Privacy Notice

This Privacy Notice describes how Evoxa collects, uses and protects personal information in connection with the use of the Service.

1. Data we collect

• Account data: name, email or other details you provide for authentication.
• Content you upload: audio, transcripts and associated metadata.
• Technical data: usage logs, IP, device information, cookies and analytics about Service usage.

1.1 Google Calendar Data

When you connect your Google Calendar account to Evoxa, we collect and process the following data from your Google Calendar:

• Calendar events: event titles, descriptions, start and end dates and times, locations, and event status.
• Attendees: information about event participants (names and email addresses).
• Calendar metadata: calendar name, time zone, and visibility settings.
• Reminders: reminder settings associated with your events.

How we use your Google Calendar data:

• Create automatic reminders based on your calendar events and send them to you via WhatsApp.
• Synchronize tasks and events between Google Calendar and our reminder system.
• Analyze your events using artificial intelligence to extract relevant information and create smart reminders.
• Send you timely notifications about your upcoming events through WhatsApp.
• Allow you to manage your calendar events through voice or text commands on WhatsApp.

Sharing of Google Calendar data:

• We do not sell your Google Calendar data to third parties under any circumstances.
• We do not share your Google Calendar data with third parties for advertising or marketing purposes.
• We only share your Google Calendar data with the following service providers that help us operate the Service:
  • OpenAI: for natural language processing and intelligent event analysis (data is processed securely and is not used to train models).
  • WhatsApp (Meta): to send you notifications and reminders about your events.
  • Cloud storage services: to securely and encrypted store your calendar data.
• All our providers are subject to strict confidentiality and data processing agreements that prohibit them from using your data for any other purpose.

Protection of Google Calendar data:

• We use TLS/SSL encryption for all data transmissions between your device, Google, and our servers.
• Google Calendar data is stored encrypted at rest using AES-256 encryption standards.
• We implement strict access controls that limit access to your Google Calendar data only to authorized personnel and systems necessary to operate the Service.
• We conduct regular security audits to ensure ongoing protection of your data.
• We comply with Google API Services User Data Policies, including Limited Use requirements.

Retention and deletion of Google Calendar data:

• We retain your Google Calendar data only while you maintain an active connection to Google Calendar in your Evoxa account.
• You can revoke access from Evoxa to your Google Calendar at any time from your Evoxa account settings or from your Google account permissions page (https://myaccount.google.com/permissions).
• When you revoke access or delete your account, we permanently delete all your Google Calendar data from our systems within a maximum of 30 days.
• You can request immediate deletion of your Google Calendar data by contacting us through the channels listed in section 12 of this Notice.

Use of Google Calendar data in accordance with the Limited Use Policy:

Evoxa's use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

2. Purpose of processing

• Provide and improve the Service (transcription, analysis, storage, messaging, support).
• Operational and security communications.
• Legal compliance and fraud prevention.

3. Legal basis

We process your data under legal bases such as performance of the contract, legitimate interest and, where applicable, your consent.

4. Sharing with third parties

We may share data with vendors acting as processors/subprocessors (e.g., transcription, storage, AI, messaging services). We require appropriate contractual and security safeguards.

5. International transfers

If data is transferred outside your country, we implement adequate safeguards in accordance with applicable law.

6. Retention

We retain data for as long as needed to fulfill the purposes described and legal obligations. You may request deletion when applicable.

7. Security

We apply reasonable technical and organizational measures to protect your data. No system is 100% secure, but we work continuously to mitigate risks.

8. Your rights

Depending on your jurisdiction, you may have rights to access, rectify, delete, object, restrict processing or request portability. Contact us to exercise these rights.

9. Minors

The Service is not directed to minors without guardian authorization. If we become aware of data relating to minors without permission, we will delete it.

10. Cookies

We use cookies or similar technologies to operate the site, remember preferences and perform analytics. You can manage cookies from your browser.

11. Changes to this Notice

We may update this Notice. We will publish the current version and its modification date.

12. Contact

If you have privacy questions or wish to exercise rights, contact us through the channels listed on the site.