Privacy Policy

We collect information you provide, information from accounts you connect, and information generated through your use of the Services:

• +Account and contact data: name, email, company, role, and authentication details.
• +Business context you provide: your goals, brand information, documents, instructions, and rules.
• +Connected-account data: when you connect email, calendar, CRM, or other tools, we access the data needed to perform the work you request, which may include messages, contacts, calendar entries, and records.
• +Usage, deliverables, and activity: tasks, conversations with The General, generated outputs, meeting and call content where you use those features, logs, device and browser information, and analytics.
• +Payment data: processed by our payment processor; we receive limited billing details and do not store full card numbers.
• +Cookies and similar technologies used to operate the site, keep you signed in, and measure usage.

We use information to:

• +provide, operate, secure, and maintain the Services and perform the work you request;
• +enable The General to research, draft, and, where you connect accounts and approve, act on your behalf;
• +process payments, manage subscriptions and credits, and prevent fraud;
• +provide support, communicate with you, and send service and transactional messages;
• +monitor, analyze, debug, and improve the Services and develop new features;
• +enforce our Terms, comply with law, and protect the rights, safety, and property of DFX, our users, and others.

To provide the Services, we share information with sub-processors and service providers who process it on our behalf under contractual obligations. These include providers of AI models, payment processing, communications and email delivery, voice and meeting services, cloud hosting and databases, authentication, web analytics, and any third-party applications you connect.

When the Services generate outputs, relevant content (such as your instructions, business context, connected-account data, and documents) is transmitted to AI model providers to produce the result. We use enterprise arrangements with our model providers under which your content is not used to train their general models, except as permitted by your settings or applicable agreements. We may maintain a current list of sub-processors and provide it on request.

We do not sell your personal information. We share information only: (a) with sub-processors and service providers as described above; (b) at your direction, including with connected accounts and recipients of communications you approve; (c) to comply with law, legal process, or lawful requests, or to protect rights, safety, and security; and (d) in connection with a merger, acquisition, financing, or sale of assets, subject to this Policy.

We design the Services for per-client isolation: your data and your General operate within your own tenant, and we apply technical and organizational measures to keep clients separated.

Sensitive credentials you provide (such as connected-account passwords or API keys) are encrypted before storage using strong encryption, are never returned to your browser, and are decrypted only server-side when needed to perform the work you request. We log access to such credentials. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.

We retain information for as long as your account is active and as needed to provide the Services, comply with our legal obligations, resolve disputes, and enforce our agreements. We retain certain records (such as billing and audit logs) for longer where required. Upon termination, we may delete or de-identify your data after a reasonable period, subject to legal retention requirements and backups.

Depending on where you live, you may have rights to access, correct, delete, port, or restrict the processing of your personal information, to object to certain processing, and to withdraw consent. You can also disconnect connected accounts at any time and manage cookie preferences in your browser.

To exercise a right, contact us at hello@dfxintel.com. We will respond as required by applicable law and may need to verify your identity. Where we act as a processor of personal information you provide about others, we will assist you, the controller, in responding to such requests. We do not discriminate against you for exercising your rights.

We and our service providers may process information in the United States and other countries that may have different data-protection laws than your own. Where required, we use appropriate safeguards for cross-border transfers. By using the Services, you understand your information may be transferred to and processed in those locations.

We use cookies and analytics tools to understand and improve how the Services are used and to keep you signed in. You can control cookies through your browser settings, though some features may not function properly without them.

The Services are for business use and are not directed to children under 18, and we do not knowingly collect personal information from them. If you believe a child has provided us information, contact us and we will delete it.

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice by posting the updated Policy with a new date or by other reasonable means. Your continued use of the Services after the changes take effect constitutes acceptance.

If you have questions about this Privacy Policy or our data practices, contact us at hello@dfxintel.com.