see the informative note at the end of this policy.

Purposes of Processing

  • Provide and improve core functionality of requirements authoring, plans, and diagram/PDF rendering.
  • Perform LLM Context Management for real‑time inference to assist authoring and planning (see How We Use AI).
  • Maintain continuity and auditability of project work via User Content (Project Documents and Interaction History).
  • Process billing and payments through our payment processor for paid subscriptions and services.
  • Send email communications, including transactional emails (account, security, service updates) and promotional emails (product updates, marketing communications). You may opt out of promotional emails at any time.
  • Analyze email link click engagement (via redirect URLs) to measure effectiveness of communications and improve our services.
  • Secure the Service, prevent abuse, ensure reliability, and measure performance through analysis of Device and Activity Metadata.
  • Provide customer support with prior written authorization where access is required.
  • Generate anonymized, aggregate usage statistics that do not contain User Content.

Cookies and Tracking Technologies

What We Use

The Service uses cookies and similar technologies for essential functionality and service improvement:

  • Essential Cookies: Required for authentication, session management, and core Service functionality. These cookies cannot be disabled without affecting Service operation.
  • Self-Hosted Analytics: We use self-hosted analytics tools to understand usage patterns and improve the Service. Data is anonymized and does not contain User Content.
  • Error Monitoring: Sentry for application error logging and debugging. PII scrubbing is enabled.

What We Do NOT Use

  • Advertising Cookies: We do not use cookies for advertising purposes.
  • Cross-Context Behavioral Advertising: We do not track users across websites or services for advertising.
  • Third-Party Advertising Networks: We do not integrate third-party advertising networks or trackers.

Email Communications

Nautex sends two types of email communications:

Transactional Emails

  • These are service-related communications necessary to provide the Service, including account notifications, security alerts, password resets, billing confirmations, and important service updates.
  • You cannot opt out of transactional emails as they are essential to the operation of your account and our contractual relationship with you.

Promotional Emails

  • These include product updates, new feature announcements, educational content, marketing communications, and newsletters.
  • You may opt out of promotional emails at any time by clicking the "unsubscribe" link included in all promotional emails or by contacting us as set out in the Contact section.
  • Opting out of promotional emails will not affect transactional emails.

Email Tracking Practices

  • We do not use open-tracking pixels (invisible images that track when emails are opened).
  • Link clicks in emails are tracked via redirect URLs to measure engagement and improve our communications. This data is used primarily in aggregate form.

Customer Controls

Content Deletion

  • Organization administrators can delete User Content (Project Documents and Interaction History).
  • Individual users can manually delete specific messages or complete conversation threads from Interaction History at any time.
  • Upon account termination, all User Content is deleted or made available for export as specified in your agreement.
  • Deleted data is purged from backup systems within 35 days maximum.

Data Location

Access Controls

  • Nautex personnel do not access Customer data unless you provide written authorization for a specific support case.
  • Role-based access controls allow organization administrators to manage user permissions within the Service.

Auditability

  • Interaction History provides a complete audit trail of AI-assisted conversations that shaped your project requirements.

Data Retention

We retain different categories of data for specific periods based on operational, legal, and business needs:

Access and Authentication Logs

  • Retained for 90 days for security monitoring, troubleshooting, and abuse prevention.

Error Logs and Diagnostics (Sentry)

  • Retained for 90 days maximum for debugging and service reliability. PII scrubbing is enabled to minimize personal information in error reports.

Backup Copies

  • Deleted backups are purged from backup systems within 35 days maximum.

Account and Billing Data

  • Retained while your account is active and for such additional period as required to comply with legal obligations (such as tax, accounting, and audit requirements).

User Content

  • Project Documents: Retained until you delete them or until your organization terminates its subscription. Upon termination, data deletion or export is available as specified in your agreement.
  • Interaction History: Retained for the life of the project to provide a complete audit trail of how requirements evolved through AI-assisted conversations. This history is an essential record of your project's development. Customers may manually delete individual messages or complete conversation threads at any time, but automated retention controls are not available because Interaction History forms the system of record for requirement changes.

LLM Provider Retention

  • LLM sub-processors may retain data for limited periods for abuse monitoring only, per their respective policies for paid API usage. Data sent to LLM providers is not used to train models. See Appendix: LLM Provider Policies and provider documentation for details.

Data Sharing and Sub‑processors

We do not sell Customer data or share it for advertising. We engage the following sub‑processors to help deliver the Service:

Current Sub-processors (Last updated: November 10, 2025)

Sub-processorPurposeLocationDocumentation
DigitalOceanCloud infrastructure and database hostingUnited StatesPrivacy Policy
StripePayment processing and subscription managementUnited StatesPrivacy Policy
FirebaseAuthenticationUnited StatesPrivacy Policy
ResendTransactional email deliveryUnited StatesPrivacy Policy
SentryError logging and application monitoringUnited StatesPrivacy Policy
OpenAILLM inference (API only)United StatesPrivacy Policy
AnthropicLLM inference (API only)United StatesPrivacy Policy
GoogleLLM inference (Gemini API only)United StatesTerms
xAILLM inference (Grok API only)United StatesPrivacy Policy

Sub-processor Safeguards:

  • All sub-processors are bound by data processing terms that exclude use of customer data for their own training or marketing purposes.
  • LLM providers process only ephemeral context for real-time inference and do not use API data to train models. See How We Use AI and Appendix: LLM Provider Policies.
  • Stripe processes payment card details directly; Nautex does not store full credit card numbers.

Changes to Sub-processors: We will provide 30 days' advance notice to all customers before adding or replacing sub-processors. Notice will be provided via email to account administrators or through an in-app notification.

International Transfers

All Processing Occurs in the United States

Nautex AI, Inc. is based in the United States, and all Personal Data is processed exclusively in the United States, regardless of where you are located. Our infrastructure and all sub-processors operate within the United States. See Geographic Scope and Data Location for details.

Legal Safeguards for International Transfers

For users located outside the United States (including in the European Economic Area, Switzerland, and the United Kingdom), we rely on Standard Contractual Clauses (SCCs) as the legal mechanism for international data transfers:

  • From EEA/Switzerland: Standard Contractual Clauses approved by the European Commission under Article 46(2)(c) GDPR
  • From UK: SCCs adopted under Section 119A of the UK Data Protection Act 2018

You may request a copy of our Standard Contractual Clauses by contacting us at privacy@nautex.ai.

Security Measures

  • Encryption: TLS in transit; encryption at rest for managed databases and storage.
  • Isolation: Per‑organization isolation at the application layer and IP‑restricted access to managed database.
  • Least Privilege: Scoped service accounts and access reviews for Nautex personnel.
  • Monitoring: Infrastructure and application monitoring with alerting; anonymized product analytics without User Content.
  • Vulnerability Management: Regular patching of services and dependencies; intake for reported vulnerabilities.
  • Incident Response: Documented process for detection, triage, communication, and remediation.
  • Customer Review Gates: Human‑in‑the‑loop approvals for Coding Agent actions that touch code, preventing unapproved changes. See Coding Agents and Local Code.

Security Incident Notification

In the event of a security incident that results in unauthorized access to or disclosure of Personal Data, we will notify affected customers without undue delay and in accordance with applicable law. Notifications will be sent to the administrative contact(s) on file for your organization and will include information about the nature of the incident, the data affected, and steps being taken to address the issue.

Security Disclaimer

While Nautex implements reasonable security measures to protect Personal Data and User Content, no system can be completely secure. We cannot guarantee that information stored or transmitted through the Service will be completely safe from unauthorized access or disclosure. To the maximum extent allowed by applicable law, Nautex is not liable if information about you is intercepted, accessed, or used by an unintended recipient. We encourage you to use caution when sharing sensitive information and to report any security concerns to us immediately.

Age Restrictions

The Service is not intended for use by individuals under the age of 16 ("Minors"). We do not knowingly collect Personal Data from Minors. If you are a parent or guardian and believe that your child has provided us with Personal Data, please contact us using the information in the Contact section below, and we will take steps to delete such information.

By using the Service, you represent and warrant that you are not a Minor as of the date of first access to the Service.

Access Requests and User Rights

Depending on your jurisdiction, you may have rights to access, correct, export, object to, or delete your Personal Data. Organization administrators can export or delete User Content (Project Documents and Interaction History), subject to contractual obligations and legal requirements. Requests can be submitted via the Contact section.

United States State-Specific Privacy Rights

We Do Not Sell or Share Personal Data for Advertising

Nautex does not sell Personal Data and does not share Personal Data for cross-context behavioral advertising. We use data solely to provide and improve the Service as described in this Privacy Policy.

Your Privacy Rights Under State Laws

If you are a resident of California, Virginia, Colorado, Connecticut, or another U.S. state with comprehensive privacy laws, you have the following rights:

  1. Right to Know: Request disclosure of the categories and specific pieces of Personal Data we have collected about you, the sources, purposes, and third parties with whom we share it.

  2. Right to Access: Request a copy of your Personal Data.

  3. Right to Correct: Request correction of inaccurate Personal Data.

  4. Right to Delete: Request deletion of your Personal Data, subject to exceptions (e.g., completing transactions, legal compliance, security, or exercising free speech rights).

  5. Right to Portability: Request a copy of your Personal Data in a portable, machine-readable format where feasible.

  6. Right to Non-Discrimination: We will not discriminate against you for exercising these rights.

  7. Right to Appeal (where applicable): If we deny your request, you may appeal by contacting us at the email address below.

How to Exercise Your Rights

To exercise these rights, contact us at privacy@nautex.ai with sufficient information to verify your identity (name, email address, organization). You may also designate an authorized agent to submit requests on your behalf with proof of authorization.

Response Timing

We will respond to verifiable requests within 45 days of receipt. If we need additional time (up to 90 days total), we will notify you of the reason and extension.

Data Categories, Sources, and Purposes

For details on:

Plan‑Level Differences

  • Free: Standard security; defaults for User Content retention; manual exports; community support; limited admin controls.
  • Pro: Additional admin controls for audit logs and user permissions; priority support; enhanced collaboration features.
  • Enterprise: Custom retention controls; single‑tenant org instance at runtime layer; SSO/SAML integration; enterprise sub‑processor terms with DPA; zero‑retention LLM modes where available; dedicated security review support; custom data processing agreements.

Corporate Transactions and Changes to Our Business

If Nautex engages in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of Nautex's assets or stock, financing, public offering of securities, acquisition of all or a portion of our business, or similar transaction or proceeding, or steps in contemplation of such activities (collectively, a "Corporate Transaction"), some or all Personal Data and User Content may be shared or transferred to the acquiring or successor entity, subject to standard confidentiality arrangements.

In the event of a Corporate Transaction, we will:

  • Provide notice to you through the Service or by email before your Personal Data is transferred and becomes subject to a different privacy policy, if applicable
  • Ensure that any acquiring party agrees to handle your Personal Data in a manner consistent with this Privacy Policy or provide you with notice and choice regarding different practices

Our Service may contain links to third-party websites, services, and applications that are not owned or controlled by Nautex, including links within User Content created by Customers. This Privacy Policy does not apply to such third-party websites or services.

We are not responsible for the privacy practices, security, or content of any third-party websites or services. We encourage you to review the privacy policies and terms of service of any third-party websites or services before providing them with your information or using their services.

The integration of Coding Agents and LLM providers through our Service is governed by their respective privacy policies and terms of service, which you should review.

Contact

For privacy questions, data access requests, corrections, deletions, or security reports, please contact:

Nautex AI, Inc.

To exercise your privacy rights (access, correction, deletion, portability), please submit your request via email to privacy@nautex.ai with sufficient information to verify your identity (name, email address, organization).

If you are located in the European Economic Area, Switzerland, or the United Kingdom, you may also contact your local data protection authority if you have concerns about how we process your Personal Data.

Updates to This Policy

We may update this policy to reflect changes in the Service or applicable laws. Material changes will be communicated through the Service or by email before they take effect.

Appendix: LLM Provider Policies

The Service engages the following LLM providers solely as sub‑processors for real‑time inference. Customer data sent is limited to ephemeral context necessary to fulfill the request. All providers confirm that API data is not used to train or improve their models.

OpenAI (API)

  • Training: API data not used to train or improve models.
  • Retention: Minimal retention for abuse monitoring; zero-data-retention options available for qualifying tiers. See provider documentation for current retention periods.
  • Security: TLS in transit; encryption at rest.
  • Documentation: Privacy Policy | Enterprise Privacy

Google Gemini (API)

  • Training: Paid API data not used to train or improve models.
  • Retention: Limited retention for abuse monitoring only. See provider documentation for current retention periods and caching policies.
  • Documentation: Terms of Service | Usage Policies

Anthropic Claude (API)

  • Training: API data never used for model training.
  • Retention: Minimal retention period for trust and safety. See provider documentation for current retention periods.
  • Documentation: Privacy Center | Data Usage

xAI Grok (API)

Architectural Notes

Backend Architecture:

  • The Nautex backend operates per‑organization instances behind a gateway and proxy that validate authentication tokens and authorization before data access.
  • Organization isolation ensures your data is logically separated from other customers at the application layer.

Local Utility Architecture:

  • The Nautex utility (CLI tool + MCP server) runs locally on your machine to sync the .nautex/ folder and serve requests from Coding Agents.
  • The utility does not access project code outside the .nautex/ folder and does not transmit code to Nautex servers.
  • Coding Agents read the .nautex/ folder to align work with approved plans and require user approval to read or write project files.
  • View the open-source utility on GitHub: https://github.com/hmldns/nautex
Stakeholders

Product Management

Developers

Engineering Team

Local Development Environment
IDE
Coding Agent
Nautex Utility
Project Files
.nautex/
Local File System
Nautex MCP
Requirements & plan sync
Progress reporting
Nautex Platform
Web App
Requirements Management
Backend Services
API, Auth, Processing
Managed Secured Database
Project Documents & Interaction History
(PRD, TRD, Plans, Diagrams)
NO Source Code
External Services
Authentication
Firebase - Identity & Auth
Payment Processor
Stripe - Billing & Subscriptions
LLM Providers
Inference API only - No model training
OpenAI
Gemini
Anthropic
xAI Grok