Privacy Policy

Version Update Notification

In line with business adjustments, we have revised the Privacy Policy to align with pertinent laws, regulations, and technical standards. Key updates include the inclusion of CozyIntellect Inc. as the service entity and processing rules for data related to RetainApp.AI.

Please review the updated Privacy Policy. Your continued use of our services constitutes acceptance of the revised terms.

Thank you for your understanding and cooperation.

Introduction

Welcome to the RetainApp.AI products and/or services provided by CozyIntellect Inc. The RetainApp.AI platform offers AI-related products and services through proprietary and third-party integrations.

The security of your personal data is of utmost importance to us. This Privacy Policy outlines how we collect, use, store, share, transfer, and process your personal information, and your rights regarding your data. For readability, definitions of key terms are provided in "Schedule 1: Definitions of Key Terms".

This Privacy Policy does not apply to third-party services using our API. Third-party services are governed by their own privacy policies.

Please carefully read and fully understand this Privacy Policy. By using RetainApp.AI, you acknowledge agreement with this policy. For any questions, contact us at support@retainapp.ai. If you disagree with these terms, cease using our products/services immediately.

This Privacy Policy covers:

1. I. How we collect and use your personal information
   • Categories of personal data
   • Sources of data (including Google APIs)
   • Clarification that Google API data is not used to train generalized AI/ML models
2. II. How we use personal data
   • To deliver and operate our services
   • To improve, monitor, personalize, and protect the Service
   • To comply with legal obligations and enforce our agreements
   • Clarification: No use of your data for advertising or third-party marketing
3. III. How we disclose personal data
   • Service providers and infrastructure partners
   • Professional advisors (e.g., legal, accounting)
   • Authorities, law enforcement, and legal proceedings
4. IV. Your privacy rights and choices
   • How to access, correct, delete, or object to data processing
   • Options for revoking consent and managing preferences
5. V. Use of third-party AI technologies
   • Limited-purpose use of AI features
   • Disclosure of AI service providers
   • No use of user data to train generalized AI models
6. VI. Data retention
   • Retention period criteria
   • Deletion procedures upon user request or contract termination
7. VII. Children’s privacy
   • No collection from children under 16
   • Procedures for deletion if such data is discovered
8. VIII. Data Privacy Framework
9. IX. How you can contact us

I. How we collect and use your personal information

(I) Personal information obtained by us when you use our products/services:

• Account Registration: We collect your email and password and/or your authenticated Google account to create your user profile. We may also collect profile information including your preferred language, job role, and company name to customize your experience within the product.
• Paid Services/Products: When purchasing paid services, we collect billing contact information, payment method details, and billing address for invoicing and transaction completion.
• User Input: We process content you provide via input fields, uploaded files, or feedback forms. This information may include personal data if voluntarily submitted.
• Communication Information: When you contact us, we collect your name, contact details, and communication history to respond and assist with support inquiries.
• Browsing Information: When you access our services, we automatically collect system time, time zone, IP address, and device/browser metadata to support diagnostics, analytics, and security monitoring.
• RetainApp.AI Service Integration with Google APIs:
  • Gmail™ Integration (Trademark of Google LLC): With your explicit consent, collected through the Google OAuth authorization flow initiated from within the Retain App, RetainApp.AI accesses your Gmail content to:
    • Generate AI summaries of threads
    • Identify discussion topics and action items
    • Enable vector-based semantic search across emails
    • Compose intelligent email drafts for your review
    Email content is transmitted over secure TLS connections and encrypted at rest. All processing occurs solely to provide the described productivity features.
  • Google Calendar™ Integration (Trademark of Google LLC): With your explicit consent, collected through the Google OAuth authorization flow initiated from within the Retain App, RetainApp.AI reads your calendar metadata to:
    • Display meeting events within the application
    • Enable automatic note-taking during meetings
    • Associate contextual data with scheduled events
    Calendar data is accessed in read-only mode and is cached locally within your account environment.
  • Important: We do not use any Gmail or Google Calendar data to develop, train, or improve generalized artificial intelligence or machine learning models. All use of Google API data complies with the Google API Services User Data Policy, including the Limited Use requirements.
• Cookies and User-Agent Information: We use cookies to manage user sessions and preferences. We collect browser language and User-Agent headers to optimize compatibility and localize the interface.
• Aggregated/De-identified Information: We may anonymize personal information to analyze service trends, improve performance, or publish summary data. De-identified data is not linked to individual users.

II. How we use personal data

We use personal data for the following purposes, or as otherwise described at the time of collection:

To provide the Service and perform our contract with you under our Terms of Service

• To authenticate users, provide access to the Service, deliver related support, and process transactions;
• To respond to inquiries, support requests, feedback, and technical issues;
• To synchronize features across multiple devices (e.g., ensuring drafts, notes, or summaries appear across platforms);
• To manage our relationship with you, including service notifications, account verification, technical alerts, and updates to terms, conditions, or policies.

To improve, monitor, personalize, and protect the Service

• To display contextual contact insights, including information about contacts and Non-Users (e.g., job title, organization, photo);
• To invite referrals from current users and enhance adoption strategies;
• To analyze usage behavior and interaction patterns to improve the content, functionality, and user experience of the Service;
• To develop new features, assess engagement, and refine our product and business strategies;
• To conduct aggregated analytics on usage, feature performance, and feedback received through the Service;
• To apply security, diagnostic, and anti-abuse systems to ensure service availability and performance.

To comply with legal obligations and enforce our agreements

• To administer, maintain, and protect our infrastructure, network, and application integrity;
• To prevent, detect, and respond to fraud, abuse, misuse, or unlawful activities involving the Service;
• To comply with applicable legal obligations, regulatory requirements, and law enforcement requests;
• To protect our rights, your rights, and the rights of other users or third parties, and to enforce our Terms of Service;
• To manage legal disputes or investigations, and to recover debts owed to us.

Advertising and marketing practices

• We do not use your personal data for third-party advertising or tracking-based marketing.
• We may send you direct email communications related to our own services and features. You can opt out of these communications at any time.

Use of Google API Data

Important: We do not use any Gmail or Google Calendar data to develop, train, or improve generalized artificial intelligence or machine learning models. All use of Google API data complies with the Google API Services User Data Policy, including the Limited Use requirements.

III. How we disclose personal data

We do not sell or rent your personal data to third parties. We disclose your personal data only as described below, and only for the purposes outlined in this Privacy Policy.

Service providers and infrastructure partners

We may share your personal data with trusted third-party vendors and service providers who perform services for us, such as:

• Cloud infrastructure providers (e.g., data storage, computing, backup)
• Customer support platforms and communication tools
• Authentication providers and analytics vendors

These service providers are contractually obligated to handle personal data in a confidential and secure manner, and are prohibited from using it for any purpose other than performing services on our behalf.

Professional advisors

We may disclose personal data to legal, accounting, or other professional advisors where nnecessary in the course of the services that they provide to us, such as legal compliance, audits, and financial reporting.

Authorities and legal process

We may disclose personal data to law enforcement agencies, government authorities, or other relevant parties if we believe disclosure is necessary to:

• Comply with applicable laws, regulations, or legal processes
• Enforce our agreements or policies
• Protect the rights, safety, or property of users, our company, or others
• Investigate and respond to fraud or security threats

Disclosure of Google user data

We do not transfer, share, or disclose Gmail or Google Calendar data to any third parties except as required to operate the service you authorized and as outlined in this policy. Data accessed via Google APIs is used only to provide user-requested functionality and is not disclosed outside of RetainApp.AI unless:

• Required by applicable law or legal process, or
• Needed to protect the rights, safety, or property of users or others, as described above.

We do not allow human access to Gmail or Google Calendar data except with your explicit consent, or where required for debugging, abuse investigation, or legal compliance.

We do not transfer, sell, or use Gmail or Google Calendar data for advertising, marketing, retargeting, profiling, credit scoring, or any other commercial purposes.

All disclosures of Google API data, where applicable, comply with the Google API Services User Data Policy, including the Limited Use requirements.

Data protection and confidentiality

Security procedures are in place to protect the confidentiality, integrity, and availability of your data. These include:

• Encryption of data in transit (TLS) and at rest
• Access control based on role and least-privilege principles
• Regular system monitoring, auditing, and security patching
• Confidentiality agreements with employees and service providers

Data retention and deletion

We retain personal data only as long as necessary to fulfill the purposes described in this Privacy Policy, or as required by law. The length of time we keep data depends on the type of data and the context of its collection.

Gmail and Google Calendar data accessed through Google APIs is stored only temporarily to fulfill user-facing features. Once processed, data is either deleted immediately or retained only for short-term synchronization purposes. You may request deletion of your data at any time by contacting us at support@retainapp.ai.

IV. Your privacy rights and choices

You have certain rights and choices regarding your personal data. Depending on your location and how you interact with our Service, you may be able to exercise the rights described below.

Access, correction, and deletion

• You may request information about how we collect and use your personal data. This Privacy Policy provides that information.
• You may request a copy of the personal data we have collected about you. Where required, we will provide it in a portable, machine-readable format.
• You may request corrections to inaccurate or outdated personal data.
• You may request deletion of personal data that we no longer need to provide the Service or for other lawful purposes.

Marketing communications

You may opt out of marketing-related emails and other promotional communications by following the unsubscribe instructions in those messages or by contacting us using the details provided in the Contact Us section. You may continue to receive service-related and other non-marketing emails.

Interest-based advertising

You may opt out of the use and sharing of your personal data for interest-based advertising by following instructions in our Cookie Policy or by enabling the Global Privacy Control (GPC) setting in your browser. Learn more at https://globalprivacycontrol.org. Please note this opt-out is device- and browser-specific.

We do not knowingly sell or share personal data of children under 16 for these purposes.

Other rights

• You may object to or request that we restrict our use of your personal data.
• You may revoke previously granted consent at any time by contacting us.

How to exercise your rights

To submit a request, contact us as described in the Contact Us section below. Depending on applicable laws, you may also authorize an agent to act on your behalf. We may request verification of identity and authority as required by law.

You will not be discriminated against for exercising your privacy rights.

Limitations

Some requests may be limited if fulfilling them would conflict with our legal obligations, contractual requirements, or the rights of others. If you are dissatisfied with our response, you may submit a complaint using the contact details provided in this Privacy Policy.

V. Use of third-party AI technologies

We integrate third-party artificial intelligence technologies to deliver enhanced features within the RetainApp.AI platform. These features include support for email summarization, intelligent drafting, context extraction, and topic clustering to help users interact more effectively with their information.

To enable these features, we share limited portions of your data with our AI service providers, specifically:

• OpenAI, Inc.
• Anthropic PBC
• Google LLC

These providers process data solely for the purpose of delivering the requested AI-powered functionality to you within the Service (e.g., summarizing an email or generating a draft message). CozyIntellect does not opt into allowing these providers to use your data for training their models. All data sharing is subject to the providers' API use policies and confidentiality requirements.

We may add additional AI service providers in the future. Any changes will be reflected in this Privacy Policy.

VI. Data retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. This includes compliance with our legal, accounting, and reporting obligations.

The duration for which we retain personal data depends on several factors, including:

• The nature, sensitivity, and volume of the data collected
• The purpose for which the data was collected
• Any legal or contractual obligations to retain the data
• The potential risk of harm from unauthorized use or disclosure

When personal data is no longer necessary for the stated purposes, we will securely delete, de-identify, or anonymize it in accordance with our internal data disposal policies.

Google user data retention

Gmail and Google Calendar data obtained through Google APIs is stored only temporarily to fulfill real-time service features such as summarization, meeting context, and search indexing. Unless explicitly retained by user request or for service continuity, this data is removed after processing.

We do not transfer or disclose Google user data to third parties except as necessary to operate the Service, as described in this Privacy Policy. All retention and deletion practices related to Google user data comply with the Google API Services User Data Policy.

User deletion requests

You may request deletion of your data at any time by contacting us at support@retainapp.ai. Upon verified request, we will delete your personal data unless we are legally required or permitted to retain it for legitimate business purposes.

VII. Children's privacy

Our Service is not intended for children under 16. We do not knowingly collect personal data from anyone under this age. If you believe a child has provided us with personal data, please contact us at support@retainapp.ai, and we will take steps to delete the information.

VIII. Data Privacy Framework

Retain intends to align with the principles of the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, as established by the U.S. Department of Commerce. These frameworks govern the collection, use, and retention of personal data transferred from the European Union, United Kingdom, and Switzerland to the United States.

As our participation and compliance processes evolve, we will update this Privacy Policy accordingly. For more information about the program, visit https://www.dataprivacyframework.gov/s/.

IX. How you contact us

For privacy inquiries, contact:

CozyIntellect Inc.
Email: admin@cozyintellect.com

Thank you for using RetainApp.AI.