Friday: AI E-mail Assistant's Privacy Policy

Last updated: December 18, 2024

Version: 1.04

Sekterra GmbH collects and processes Personal Data that concerns You and other individuals.

This Privacy Policy describes Our policies and procedures on the collection, use, and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.

We use Your Personal Data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.

This Privacy Policy is aligned with the Data Protection Legislation, the application of which depends on each individual case.

Data Controller

Sekterra GmbH, located at Baarerstrasse 25, 6300 Zug Switzerland ("Company," "We," "Us," or "Our"), is the data controller for the Personal Data processing under this Privacy Policy, unless We tell You otherwise in an individual case, for example, in additional privacy notices, on a form or in a contract.

You may contact Us for data protection concerns and to exercise Your right under this Privacy Policy by using the contact information in the "Contact Us" section.

We have appointed a Data Protection Representative in the EU according to the Article 27 GDPR:

Name of Company: TechGDPR DPC GmbH

Address: Heinrich-Roller-Str. 15, 10405 Berlin, Germany

Email Address: [email protected]

Name of the natural person: Silvan Jongerius.

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

FADP and OFADP are applicable as of the date of this Privacy Policy and remain in force until 31 August 2023 inclusive. They will be replaced with Revised FADP and Revised OFADP, which will come into effect and apply to this Privacy Policy from 1 September 2023.

Collecting and Using Your Personal Data

Types of Personal Data Collected

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

Usage Data

Usage Data is collected automatically when using the Service.

Usage Data may include information, such as Your Device's Internet Protocol address (e.g., IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique Device identifiers and other diagnostic data.

We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile Device.

Information from Third-Party Social Media Services

The Company allows You to create an account and log in to use the Service through the following Third-Party Social Media Services:

If You decide to register through or otherwise grant us access to a Third-Party Social Media Service, We may collect Personal Data that is already associated with Your Third-Party Social Media Service account, such as Your name, Your profile picture, Your email address, Your activities, associated with that account.

You may also have the option of sharing additional information with the Company through Your Third-Party Social Media Service account. If You choose to provide such information and Personal Data during registration or otherwise, You are giving the Company permission to use, share, and store it in a manner consistent with this Privacy Policy.

Google API

The Application's use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Tracking Technologies and Cookies

We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service.

You can instruct Your browser to refuse all Cookies or to indicate when a cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Service.

Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on Your personal computer or mobile Device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. Learn more about Cookies: What Are Cookies?

We use both Session and Persistent Cookies for the purposes set out below:

Necessary/Essential Cookies

Cookies Policy/Notice Acceptance Cookies

Functionality Cookies

Tracking and Performance Cookies

Use of Your Personal Data

The Company may use Personal Data for the following purposes:

Lawful basis for processing

Where We ask for Your consent for certain processing activities (for example, for marketing mailings, for advertising management and behavior analysis on the Website), we will inform you separately about the relevant processing purposes. You may withdraw Your consent at any time with effect for the future by providing us written notice (by email). Where You have a User account, You may also withdraw consent or contact Us also through the Service, as applicable. Once We have received notification of withdrawal of consent, We will no longer process Your information for the purpose(s) You consented to, unless We have another legal basis to do so. Withdrawal of consent does not, however, affect the lawfulness of the processing based on the consent prior to withdrawal.

Where we do not ask for consent for processing, the processing of Your Personal Data relies on the requirement of the processing for initiating or performing a contract with You or on Our or a third-party legitimate interest in the particular processing, in particular in pursuing the purposes and objectives set out herein and in implementing related measures. Our legitimate interests also include compliance with legal regulations, insofar as this is not already recognized as a legal basis by applicable data protection law (for example in the case of the GDPR, the laws in the EEA and in the case of the FDPA, the Swiss laws). This also includes the marketing of our products and services, the interest in better understanding our markets and in managing and further developing Our company, including its operations, safely and efficiently.

Where we receive sensitive personal data (for example health data, data about political opinions, religious or philosophical beliefs, and biometric data for identification purposes), we may process your data on other legal basis, for example, in the event of a dispute, as required in relation to a potential litigation or for the enforcement or defense of legal claims. In some cases, other legal bases may apply, which we will communicate to you separately as necessary.

Sharing of Personal Data

In relation to Our contracts and the Service, Our legal obligations or otherwise with protecting Our legitimate interests and the other purposes set forth herein, We may disclose Your Personal Data to third parties, in particular to the following categories of recipients:

All these categories of recipients may involve third parties, so that Your Personal Data may also be disclosed to them. We can restrict the processing by certain third parties (for example, IT providers), but not by others (for example authorities, banks, etc.).

We may also disclose Your Personal Data following other legal requirements in the good faith belief that such action is necessary to:

In the event of a refund request on the iOS platform, specific usage data related to your Application activity will be shared with Apple to process and evaluate the refund request. This may include data on how the Application was used, timestamps, and other relevant information necessary for refund verification.

By using the Application, you acknowledge and consent to this data-sharing process with Apple for the purposes outlined above.

International transfers and safeguards

As explained in the previous section, We disclose data to other parties. These are not all located in Switzerland. Your Personal Data may therefore be processed both in Europe and, in exceptional cases, in any country in the world.

Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located, including the third-party Service Providers. It means that this information may be transferred to --- and maintained on --- computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ from those from Your jurisdiction.

If a recipient is located in a country without adequate statutory data protection, We require the recipient to undertake to comply with data protection (for this purpose, We use the revised European Commission's standard contractual clauses, which can be accessed here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?), unless the recipient is subject to a legally accepted set of rules to ensure data protection and unless We cannot rely on an exception. An exception may apply, for example, in case of legal proceedings abroad, but also in cases of overriding public interest or if the performance of a contract requires disclosure, if You have consented or if data has been made available generally by You and You have not objected against the processing.

The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place, including the security of Your data and other personal information.

Please note that data exchanged via the Internet is often routed through third countries. Your data may therefore be sent abroad even if the sender and recipient are in the same country.

Retention of Your Personal Data

The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with Our legal obligations (for example, if we are required to retain Your Personal Data to comply with applicable laws), resolve disputes, and enforce Our legal agreements and policies.

The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.

If there are no contrary legal or contractual obligations, We will delete or anonymize Your Personal Data once the storage or processing period has expired as part of Our usual processes.

Security of Your Personal Data

We take appropriate security measures in order to maintain the required security of Your Personal Data and ensure its confidentiality, integrity and availability, and to protect it against unauthorized or unlawful processing, and to mitigate the risk of loss, accidental alteration, unauthorized disclosure or access.

The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.

Detailed Information on the Processing of Your Personal Data

Service Providers have access to Your Personal Data only to perform their tasks on Our behalf and are obligated not to disclose or use it for any other purpose.

Platform

Application is an add-on that's developed for use in connection with the following products, neither of which is owned or operated by Us. 

Android & Google Play Store

iOS & App Store

Analytics

We may use third-party Service Providers to monitor and analyze the use of our Service.

Google Analytics

Firebase

UXCam

Microsoft Clarity

Amplitude Analytics

Postmark (Email Delivery Service)

Brevo (formerly Sendinblue)

Stripe (Payment Processing)

Cloud Services

We are using third-party Service Providers to store data and files, and to host and maintain the Service.

Firebase

Google Cloud Platform

OpenAI

Email Marketing

We may use Your Personal Data to contact You with newsletters, marketing or promotional materials and other information that may be of interest to You. You may opt out of receiving any, or all, of these communications from Us by following the unsubscribe link or instructions provided in any email We send or by contacting Us.

We may use email marketing Service Providers to manage and send emails to You.

Google Workspace APIs

Friday AI's use of information received from Google Workspace APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, Friday AI does not use information obtained from Google Workspace APIs to develop, improve, or train generalized artificial intelligence (AI) or machine learning (ML) models.

User data accessed via Google Workspace APIs is strictly used to provide and improve specific functionalities within Friday AI directly related to user-initiated actions. We do not retain, repurpose, or share this data for model training or other generalized uses.

Mailchimp

Sendgrid

Payments

We may provide paid products and/or services within the Platform. In that case, the Platform might handle the payments on Our behalf.

We will not store or collect Your payment card details. That information is provided directly to Platform whose use of Your Personal Data is governed by their privacy policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

Apple & App Store

Google & Google Play Store

Usage, Performance and Miscellaneous

We may use third-party Service Providers to provide better improvement of Our Service.

Your Rights under the GDPR/Swiss Laws

The Company undertakes to respect the confidentiality of Your Personal Data and to guarantee You can exercise Your rights.

To help You control the processing of Your Personal Data, You have the following rights in relation to Our data processing, depending on the applicable Data Protection Legislation:

Please note that conditions, exceptions or restrictions apply to these rights under applicable Data Protection Legislation. We will inform You accordingly where applicable.

Exercising of Your European Data Protection Rights

You may exercise Your rights of access, rectification, cancellation and opposition by contacting Us using the contact information provided at the end of this page. Please note that we may ask You to verify Your identity before responding to such requests. If You make a request, We will try Our best to respond to You as soon as possible.

You have the right to complain to a data protection authority about Our collection and use of Your Personal Data. For more information, if You are in the European Economic Area (EEA), please contact Your local data protection authority in the EEA. You can find a list of authorities in the EEA here: https://edpb.europa.eu/about-edpb/board/members_en. You can reach the UK supervisory authority here: https://ico.org.uk/global/contact-us/. You can reach the Swiss supervisory authority here: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html.

Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third-party link, You will be directed to that third-party site. We strongly advise You to review the privacy policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Changes to this Privacy Policy

We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the updated Privacy Policy on this page.

We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective, and update the "Last updated" date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, You can contact Us: