Privacy Policy

Effective Date:  June, 24, 2024

1.    Introduction

This Privacy Policy explains how Reveal AI("we," "us," or "our") collects, uses, discloses, and safeguards information. We are committed to protecting your privacy and ensuring transparency in our data practices.

2.    Scope

This policy applies to: A. Website Visitors B. Customers C. Data Subjects in Our Database D. Prospective Employees

3.    Data Controller and Data Protection Officer

Reveal AI acts as a Data Controller for the personal data we process. Our Data Protection Officer can be contacted at contact@revealinfo.ai.

4.    Categories of Personal Data We Process

Depending on your relationship with us, we may process the following categories of personal data:

a) Basic Information: Name, job title, employer b)Contact Information: Business email, phone number, address c) Online Identifiers: IP address, cookie data d) Professional Information: Work history, education, skills e) Usage Data: Interaction with our services f) Financial Data: Billing information (for customers)

5.    Sources of Personal Data

We collect personal data from: a) Public sources(e.g., company websites, professional networks) b) Third-party providers c)User submissions d) Direct interactions with our website and services

6.    Purposes of Processing and Legal Bases

We process personal data for the following purposes:

a) Providing our services Legal basis: Performance of a contract (for customers), Legitimate interests (for data in our database)b) Improving our services Legal basis: Legitimate interests c) Marketing and communications Legal basis: Consent or Legitimate interests (with opt-out option) d) Compliance with legal obligations Legal basis: Legal obligation

We conduct Legitimate Interest Assessments where this is our legal basis for processing.

7.    Data Retention

We retain personal data for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law. Specific retention periods are as follows:

a) Customer data: Duration of the contract plus 7years b) Marketing data: Until opt-out or 2 years of inactivity c) Job applicant data: 6 months after the position is filled

8.    Your Rights

Depending on your jurisdiction, you may have the following rights:

a) Access to your personal data b) Correction of inaccurate data c) Erasure of your data d) Restriction of processing e) Data portability f) Objection to processing g) Withdrawal of consent

To exercise these rights, please contact us at contact@revealinfo.ai. We will respond to your request within 30 days.

9.    Data Sharing

We may share personal data with:

a) Service providers (e.g., cloud hosting, payment processors) b) Professional advisers (e.g., lawyers, accountants) c) Regulatory authorities d) Our customers (for data in our B2B database)

We have data processing agreements in place with all third-party processors to ensure the protection of your data.

10. International Data Transfers

We may transfer your data outside your country of residence. We ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

11. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption, access controls, and regular security assessments. However, no method of transmission over the Internet is 100% secure.

12. Cookies and Similar Technologies

We use cookies and similar technologies to collect information about your browsing activities. You can manage your preferences through our Cookie Settings .

13. Marketing Communications

You can opt-out of marketing communications at anytime by clicking the "unsubscribe" link in our emails or contacting us directly.

14. Children's Privacy

Our services are not intended for children under16. We do not knowingly collect or process data relating to children.

15. Changes to This Policy

We may update this policy periodically. We will notify you of significant changes via email or prominent notice on our website.

16. Complaints

If you have concerns about our data practices, please contact us first. You also have the right to lodge a complaint with a supervisory authority.

17. California Privacy Rights

California residents have additional rights under the CCPA/CPRA. Please see our California Privacy Notice ww.revealinfo.ai/california-privacy-notice.

18. Privacy by Design

We are committed to privacy by design and by default principles in all our data processing activities.

19. Staff Training

We regularly train our staff on data protection principles and practices.

20. Data Protection Impact Assessments

We conduct Data Protection Impact Assessments for high-risk processing activities.

21. Accountability

We maintain records of our data processing activities and implement accountability measures to ensure GDPR compliance.

22. Contact Us

For any questions about this policy or to exercise your rights, please contact us at: contact@revealinfo.ai

By using our services, you acknowledge that you have read and understood this Privacy Policy.

23. Google Calendar Integration & Authentication

  • We use OAuth authentication with Google Calendar to securely connect your calendar without collecting or storing your Google passwords
  • Our software requests only the minimum access permissions necessary to provide seamless scheduling functionality
  • Users can disconnect their Google Calendar connection at any time through the Calendar settings page in their account

24. Data Access & Privacy Practices

  • We access only the minimum data required from connected calendars to deliver our scheduling services
  • Internal access to customer data is strictly limited and controlled to protect user privacy
  • All browser connections to our platform are encrypted in transit using TLS SHA-256 with RSA Encryption
  • All data is encrypted at rest for additional security protection

25. Platform Security Infrastructure

  • Our application is hosted on Kubernetes and Google Cloud Services for enterprise-grade security
  • All employees receive comprehensive security training
  • Internal system access is secured with multi-factor authentication requirements

26. Data Processing Framework

  • We act as a data processor (or service provider) on behalf of customers under our Data Processing Addendum and Customer Terms and Conditions
  • We utilize third-party analytics providers such as Google Analytics, with clear opt-out information provided
  • We comply with Google's API Services User Data Policy requirements including transparent data use and prohibition of data transfer for advertising purposes

27. User Control & Rights

  • Users can control how we use each connected calendar and select which calendars to check for scheduling conflicts
  • Users can choose where new events are added and configure synchronization settings
  • Users have rights to access their data, request corrections, request deletion under specific circumstances, and opt out of certain data processing activities

28. Compliance Standards

  • We follow Google API best practices including OAuth authentication, minimal permission requests, and comprehensive data encryption
  • We maintain transparency about data usage and provide users with full control over their calendar connections