Introduction

At Flamebyrd, Inc. ("we," "our," or "us"), we are committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your personal information. This Privacy Policy describes our practices regarding data collected through our email productivity platform and related services (the "Service").

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy.

Information We Collect

1. Information You Provide Directly

Account Information:

Email address (required for account creation)
Full name (optional)
Password (stored encrypted)
Profile information and preferences

Email Account Connections:

Email account credentials (when you choose to connect email providers)
Email metadata (headers, timestamps, folder information)
Email content (for AI analysis and productivity features)

2. Information Collected Automatically

Usage Data:

Log data (IP address, browser type, operating system)
Device information (device type, operating system version)
App usage patterns and feature utilization
Performance metrics and error reports

3. Information from Third Parties

Email Providers:

Email content and metadata from connected accounts (Gmail, Outlook, etc.)
Contact information from your email address book (with your permission)
Calendar data (when calendar integration is enabled)

How We Use Your Information

1. Core Service Functionality

Email Management: Organize, search, filter, and manage your emails
AI-Powered Analysis: Provide intelligent categorization, summarization, and insights
Productivity Features: Extract action items, analyze patterns, and provide recommendations
Synchronization: Keep your email data updated across devices and sessions

2. Service Improvement and Development

Analyze usage patterns to improve existing features and develop new ones
Monitor and improve system performance and reliability
Improve our AI algorithms (using anonymized and aggregated data only)
Identify and resolve technical issues

Legal Basis for Processing (GDPR)

For users in the European Union, we process your personal data based on the following legal grounds:

Contract Performance: Processing necessary to provide our Service and fulfill our contractual obligations
Legitimate Interests: Processing for our legitimate business interests (analytics, security, service improvement)
Consent: Where you have given specific consent (marketing communications, optional features)
Legal Obligation: Where required by applicable law or regulation

Data Sharing and Disclosure

We Do NOT Sell Your Data

We never sell, rent, or trade your personal information to third parties for their marketing purposes.

Service Providers

We may share information with trusted third-party service providers who assist us in operating our Service:

Cloud hosting services (AWS, Google Cloud)
OpenAI (for AI-powered features)
Payment processors (Stripe)
Error monitoring and performance tracking services (Sentry)

Data Security

We implement industry-standard security measures to protect your information:

Technical Safeguards

Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
Access Controls: Role-based access controls and multi-factor authentication
Network Security: Firewalls, intrusion detection, and regular security monitoring
OAuth Authentication: Secure connection to email providers without storing passwords

Data Retention

Active Accounts: Data retained while your account is active
Inactive Accounts: Deleted after 2 years of inactivity (with notice)
Account Deletion: Permanently deleted within 30 days of deletion request

Your Rights and Choices

1. Access and Portability

Request a copy of your personal information
Download your data in machine-readable formats
View and manage your data through your account settings

2. GDPR Rights (EU Users)

If you are located in the European Union, you have additional rights under GDPR:

Right to Rectification: Correct inaccurate personal data
Right to Erasure: Request deletion of your personal data
Right to Restrict Processing: Limit how we use your data
Right to Object: Object to processing based on legitimate interests
Right to Data Portability: Receive your data in a portable format

3. CCPA Rights (California Users)

Right to Know: Information about data collection and use
Right to Delete: Request deletion of personal information
Right to Opt-Out: Opt out of the sale of personal information (Note: We do not sell personal information)

International Data Transfers

Our Service is based in the United States, and we may process your information in the US or other countries where our service providers operate.

For users in the European Economic Area (EEA), UK, or Switzerland, we implement appropriate safeguards including Standard Contractual Clauses (SCCs) approved by the European Commission.

Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information immediately.

Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service features. When we make material changes, we will notify you by email and through our Service. Continued use of our Service after changes take effect constitutes acceptance.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices:

General Privacy Inquiries:

Email: privacy@flamebyrd.com

Response Time: Within 5 business days

Data Protection Officer:

Email: dpo@flamebyrd.com

For GDPR-related inquiries and requests

Mailing Address:

Flamebyrd, Inc.
Attn: Privacy Team
United States

This Privacy Policy was last updated on January 2025 and is effective as of January 2025.

For questions about this policy, please contact us at privacy@flamebyrd.com