Privacy Policy

1. Overview

Kaizynn ("Company", "we", "us", "our") operates various productivity tools and services, including Schedule Message, Tribe, Notion Sync, and related websites (collectively, the "Services"). This Privacy Policy describes how we collect, use, store, protect, and share your personal information when you use our Services.

We are committed to treating your data as a sanctuary—employing strong encryption, minimal collection practices, and a strict "zero-knowledge" philosophy where possible. This policy applies to all users of our Services worldwide.

Our core principles:

• Zero Knowledge: We process data for our services to work, but we don't mine your data for advertising or sell it to third parties—ever.
• No Third-Party Data Sales: We never sell, rent, or trade your personal information to advertisers, data brokers, or any third party.
• GDPR & CCPA Compliant: We respect global privacy standards, including the right to be forgotten and data portability.
• Data Minimization: We collect only what is necessary to provide our Services.

2. Data We Collect

2.1 Information You Provide Directly

• Account Information: When you sign up, we collect your name, email address, and Google Workspace account information through OAuth authentication.
• Payment Information: Payment details are collected and processed by our payment processor, Paddle.com Market Ltd. We do not store your credit card numbers, bank account numbers, or other sensitive payment information on our servers.
• Message Content: When using Schedule Message, the content of your scheduled messages is temporarily stored on our servers until delivery. Messages are encrypted in transit and automatically deleted after successful delivery.
• Support Communications: When you contact us for support, we collect the information you provide in your communications.

2.2 Information Collected Automatically

• Usage Data: We collect anonymous usage analytics to improve our Services, including feature usage frequency, session duration, and general navigation patterns.
• Device Information: We may collect information about the device you use to access our Services, including browser type, operating system, and general location (country/region level only).
• Log Data: Our servers automatically log certain information including IP addresses, access times, and error codes. This data is used for security monitoring and troubleshooting.

2.3 Information from Third-Party Integrations

• Google Workspace & Slack: When you install our add-ons, we access your Google Chat Spaces or Slack channel data through authorized APIs. We only access the minimum data required for our Services to function.
• Notion (for Notion Sync): We access task metadata only (titles, due dates, assignees) through your authorized Notion integration. We do not access or store the full body content of your Notion pages.

3. How We Use Your Data

We use your personal information strictly for the following purposes:

• Provide the Services: Processing and delivering scheduled messages, generating team engagement content, sending deadline reminders
• Account Management: Managing your account, authenticating your identity, processing subscription billing
• Improve the Services: Analyzing aggregated, anonymized usage patterns to improve features and user experience
• Communication: Sending essential service updates, security alerts, and billing notifications
• Security: Detecting and preventing fraud, unauthorized access, and abuse
• Legal Compliance: Complying with applicable laws, regulations, and legal processes

We do NOT use your data for:

• Advertising or ad targeting
• User profiling for marketing purposes
• Training AI/ML models on your personal content
• Selling or sharing with data brokers

4. Data Sharing

We share your personal information only in the following limited circumstances:

• Service Providers: We share data with trusted service providers who assist in operating our Services (e.g., Paddle for payment processing, Google Cloud Platform for infrastructure). These providers are contractually bound to protect your data.
• Legal Requirements: We may disclose your information if required to do so by law, court order, or governmental regulation, or if we believe in good faith that such action is necessary to comply with legal obligations.
• Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will notify you of any such change.
• With Your Consent: We may share your information with third parties when you have given us explicit consent to do so.

We never sell your personal data to third parties.

5. Third-Party Services

Our Services integrate with or rely on the following third-party services:

• Google Workspace / Google Cloud Platform: Infrastructure and API services. Subject to Google's Privacy Policy.
• Paddle.com Market Ltd: Payment processing and invoicing. Subject to Paddle's Privacy Policy.
• Notion (for Notion Sync): Workspace integration. Subject to Notion's Privacy Policy.
• Firebase / Firestore: Database and authentication services, operated under Google Cloud Platform.

We encourage you to review the privacy policies of these third-party services. We are not responsible for the privacy practices of third-party services.

6. Sub-Processors

To provide the Schedule Message service, we engage the following third-party sub-processors to assist with data hosting, payment processing, and analytics. We ensure that all sub-processors maintain strict security and privacy compliance standards.

• Google Cloud Platform (GCP)
  • Purpose: Cloud infrastructure, database hosting, and serverless compute.
  • Location: United States
• Paddle
  • Purpose: Payment processing and subscription management. (Only applies to users who purchase paid plans).
  • Location: United Kingdom / United States
• Loops
  • Purpose: Transactional and product update emails.
  • Location: United States
• Humanic
  • Purpose: Product usage analytics and CRM.
  • Location: United States

7. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience:

• Essential Cookies: Required for authentication, session management, and security. These are strictly necessary and cannot be disabled.
• Analytics Cookies: Used to collect anonymous usage data to help us improve our Services. These can be opted out of.

We do NOT use:

• Advertising cookies or tracking pixels
• Third-party marketing cookies
• Cross-site tracking technologies
• Browser fingerprinting

You can control cookie preferences through your browser settings. Disabling essential cookies may impair the functionality of our Services.

8. Data Storage & Security

We take the security of your data seriously and implement industry-standard security measures:

• Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS 1.2+ (HTTPS).
• Encryption at Rest: Data stored on our servers is encrypted using AES-256 encryption.
• Infrastructure: Our services are hosted on Google Cloud Platform, which maintains SOC 2, ISO 27001, and other compliance certifications.
• Access Control: Access to personal data is restricted to authorized personnel on a need-to-know basis.
• Regular Audits: We conduct regular security reviews and vulnerability assessments.

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.

8.1 Product-Specific Data Practices

9. Data Retention

We retain your data only for as long as necessary:

• Account Data: Retained for the duration of your account plus 30 days after deletion request to allow for data recovery.
• Scheduled Messages: Temporarily stored until delivery, then automatically and permanently deleted from our servers.
• Payment Records: Retained for 7 years as required by applicable tax and financial regulations.
• Usage Analytics: Aggregated, anonymized data may be retained indefinitely for service improvement purposes.
• Support Communications: Retained for 2 years to maintain service quality and resolve recurring issues.
• Server Logs: Automatically deleted after 90 days.

10. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete personal data.
• Right to Erasure ("Right to Be Forgotten"): Request deletion of your personal data, subject to any legal retention obligations.
• Right to Data Portability: Request a copy of your data in a structured, commonly used, machine-readable format.
• Right to Restrict Processing: Request that we limit how we use your personal data.
• Right to Object: Object to the processing of your personal data for specific purposes.
• Right to Withdraw Consent: Withdraw any consent you have previously given for data processing.

To exercise any of these rights, please contact us at hi@kaizynn.com. We will respond to your request within 30 days.

11. GDPR Compliance

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal data under the following legal bases as defined by the General Data Protection Regulation (GDPR):

• Contractual Necessity: Processing necessary to perform our contract with you (providing the Services).
• Legitimate Interests: Processing necessary for our legitimate interests (improving and securing the Services), provided these interests do not override your fundamental rights.
• Consent: Where you have given explicit consent for specific processing activities.
• Legal Obligation: Processing necessary to comply with legal requirements.

If you believe that our processing of your data violates the GDPR, you have the right to lodge a complaint with a supervisory authority in the member state of your habitual residence.

12. CCPA Compliance

For California residents, the California Consumer Privacy Act (CCPA) provides additional rights:

• Right to Know: You have the right to know what personal information we collect, use, disclose, and sell.
• Right to Delete: You have the right to request deletion of your personal information.
• Right to Opt-Out: You have the right to opt-out of the sale of your personal information. Note: We do not sell personal information.
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

In the preceding 12 months, we have not sold any personal information. We do not sell personal information and have no plans to do so.

13. Children's Privacy

Our Services are not directed to children under the age of 13 (or under 16 in the EEA). We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under the applicable age, we will take immediate steps to delete that information.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at hi@kaizynn.com.

14. International Data Transfers

Your information may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country. Specifically, our servers are located in regions covered by Google Cloud Platform.

If we transfer your data outside the EEA, we ensure appropriate safeguards are in place in accordance with GDPR requirements, including Standard Contractual Clauses approved by the European Commission.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we will provide additional notice, such as an email notification or prominent notice within our Services.

We encourage you to review this Privacy Policy periodically. Your continued use of the Services after any changes to this Privacy Policy constitutes your acceptance of the revised policy.

16. Contact Us