Privacy Policy.

1. Information We Collect

We collect information to provide and improve our Service. The categories of information we collect are described below.

1.1 Information You Provide Directly

• Account Information: Name, email address, password, company or organization name, job title, and profile photo when you create an account.
• Authentication Credentials: Sign-in credentials when you connect to Microsoft Teams, Slack, or other supported third-party services through OAuth or similar authentication mechanisms.
• Billing Information: Payment card details, billing address, and tax information processed by our PCI-compliant payment providers (we do not store full card numbers on our servers).
• User Content: Messages, channel data, files, meeting notes, contacts, and other content you create, upload, or share through the Service.
• Customer Support Communications: Information you provide when contacting us for support, including correspondence, screenshots, and diagnostic data you choose to share.

1.2 Information Collected Automatically

• Device Information: Device model, operating system version, unique device identifiers (such as IDFV), language settings, time zone, and mobile network information.
• Usage Data: Features used, screens viewed, time spent in the app, action timestamps, in-app events, crashes, and performance diagnostics.
• Log Data: IP address, browser type (where applicable), access times, and referring URLs.
• Approximate Location: We may infer approximate location (country, region, or city) from your IP address. We do not collect precise GPS location.

1.3 Information from Third Parties

• Identity Providers: If you sign in using Apple, Google, Microsoft, or another identity provider, we receive basic profile information (such as name, email, and an opaque user ID) authorized by you.
• Integrated Services: When you connect Microsoft Teams, Slack, Zoom, Google Workspace, or other workplace tools, we receive data permitted by the scopes you grant, such as channel lists, team membership, calendar events, and message metadata.
• Analytics Providers: Aggregated usage information from analytics partners that help us understand how the Service is used.

2. Apple App Store Privacy Disclosures

In accordance with Apple's App Store privacy disclosure requirements, the table below summarizes the data types our Service may collect and whether they are linked to your identity. This corresponds to the privacy details we provide in App Store Connect.

• Contact Info: Name, email address, phone number — Linked to user.
• User Content: Messages, photos or videos, files, customer support communications — Linked to user.
• Identifiers: User ID, device ID — Linked to user.
• Usage Data: Product interaction, advertising data is NOT collected — Linked to user for product personalization and analytics.
• Diagnostics: Crash data, performance data, other diagnostic data — Not linked to user (where feasible).
• Purchases: Purchase history — Linked to user for billing and customer support.
• Location: Coarse location (city/region inferred from IP only). Precise location is NOT collected.

We do not use data to track you across apps and websites owned by other companies, and we do not sell personal information as defined under the CCPA/CPRA.

3. How We Use Your Information

• Provide, operate, maintain, and secure the Service.
• Authenticate users and connect to your Microsoft Teams, Slack, or other workplace accounts at your direction.
• Process payments, manage subscriptions, and send transactional communications such as receipts, security alerts, and service announcements.
• Personalize your experience, including remembering your preferences, integrations, and channels.
• Provide customer support and respond to inquiries.
• Monitor and analyze usage, trends, and performance to improve our products.
• Detect, prevent, and address technical issues, fraud, abuse, and security incidents.
• Comply with legal obligations and enforce our Terms of Service.
• With your consent, send marketing communications about new features and offerings, which you can opt out of at any time.

4. Legal Bases for Processing (EEA, UK, and Switzerland)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data on the following legal bases:

• Contract: To provide the Service you have requested under our Terms of Service.
• Legitimate Interests: To operate, secure, and improve the Service, prevent fraud, and conduct analytics — balanced against your rights.
• Consent: Where required, such as for certain marketing communications or specific integrations.
• Legal Obligation: To comply with applicable laws, regulations, or court orders.

5. How We Share Your Information

We do not sell your personal information. We share information only as described below:

• Service Providers: Vendors and subprocessors who help us operate the Service, including cloud hosting (e.g., Amazon Web Services, Microsoft Azure), payment processing (e.g., Stripe, Apple), customer support tooling, analytics, and email delivery. These parties are contractually bound to use information only on our behalf and consistent with this Privacy Policy.
• Workplace Integrations: When you connect a third-party service such as Microsoft Teams or Slack, information is exchanged with that service to enable the integration you requested. Your use of those services is governed by their own privacy policies.
• Within Your Organization: If you use the Service through an organizational or team account, your administrators may have access to your account information, usage data, and content created in that workspace.
• Business Transfers: In connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets. We will notify you of any change in ownership or use of your personal information.
• Legal Requirements: To comply with subpoenas, court orders, or other legal processes; to protect the rights, property, or safety of Connect to Teams LLC, our users, or others; or to investigate fraud or security issues.
• With Your Consent: For any other purpose disclosed to you with your permission.

6. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, including providing the Service, complying with our legal obligations, resolving disputes, and enforcing our agreements. When information is no longer needed, we will delete or anonymize it. Backup copies may persist for a limited period after deletion in accordance with our backup and disaster recovery practices.

7. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights with respect to your personal information:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request that we correct inaccurate or incomplete information.
• Deletion: Request that we delete your personal information, subject to legal exceptions.
• Portability: Request a machine-readable copy of certain information you have provided.
• Objection / Restriction: Object to or restrict certain processing activities.
• Withdraw Consent: Withdraw consent at any time where processing is based on consent.
• Opt Out of Sale or Sharing: Although we do not sell personal information, California residents may submit a "Do Not Sell or Share My Personal Information" request as a precaution.
• Lodge a Complaint: Lodge a complaint with your local data protection authority.

To exercise these rights, contact us at eric.hernaez@hernaez.com. We will verify your request and respond within the timeframes required by applicable law. We will not discriminate against you for exercising your privacy rights.

8. Data Security

We implement administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, disclosure, alteration, and destruction. These measures include encryption in transit (TLS 1.2+) and at rest, access controls, least-privilege role-based access, audit logging, regular vulnerability assessments, and employee security training. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

9. International Data Transfers

We are based in the United States, and the information we collect may be processed in the United States or other countries that may have different data protection laws than your country. Where required, we use appropriate safeguards such as the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, and the EU-U.S. Data Privacy Framework (where applicable) to protect international transfers of personal data.

10. Children's Privacy

The Service is intended for business and professional users and is not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16 without verifiable parental consent, we will delete that information promptly. If you believe a child has provided us with personal information, please contact us at eric.hernaez@hernaez.com.

11. Third-Party Services and Links

The Service may contain links to or integrate with third-party websites, applications, and services, including Microsoft Teams, Slack, Zoom, Google Workspace, and others. We are not responsible for the privacy practices of those third parties. We encourage you to read the privacy policies of any third-party service before providing them with personal information.

12. Device Permissions and Push Notifications

With your permission, we may request access to certain device features, such as notifications, microphone (for in-app calls), camera (to upload profile photos), photo library, and contacts. You may revoke these permissions at any time in your device settings. We use push notifications to deliver service-related messages such as new mentions, messages, and meeting reminders; you may disable push notifications in your device settings.

13. Additional Information for California Residents

Under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), California residents have the rights to know, delete, correct, and limit the use of sensitive personal information, and to opt out of the sale or sharing of personal information. We do not sell personal information and do not engage in cross-context behavioral advertising. To exercise your rights, email eric.hernaez@hernaez.com. You may designate an authorized agent to make a request on your behalf, subject to verification.

14. Do Not Track Signals

Some browsers offer a "Do Not Track" (DNT) signal. Our Service does not currently respond to DNT signals because no industry standard for DNT has been adopted.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice within the Service prior to the change becoming effective. The "Effective Date" at the top of this Privacy Policy indicates when it was last revised. Your continued use of the Service after changes become effective constitutes your acceptance of the updated policy.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

17. Apple App Store Specific Notice

This Privacy Policy is provided in accordance with Apple's App Store Review Guideline 5.1 (Data Collection and Storage) and the Apple Developer Program License Agreement. The categories of data disclosed in our App Store Connect privacy details correspond to Section 2 above. If there is any conflict between Apple's published privacy details for our app and this Privacy Policy, this Privacy Policy controls. For information about Apple's own data practices when you download apps from the App Store, please review Apple's Privacy Policy.