1) Scope

This Policy explains how Smart Logic AI, Inc. (“Company,” “we,” “us”) collects, uses, shares, and protects information when you use SmartSolo.ai websites, applications, platforms, and third-party integrations (the “Service”). By using the Service, you agree to this Policy.

2) Data We Collect

• Information you provide. Account data (name, email, organization, role), configuration choices, support requests; payment data processed by payment processors (we do not store full card numbers).
• Automatically collected. Device and usage data (IP, browser, OS, timestamps, pages/events), diagnostics, and performance metrics.
• From integrations (with your authorization). Limited data from Google Workspace, Microsoft 365, Slack/Teams, calendars, email metadata/content, task metadata, files, or messages as needed to deliver requested features.

3) How We Use Data

• Provide, operate, and secure the Service; authenticate users; prevent abuse.
• Process transactions, billing, and notifications.
• Personalize and improve features, including AI-assisted prioritization and automations.
• Provide customer support and service communications.
• Comply with laws and enforce terms.

4) Security

• Secure hosting with row-level security (RLS) and role-based access control.
• Encryption: AES-256 at rest; TLS 1.2+ in transit.
• Strict key/token handling; OAuth tokens encrypted and rotated; least-privilege access; audit logging.
• Periodic penetration testing and vulnerability scanning; continuous monitoring.

5) Data Retention and Deletion

• We retain data while the account is active or as necessary to provide the Service.
• Upon account termination, we delete data from active systems within 30 days and from backups within 90 days, unless law requires longer retention.
• Users may revoke integrations in-app at any time; revocation deletes associated access tokens.

6) Sharing and Disclosure

• We do not sell personal data.
• We share with service providers under confidentiality for hosting, storage, analytics, and support.
• We share with integration partners (Google, Microsoft, Slack, etc.) only as necessary to deliver enabled features.
• We disclose as required by law or in a business transfer (with safeguards).

7) API Partner and OAuth Compliance

• Minimum scopes. We request the least-privilege OAuth scopes necessary for the feature you enable.
• Limited Use (Google). Data obtained via Google APIs is used only to provide or improve user-facing features, not sold or used for ads, and not transferred except to provide those features or comply with law.
• Revocation. You can disconnect any integration in-app (Settings → Integrations → Disconnect). On revocation we immediately invalidate and delete OAuth tokens.
• Sub-processors. Listed at smartsolo.ai/subprocessors with 30 days’ advance notice for changes.
• DPA. Our Data Processing Agreement is incorporated by reference and available on request.

8) Breach Notification

In the event of a confirmed personal data breach affecting your data, we will notify affected customers without undue delay and in any case within 72 hours of confirmation, consistent with applicable law.

9) Your Rights

• GDPR/UK GDPR. Access, correction, deletion, restriction, portability, and objection.
• CCPA/CPRA. Right to know, delete, and opt-out of sale/sharing (we do not sell personal data).
• Requests. Submit requests to privacy@smartsolo.ai. We may verify identity before acting.

10) Children’s Privacy

The Service is not intended for children under 16, and we do not knowingly collect their personal data.

11) International Data Transfers

If you access the Service from outside the United States, your data may be processed in the U.S. We use appropriate safeguards for such transfers where required by law.

12) Cookies and Telemetry

We use essential cookies for authentication and security, and limited analytics to improve performance. You can manage non-essential cookies in your browser or in-app settings where available.

13) Changes to this Policy

We may modify this Policy. Material changes will be notified at least 30 days before they take effect. Continued use after the effective date constitutes acceptance.

14) Governing Law

Utah law governs this Policy. Venue lies in Utah state or federal courts.

15) Contact

Smart Logic AI, Inc. d/b/a SmartSolo.ai • Utah, USA • privacy@smartsolo.ai