Privacy Policy

At Dealyo ("we," "our," or "us"), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered deal management platform.

By using Dealyo, you consent to the data practices described in this policy. If you do not agree with the terms of this privacy policy, please do not access the site or use our services.

We use the information we collect to:

• Provide and maintain our deal management service
• Analyze your emails to identify and organize deal-related communications
• Generate AI-powered insights, summaries, and task suggestions
• Organize documents and track deal participants
• Send you service-related notifications and updates
• Respond to your support requests and inquiries
• Improve our service and develop new features
• Detect and prevent fraud, abuse, and security issues
• Comply with legal obligations and enforce our terms

To provide our AI-powered features, we use third-party AI services including OpenAI. When you use our AI features:

• Email content may be processed by OpenAI's API to generate insights
• We only send the minimum necessary data for processing
• Data sent to AI providers is not used to train their models
• All AI processing follows strict data minimization principles

We also use the following third-party services:

• Google Gmail API for email access (read-only)
• Supabase for database and authentication
• Vercel for hosting and infrastructure
• Stripe for payment processing (when applicable)

We implement industry-standard security measures to protect your information:

• End-to-end encryption for all data in transit
• Encryption at rest for stored data
• Secure authentication using industry-standard protocols
• Regular security audits and vulnerability assessments
• Access controls and employee training on data protection
• SOC 2 compliance standards (in progress)

Despite our efforts, no security measures are perfect or impenetrable. We cannot guarantee the absolute security of your information.

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• With your explicit consent
• To comply with legal obligations, court orders, or government requests
• To protect our rights, privacy, safety, or property
• In connection with a merger, acquisition, or sale of assets (with notice)
• With service providers who assist in operating our platform (under strict confidentiality)

We retain your information for as long as necessary to provide our services and fulfill the purposes outlined in this policy:

• Active account data is retained while your account is active
• Email data is retained as long as you maintain Gmail integration
• Deleted deals and data are removed from our systems within 30 days
• Backup data is retained for up to 90 days
• Some data may be retained longer to comply with legal obligations

When you delete your account, we will delete or anonymize your personal information within 90 days, except where retention is required by law.

You have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Portability: Request your data in a machine-readable format
• Restriction: Request that we limit processing of your information
• Withdrawal: Revoke Gmail access or delete your account at any time

To exercise these rights, please contact us at privacy@dealyo.ai. We will respond to your request within 30 days.

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ.

We take appropriate safeguards to ensure your information remains protected in accordance with this privacy policy, including implementing Standard Contractual Clauses and other appropriate mechanisms.

If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

• The right to be informed about our data processing activities
• The right to object to processing based on legitimate interests
• The right not to be subject to automated decision-making
• The right to lodge a complaint with your supervisory authority

Our legal basis for processing your personal data includes:

• Contract: To provide the services you've requested
• Consent: For optional features and marketing communications
• Legitimate interests: To improve our services and ensure security
• Legal obligations: To comply with applicable laws

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information.

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

For material changes, we will provide additional notice via email or through the Service. We encourage you to review this Privacy Policy periodically for any changes.

If you have any questions about this Privacy Policy or our data practices, please contact us at:

• Email: privacy@dealyo.ai
• Data Protection Officer: dpo@dealyo.ai
• Address: Howcan, Inc.