Privacy Policy

Last Updated: 23rd February 2025

At 365Labs, we are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Software as a Service (SaaS) product, and it outlines your rights regarding your personal data under the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Information We Collect

We collect different types of personal data to provide and improve our services. The types of information we collect include:

  • Personal Information: When you sign up for our SaaS product or contact us, we may collect your name, email address, phone number, company details, and billing information.

  • Account Information: This includes details such as your username, password, and any other information necessary for your account to function properly.

  • Usage Data: This includes information about how you interact with our services, such as logs, device information, IP addresses, browser type, usage activity, and error reports.

  • Payment Information: We may collect financial information (e.g., billing address, payment details) if you purchase any of our services. We use third-party payment processors who handle and securely store your payment information.

2. How We Use Your Information

We use the information we collect in the following ways:

  • To provide, operate, and maintain our SaaS product.

  • To manage your account and provide customer support.

  • To process payments and verify transactions.

  • To improve, customize, and enhance our services.

  • To communicate with you about updates, promotions, and other related matters.

  • To analyze usage data and improve the functionality and user experience of our platform.

  • To comply with legal obligations and protect our legal rights.

3. Legal Basis for Processing Your Data

Under the GDPR, we rely on the following legal bases to process your personal data:

  • Contractual necessity: Processing your personal data is required to provide the SaaS service to you, including the creation and management of your account.

  • Legitimate interests: We may process your data to improve our services, send you marketing communications, or perform other administrative functions, provided that such processing is in your legitimate interest and does not override your rights and freedoms.

  • Consent: We may rely on your consent for specific processing activities, such as marketing communications. You may withdraw your consent at any time.

  • Legal obligations: We may need to process your data to comply with legal requirements.

4. Sharing Your Data

We do not sell or rent your personal data. However, we may share your data in the following circumstances:

  • Third-Party Service Providers: We may share your data with trusted third-party providers who help us deliver our services (e.g., cloud hosting, analytics, payment processors, email marketing). These providers are contractually bound to protect your data and only use it to the extent necessary to perform their services for us.

  • Legal Compliance: We may disclose your personal data if required to do so by law or if we believe such action is necessary to comply with legal obligations, protect our rights, or defend against legal claims.

  • Business Transfers: In the event of a merger, acquisition, or sale of company assets, your personal data may be transferred as part of that transaction.

5. Use of Google Workspace APIs and AI/ML Models

We respect the privacy and security of our users and comply fully with Google's API Services User Data Policy, including the Google Workspace API User Data Policy.

Affirmation of Compliance
Our application does not use data obtained through Google Workspace APIs (including but not limited to Gmail, Google Drive, Google Calendar, and Google Fit) to develop, improve, or train generalised or non-personalised artificial intelligence (AI) or machine learning (ML) models.

No Unauthorised Transfers
We do not transfer any data obtained through Google Workspace APIs to third-party AI tools for the purpose of developing, improving, or training generalized AI/ML models. If any Google user data is transferred to third-party AI tools, it is done solely for the user’s benefit and in accordance with their explicit consent, and never for generalised AI/ML purposes.

6. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. This includes retaining data for legal, accounting, or reporting obligations. If you wish to close your account or delete your data, please contact us using the contact details provided below.

7. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Access: You have the right to request access to the personal data we hold about you.

  • Rectification: You can request that we correct or update your personal data if it is inaccurate or incomplete.

  • Erasure: You can request the deletion of your personal data under certain conditions (e.g., if we no longer need it, or if you withdraw your consent).

  • Restriction of processing: You can request the restriction of processing of your personal data in certain circumstances.

  • Data portability: You have the right to request that we transfer your data to another service provider in a structured, commonly used, and machine-readable format.

  • Objection: You have the right to object to certain processing activities, particularly those based on our legitimate interests or for direct marketing.

  • Withdrawal of consent: If we are processing your personal data based on consent, you have the right to withdraw your consent at any time.

To exercise these rights, please contact us at the details provided below.

8. Security of Your Data

We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it from unauthorized access, alteration, disclosure, or destruction. While we take reasonable steps to secure your information, no data transmission over the internet can be guaranteed as 100% secure. We cannot ensure the absolute security of any data you transmit to us.

9. International Data Transfers

Your personal data may be transferred to and stored on servers located outside the European Economic Area (EEA). If we transfer your personal data outside the EEA, we will ensure that appropriate safeguards are in place to protect your data, such as using standard contractual clauses or ensuring that the recipient complies with the EU-U.S. Privacy Shield or other applicable frameworks.

10. Children's Privacy

Our services are not intended for use by individuals under the age of 16, and we do not knowingly collect or process personal data from individuals under 16. If you believe we have collected personal data from a child, please contact us immediately, and we will take steps to remove that information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at hello@365labs.ai