CLOUD SERVICE AGREEMENT Data Processing Agreement Privacy Policy SMS Terms and Conditions
Privacy Policy

Privacy Policy

This Privacy Policy describes how graph8 ("graph8," "we," "us," or "our") handles personal information that we collect through our website and other digital properties that link to this Privacy Policy (collectively, the "Service"), as well as through our social media, marketing activities, and other activities described in this Privacy Policy.

Personal Information We Collect

Personal information you may provide to us through the Service or otherwise includes:

  • Contact Data: Such as your first and last name, email address, and phone number.
  • Profile Data: Such as the username and password that you may set to establish an online account on the Service, and any other information that you add to your account profile.
  • User-Generated Content: Such as graphs, data visualizations, comments, and other content or information that you submit to, or use with, the Service.
  • Communications: That we exchange with you, including when you contact us through the Service, social media, or otherwise.
  • Marketing Data: Such as your preferences for receiving our marketing communications and details about your engagement with them.
  • Other Data: Not specifically listed here, which we will use as described in this Privacy Policy or as otherwise described at the time of collection.

Third-Party Sources

We may combine personal information we receive from you with personal information we obtain from other sources, such as:

  • Public Sources: Such as government agencies, public records, social media platforms, and other publicly available sources.
  • Data Providers: Such as information services and data licensors that provide demographic and other information.
  • Marketing Partners: Such as joint marketing partners and event co-sponsors.

Automatic Data Collection

We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Service, our communications, and other online services, such as:

  • Device Data: Such as your computer's or mobile device's operating system type and version, manufacturer and model, browser type, screen resolution, IP address, and general location information such as city, state, or geographic area.
  • Online Activity Data: Such as pages you viewed, how long you spent on a page, navigation paths between pages, information about your activity on a page, access times, and duration of access.

Cookies and Similar Technologies

We use cookies, web beacons, and other tracking technologies to collect information about you when you interact with our Service or emails. Information collected through cookies and similar technologies does not include personal information obtained from Google API Services. We use this information to analyze trends, administer the Service, track users' movements around the Service, gather demographic information about our user base as a whole, and improve our Service.

How We Use Your Personal Information

We may use your personal information for the following purposes or as otherwise described at the time of collection:

Service Delivery

  • Provide, Operate, and Improve the Service and Our Business.
  • Process and Fulfill Orders and Transactions.
  • Communicate with You About the Service, including sending announcements, updates, security alerts, and support and administrative messages.
  • Provide Support for the Service and respond to your requests, questions, and feedback.

Research and Development

  • Analyze and Improve the Service and Our Business.
  • Develop New Products and Services.

Use of Google User Data:

Any analysis or development involving personal information obtained from Google API Services is conducted solely to provide or improve user-facing features of the Service, in compliance with Google's policies.

Marketing and Advertising

  • Data Sources for Marketing and Advertising:We use personal information collected directly from you or from third-party sources (excluding data obtained from Google API Services) for marketing and advertising purposes. We do not use Google user data for serving ads or marketing communications.
  • Send You Marketing Communications about products, services, offers, and events offered by us and others.
  • Serve Ads to You on other websites and applications.

Compliance and Protection

  • Comply with Applicable Laws, lawful requests, and legal processes, such as responding to subpoenas or requests from government authorities.
  • Protect Our, Your, or Others' Rights, Privacy, Safety, or Property (including by making and defending legal claims).
  • Audit Our Internal Processes for compliance with legal and contractual requirements or our internal policies.
  • Enforce the Terms and Conditions that govern the Service.
  • Prevent, Identify, Investigate, and Deter Fraudulent, Harmful, Unauthorized, Unethical, or Illegal Activity, including cyberattacks and identity theft.

How We Share Your Personal Information

We may share your personal information with the following parties, as described in this Privacy Policy or at the time of collection:

  • Affiliates: Our corporate affiliates for purposes consistent with this Privacy Policy.
  • Service Providers: Companies and individuals that provide services on our behalf or help us operate the Service or our business (such as hosting, information technology, customer support, email delivery, marketing, and website analytics). These service providers are contractually obligated to use personal information solely to provide services to us and are prohibited from disclosing or using the data for any other purpose.
  • Professional Advisors: Professional advisors, such as lawyers, auditors, bankers, and insurers, where necessary in the course of the professional services that they render to us.
  • Authorities and Others: Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
  • Business Transferees: Acquirers and other relevant participants in business transactions (or negotiations or due diligence for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale, or other disposition of all or any portion of the business or assets of, or equity interests in, graph8 or our affiliates (including in connection with bankruptcy or similar proceedings).

Note: Personal information obtained from Google API Services is not shared with third parties except as necessary to provide or improve our Service, in compliance with Google's policies, including the Google API Services User Data Policy and the Limited Use requirements. We do not sell Google user data under any circumstances.

Google API Services and Your Data

graph8 uses Google API Services, specifically the Gmail API, to provide core functionality in our customer engagement and sales automation tool. We request access to the following scopes:

  • https://www.googleapis.com/auth/gmail.modify: Allows us to send emails, retrieve recent emails, and manage email threads on your behalf.
  • https://www.googleapis.com/auth/pubsub: Enables real-time notifications for email events.
  • Google Workspace APIs are not used to develop, improve, or train generalized AI and/or ML models.

How We Use Your Google Account Data

  • Email Sending: We send personalized emails through your Gmail account for automated sequences or one-off communications.
  • Email Retrieval: We fetch recent emails to monitor responses and track engagement.
  • Thread Management: We read and modify email threads to maintain context in ongoing conversations.

Data Retention and Deletion

We retain your Google account data only for as long as necessary to provide our services. If you revoke access or delete your graph8 account, we will delete your Google account data from our systems.

User Control

You can revoke graph8's access to your Google account at any time through your Google Account settings or by contacting us at support@graph8.com.

Security

We employ industry-standard encryption, access controls, and regular security audits to protect your Google account data. We implement robust security measures, including encryption in transit and at rest, regular security assessments, and strict access controls, to protect personal information obtained from Google API Services.

Limited Use

Our use of Gmail API conforms to Google's Limited Use requirements:

  • No Ads Personalization: We do not use or transfer Google user data for serving ads, including retargeting, personalized, or interest-based advertising.
  • No Sale of Data: We do not sell or transfer your Google user data to third parties except as necessary to provide or improve our Service.
  • Data Sharing Restrictions: Google user data is only shared with third parties if necessary for security, legal compliance, or as part of a merger or acquisition, and always in compliance with Google's policies.
  • User Consent: We obtain explicit user consent for any actions involving their Google data, as required by Google's policies.

Separation from Other Activities

We maintain a strict separation between data obtained through Google API Services and any other data activities. Your Google account data is never used for any purposes other than those described in this Privacy Policy and required to provide our Service.

Your Choices

You have the following choices with respect to your personal information:

  • Access or Update Your Information: If you have registered for an account with us, you may review and update certain account information by logging into your account.
  • Opt-Out of Marketing Communications: You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email or by contacting us at support@graph8.com. You may continue to receive service-related and other non-marketing emails.
  • Cookies: Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings.
  • Do Not Track: Some Internet browsers may be configured to send "Do Not Track" signals to the online services that you visit. We currently do not respond to "Do Not Track" or similar signals.

Other Sites and Services

The Service may contain links to websites, mobile applications, and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, mobile applications, or online services operated by third parties, and we are not responsible for their actions.

Security

We employ technical, organizational, and physical safeguards designed to protect the personal information we collect. We implement robust security measures, including encryption in transit and at rest, regular security assessments, and strict access controls, to protect personal information obtained from Google API Services. However, security risk is inherent in all internet and information technologies, and we cannot guarantee the security of your personal information.

International Data Transfer

We are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.

Compliance with Data Protection Laws:

When transferring personal information obtained from Google API Services internationally, we comply with all applicable data protection laws and regulations.

Children

The Service is not intended for use by children under 13 years of age. If we learn that we have collected personal information through the Service from a child under 13 without the consent of the child's parent or guardian as required by law, we will delete it.

Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Service after the effective date of any modified Privacy Policy indicates your acceptance of the modified Privacy Policy.

How to Contact Us

Additional Privacy Rights Notice

California Residents

In addition to the rights described above, the California Consumer Privacy Act (CCPA) provides specific rights to California residents regarding personal information. This includes the right to know about personal information collected, disclosed, or sold; the right to request deletion of personal information; and the right to opt-out of the sale of personal information.

Note: We do not sell personal information collected through our Service or obtained from Google API Services.

EU and EEA Residents

If you are located in the European Union (EU) or European Economic Area (EEA), you have certain rights under the General Data Protection Regulation (GDPR). These include the right to access, correct, or delete your personal data, and to object to or restrict certain data processing activities.

To exercise these rights or for more information, please contact us at compliance@graph8.com.

Other Jurisdictions

Depending on your location, you may have certain rights under local privacy laws. Please contact us at compliance@graph8.com to exercise these rights or for more information.