Beeasy.ai Privacy Policy

1. Introduction

1.1 About This Policy

Beeasy.ai ("we," "our," or "us") operates the AI-powered CRM and email automation platform accessible at www.beeasy.ai and related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

1.2 What is Beeasy.ai?

Beeasy.ai is an AI-powered business intelligence and CRM platform that provides:

• Email Automation: Intelligent email processing and CRM integration
• CRM Management: Contact, deal, and brand relationship management
• Task Management: Project organization and team collaboration
• Social Media Management: Multi-platform social media posting and analytics
• AI-Powered Insights: Automated business intelligence and recommendations

1.3 Your Consent

By using our Service, you consent to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not use our Service.

---

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Personal Details: Name, email address, phone number
• Profile Information: Job title, company information, profile picture
• Authentication Data: Username, password (encrypted), authentication preferences
• Account Settings: Preferences, notification settings, timezone

2.2 CRM and Business Data

As part of our CRM functionality, we collect and process:

• Contact Information: Names, email addresses, phone numbers, job titles of your contacts
• Deal Information: Deal titles, values, stages, expected close dates, notes
• Brand/Company Data: Company names, domains, contact information
• Task Data: Task titles, descriptions, due dates, priorities, assignments
• Communication History: Email threads, meeting notes, activity logs

2.3 Email Integration Data

When you connect your Google email account, we collect:

• Email Metadata: Sender, recipient, subject, timestamps, thread IDs
• Email Content: Message content for AI analysis and CRM integration
• Email Attachments: File names and metadata (content not stored)
• Email Analytics: Open rates, response times, engagement metrics

2.4 Social Media Integration Data

When you connect social media accounts (Facebook, Instagram, YouTube, TikTok), we collect:

• Account Information: Platform, account name, handle, follower count
• Post Data: Content, hashtags, mentions, scheduling information
• Analytics Data: Engagement metrics, reach, impressions
• OAuth Tokens: Encrypted access tokens for platform integration

2.5 Usage and Analytics Data

We automatically collect information about how you use our Service:

• Usage Patterns: Features used, time spent, navigation paths
• Performance Data: Page load times, error logs, system performance
• Device Information: Browser type, operating system, device identifiers
• IP Address: For security and analytics purposes

2.6 AI Processing Data

For our AI-powered features, we process:

• Email Content: Temporarily for classification and CRM integration
• Business Intelligence: Extracted insights, patterns, and recommendations
• User Preferences: AI model preferences, response templates, automation rules

---

3. How We Use Your Information

3.1 Core Service Provision

We use your information to:

• Provide CRM Services: Manage contacts, deals, brands, and tasks
• Email Automation: Process emails, create CRM records, generate responses
• Social Media Management: Schedule posts, track analytics, manage accounts
• AI-Powered Insights: Generate business intelligence and recommendations
• Task Management: Organize projects, assign tasks, track progress

3.2 AI and Machine Learning

We use your data to:

• Email Classification: Categorize emails using our 3-tier AI system
• Deal Intelligence: Automatically create and update deals from email content
• Contact Extraction: Identify and create contact records from email signatures
• Brand Detection: Recognize and create brand profiles from email domains
• Predictive Analytics: Provide business insights and recommendations

3.3 Service Improvement

We analyze usage data to:

• Enhance Features: Improve existing functionality and develop new features
• Performance Optimization: Optimize system performance and reliability
• User Experience: Personalize the interface and improve usability
• Service Quality: Monitor and improve overall service delivery

3.4 Communication

We use your contact information to:

• Service Notifications: Send important updates about your account
• Support Communications: Respond to your inquiries and provide assistance
• Product Updates: Inform you about new features and improvements
• Marketing Communications: Send promotional content (with your consent)

3.5 Legal Basis for Processing (GDPR)

When processing personal data under GDPR, we rely on:

• Contract Performance: Processing necessary for providing our Service
• Legitimate Interests: Improving our Service and developing new features
• Consent: Marketing communications and optional features
• Legal Obligation: Compliance with applicable laws and regulations

---

4. Information Sharing and Disclosure

4.1 Third-Party Service Providers

We share information with trusted service providers who assist us in operating our Service:

Cloud Infrastructure:

• Supabase: Database hosting and authentication services
• Google Cloud: Email processing and AI services
• AWS/Other Cloud Providers: Additional infrastructure services

AI and Analytics:

• OpenAI: AI processing for email classification and content generation
• Google AI Services: Machine learning and natural language processing
• Analytics Providers: Usage analytics and performance monitoring

Email and Communication:

• Gmail API: Email integration and processing
• Google Calendar: Meeting scheduling and availability
• Email Service Providers: Transactional and marketing emails

Social Media Platforms:

• Facebook/Meta: Social media posting and analytics
• Instagram: Visual content and story management
• YouTube: Video content publishing and analytics
• TikTok: Short-form video content and engagement

4.2 Data Protection Requirements

All third-party service providers are contractually obligated to:

• Use your information only for the purposes we specify
• Implement appropriate security measures
• Comply with applicable privacy laws
• Not sell or disclose your information to other parties

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

4.4 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (subpoenas, court orders, etc.)
• Government investigations
• Protection of our rights and property
• Prevention of fraud or illegal activities
• Protection of user safety

---

5. Data Security

5.1 Security Measures

We implement comprehensive security measures to protect your information:

Technical Safeguards:

• Encryption: Data encrypted in transit and at rest using industry-standard protocols
• Access Controls: Multi-factor authentication and role-based access controls
• Network Security: Firewalls, intrusion detection, and secure network architecture
• Regular Security Assessments: Ongoing security audits and vulnerability testing

Organizational Safeguards:

• Employee Training: Regular security awareness training for all staff
• Confidentiality Agreements: All employees sign strict confidentiality agreements
• Access Monitoring: Continuous monitoring of data access and usage
• Incident Response: Comprehensive incident response procedures

5.2 Data Breach Response

In the event of a data breach that may affect your personal information, we will:

• Notify affected users as required by applicable law
• Report the breach to relevant authorities where required
• Take prompt steps to contain and remediate the breach
• Provide guidance on protective measures you can take

5.3 OAuth Token Security

Your OAuth tokens for third-party integrations are:

• Encrypted using industry-standard encryption
• Stored securely in our database
• Protected during transmission
• Refreshed as needed to maintain security

---

6. Data Retention

6.1 Retention Periods

We retain your information for as long as necessary to provide our Service and fulfill the purposes described in this policy. Retention periods vary based on data type:

• Account Information: Retained while your account is active and for a reasonable period afterward to comply with legal obligations
• CRM Data: Retained while your account is active; deleted or anonymized after account closure
• Email Processing Data: Processed temporarily for AI analysis; content is not permanently stored
• Analytics Data: Retained in aggregated, anonymized form for service improvement
• OAuth Tokens: Retained until revoked by you or upon account closure
• Audit Logs: Retained as needed for security and compliance purposes

6.2 Deletion Procedures

When data is no longer needed, we will:

• Securely delete or anonymize your personal information
• Remove data from active systems in accordance with our data management practices
• Comply with applicable data protection laws

---

7. Your Rights and Choices

7.1 Access and Portability

You have the right to:

• Access the personal information we hold about you
• Receive a copy of your data in a portable format (JSON, CSV)
• Request correction of inaccurate information
• Request completion of incomplete information

7.2 Deletion and Restriction

You have the right to:

• Request deletion of your personal information
• Request restriction of processing in certain circumstances
• Object to processing based on legitimate interests
• Withdraw consent at any time

7.3 Data Portability

You can export your data through our Service:

• CRM Data: Export contacts, deals, and brands in CSV format
• Task Data: Export tasks and projects in various formats
• Analytics Data: Export usage and performance data
• Settings: Export account preferences and configurations

7.4 Exercising Your Rights

To exercise your rights, please contact us at tanner.hatch@beeasy.ai with:

• Your full name and contact information
• Description of the right you wish to exercise
• Any relevant account information for verification

We will respond to your request in a timely manner, as required by applicable law.

7.5 Right to Complain

You have the right to lodge a complaint with a supervisory authority if you believe we have violated your privacy rights.

---

8. Cookies and Tracking Technologies

8.1 Types of Cookies

We use the following types of cookies:

Essential Cookies: Required for basic Service functionality

• Authentication and session management
• Security and fraud prevention
• Load balancing and performance

Performance Cookies: Help us understand how you use our Service

• Usage analytics and performance monitoring
• Error tracking and debugging
• Feature usage statistics

Functionality Cookies: Remember your preferences and settings

• User interface preferences
• Language and timezone settings
• Customization options

Marketing Cookies: Used to deliver relevant advertisements

• Ad targeting and personalization
• Campaign performance tracking
• User behavior analysis

8.2 Third-Party Cookies

We may use third-party services that set their own cookies:

• Google Analytics for website analytics
• Google Ads for advertising and remarketing
• Social Media Platforms for social sharing and integration
• Customer Support Tools for help desk functionality

8.3 Cookie Management

You can control cookies through:

• Your browser settings (disable or delete cookies)
• Our cookie preference center (if available)
• Third-party opt-out tools (for advertising cookies)

Note: Disabling certain cookies may affect Service functionality.

---

9. Third-Party Services

9.1 Integrated Services

Our Service integrates with various third-party services:

Email Services:

• Gmail API - Email integration and processing
• Google Calendar API - Calendar and scheduling integration
• Email Service Providers - Transactional and marketing emails

Social Media Platforms:

• Facebook/Meta - Social media posting and analytics
• Instagram - Visual content and story management
• YouTube - Video content publishing and analytics
• TikTok - Short-form video content and engagement

AI and Analytics:

• OpenAI - AI processing and content generation
• Google AI Services - Machine learning and natural language processing
• Analytics Providers - Usage analytics and performance monitoring

Cloud Infrastructure:

• Supabase - Database and authentication services
• Google Cloud - Cloud computing and storage
• AWS - Additional cloud services

9.2 Third-Party Privacy Policies

These third-party services have their own privacy policies. We encourage you to review them:

• Google Privacy Policy
• Facebook/Meta Privacy Policy
• YouTube Privacy Policy
• TikTok Privacy Policy
• OpenAI Privacy Policy

---

10. International Data Transfers

10.1 Cross-Border Transfers

Your information may be transferred to and processed in countries other than your country of residence. We implement appropriate safeguards for such transfers as required by applicable law.

10.2 Adequacy Decisions and Safeguards

We rely on:

• European Commission adequacy decisions
• Standard contractual clauses
• Binding corporate rules
• Other appropriate safeguards as required by law

10.3 Data Processing Locations

Our data is primarily processed in:

• United States - Primary data processing location
• European Union - For EU users (when applicable)
• Other Regions - As needed for service delivery

---

11. Children's Privacy

11.1 Age Restrictions

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.

11.2 Parental Rights

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at tanner.hatch@beeasy.ai. We will take steps to remove such information from our systems.

---

12. Changes to This Privacy Policy

12.1 Policy Updates

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending email notifications to registered users
• Displaying prominent notices on our Service

12.2 Continued Use

Your continued use of our Service after any changes to this Privacy Policy constitutes acceptance of the updated policy.

---

13. Contact Information

13.1 Privacy Inquiries

If you have questions about this Privacy Policy or our privacy practices, please contact us:

13.2 Data Protection Officer

---

Additional Provisions

A. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

Right to Know: You can request information about the categories and specific pieces of personal information we collect, use, and share.

Right to Delete: You can request deletion of your personal information.

Right to Opt-Out: You can opt out of the sale of personal information (we do not sell personal information).

Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

B. European Union Residents (GDPR)

If you are in the European Union, you have additional rights under the General Data Protection Regulation:

Lawful Basis: We process your data based on consent, contract performance, legitimate interests, or legal obligation.

Data Protection Impact Assessments: We conduct DPIAs for high-risk processing activities.

Data Protection by Design: We implement privacy considerations from the design stage of our systems.

---