1. Information We Collect

We collect information in three ways:

A. Information You Provide Directly

• Name, email address, company name, and job title when you fill out forms (e.g., contact, demo request, sign-up).
• Microsoft 365 account details (e.g., tenant ID, email domain) when connecting your account via OAuth.
• Any other information you voluntarily submit.

B. Information Collected Automatically (Tracking & Analytics)

When you visit the Site, we and our third-party partners automatically collect:

• Device & Browser Data: IP address, browser type, operating system, device identifiers.
• Usage Data: Pages viewed, time spent, clicks, scroll depth, referring URL.
• Cookies & Tracking Technologies:
  • Essential Cookies: Required for Site functionality (e.g., login state).
  • Analytics Cookies: Used to understand how visitors interact with the Site.

Third-Party Analytics Providers

We use Google Analystics, Microsoft Clarity, and Hubspot to collect anonymized usage data. These tools may be cookies and collect data according to their own privacy policies:

Google Analytics: https://policies.google.com/privacy

Microsoft Clarity: https://privacy.microsoft.com

HubSpot: https://legal.hubspot.com/privacy-policy

C. Information from Microsoft 365 Integration

When you connect your Microsoft 365 account:

• We receive profile data (name, email, job title) via Microsoft Graph API.

• We may access metadata (e.g., calendar events, email headers) only with your explicit consent and only as needed to provide the Service.

• We do not store your email content, files, or passwords.

2. How We Use Your Information

We use collected data to:

• Provide, maintain, and improve the Service.

• Authenticate users via Microsoft 365 single sign-on.

• Analyze Site performance and user behavior.

• Respond to inquiries and provide support.

• Send marketing communications (you can opt out).

• Comply with legal obligations.

3. Legal Basis for Processing (GDPR / CCPA Compliance)

• Contract: To fulfill our agreement when you use the Service.

• Legitimate Interest: Analytics, fraud prevention, service improvement.

• Consent: Optional marketing emails, non-essential cookies.

4. Sharing Your Information

We do not sell your personal data.
We may share data with:

• Service Providers: Hosting, analytics, email delivery (e.g., AWS, SendGrid).

• Microsoft Corporation: Only authentication tokens and consented data via secure APIs.

• Legal Authorities: If required by law or to protect our rights.

5. Cookies & Tracking Technologies

You can manage cookies via:

• Your browser settings

• Our Cookie Consent Banner (on first visit)

• Third-party opt-out links above

6. Your Privacy Rights

Depending on your location, you may have the right to:

• Access your personal data

• Correct inaccurate data

• Delete your data

• Object to processing

• Export your data

• Opt-out of marketing

To exercise your rights, email: [email protected]

California Residents (CCPA): You have the right to request disclosure of data collected and opt out of sale (we do not sell data).

EU/UK Residents (GDPR): You may lodge a complaint with a supervisory authority.

7. Data Security

We use industry-standard measures (encryption, access controls, firewalls) to protect your data. However, no system is 100% secure.

8. Data Retention

• Account data: Retained while your account is active + 90 days.
• Analytics data: Up to 26 months (configurable in Google Analytics).
• Logs: 12 months for security.

We delete or anonymize data when no longer needed.

9. International Data Transfers

Your data may be transferred to and processed in the United States or other countries. We use Standard Contractual Clauses (SCCs) for GDPR-compliant transfers.

10. Children’s Privacy

The Service is not intended for individuals under 16. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this Privacy Policy. Changes will be posted here with an updated "Last Updated" date. Continued use of the Service constitutes acceptance.