Privacy Policy

At PippaAI, we take your privacy seriously. This Privacy Policy explains how JPL Technologies ("we," "us," or "our") collects, uses, and protects your personal information when you use PippaAI, our AI-powered sales assistant service.

1. Information We Collect

1.1 Information You Provide

• Account Information: Email address, name, and password
• Communication Preferences: Telegram chat ID (if you connect Telegram notifications)
• Payment Information: Processed by Stripe (we do not store credit card numbers)

1.2 Information We Collect from Third-Party Services

• Google Calendar Data: Calendar events, meeting details, attendee information, and event metadata (read-only access)
• Meeting Data: Information about your scheduled meetings to provide preparation and follow-up assistance

1.3 Usage Information

• Analytics Data: We use Plausible Analytics and PostHog to understand how you use our service
• Log Data: IP addresses, browser type, device information, and access times
• Service Usage: Features used, actions taken within the app, and interaction patterns

2. How We Use Your Information

We use your information to:

• Provide Our Service: Analyze your calendar, prepare you for meetings, score meetings, and suggest follow-up actions
• Improve PippaAI: Understand usage patterns and enhance features
• Communicate: Send notifications about meetings, important updates, and service announcements
• Process Payments: Handle billing and subscriptions through Stripe
• Security: Detect and prevent fraud, abuse, and security incidents
• Legal Compliance: Meet legal obligations and enforce our Terms of Service

3. Data Storage and Security

Your data security is paramount:

• Hosting: Data is stored on secure AWS EC2 servers in the us-east-1 region
• Encryption: Data is encrypted in transit (TLS/SSL) and at rest
• Access Controls: Strict internal access controls limit who can access your data
• Regular Security Audits: We regularly review and update our security practices

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

4. Third-Party Services

PippaAI integrates with and shares data with the following third-party services:

• Google: Calendar API access (read-only) for meeting data
• Stripe: Payment processing (they handle and store credit card information)
• AWS SES: Email delivery service
• Plausible Analytics: Privacy-focused analytics (no personal identifiers)
• PostHog: Product analytics and feature usage tracking
• Telegram: Optional notification delivery (if you connect your Telegram account)

Each third-party service has its own privacy policy. We recommend reviewing:

• Google Privacy Policy
• Stripe Privacy Policy
• Plausible Privacy Policy
• PostHog Privacy Policy

5. Data Retention

We retain your data for as long as:

• Your account is active
• Needed to provide you with services
• Required for legal, regulatory, or business purposes

When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are legally required to retain it.

6. Your Rights and Choices

6.1 Access and Control

You have the right to:

• Access Your Data: Request a copy of your personal information
• Correct Data: Update inaccurate information through your account settings
• Delete Your Account: Request deletion of your account and associated data
• Export Your Data: Download your information in a portable format
• Disconnect Calendar: Revoke Google Calendar access at any time through your account settings or Google account permissions
• Opt Out of Communications: Unsubscribe from marketing emails (you'll still receive essential service notifications)

6.2 California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know whether personal information is sold or disclosed
• Right to opt-out of the sale of personal information (note: we do not sell your data)
• Right to deletion of personal information
• Right to non-discrimination for exercising your rights

6.3 European Residents (GDPR)

If you are in the European Economic Area, you have rights under the General Data Protection Regulation (GDPR):

• Right of access and portability
• Right to rectification
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to object to processing
• Right to withdraw consent

7. Cookies and Tracking

We use cookies and similar technologies for:

• Essential Cookies: Required for authentication and core functionality
• Analytics Cookies: Understand usage patterns (Plausible and PostHog)

You can control cookies through your browser settings. Disabling essential cookies may impact functionality.

8. Children's Privacy

PippaAI is not intended for users under 18 years of age. We do not knowingly collect information from children. If you believe we have collected information from a child, please contact us immediately.

9. International Data Transfers

Your data is primarily stored in the United States (AWS us-east-1). By using PippaAI, you consent to the transfer of your information to the United States and other countries where we or our service providers operate.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Posting a notice in the app
• Sending an email to your registered address
• Updating the "Last updated" date at the top of this policy

Your continued use of PippaAI after changes constitutes acceptance of the updated policy.

11. Business Transfers

If PippaAI or JPL Technologies is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.