Privacy Policy

1. Introduction

Agentivity Tech Inc. (“we”, “us”, or “our”) operates https://agentivity.tech/ and https://mia.agentivity.tech/ (together, the “Service”). This Privacy Policy explains how we collect, use, store, protect, and disclose personal data when you use our Service, in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and other applicable EU data protection laws.

Agentivity Tech Inc. acts as a data controller for the personal data processed through the Service, unless otherwise stated.

By using the Service, you acknowledge that your personal data will be processed as described in this Privacy Policy.

2. Legal Bases for Processing (GDPR Article 6)

We process personal data only where a valid legal basis applies, including:

  • Consent (Article 6(1)(a)) – where you have given explicit permission (e.g., connecting Google services)
  • Performance of a contract (Article 6(1)(b)) – where processing is necessary to provide the Service
  • Legal obligation (Article 6(1)(c)) – where required by law
  • Legitimate interests (Article 6(1)(f)) – limited to ensuring security, service reliability, and fraud prevention, and only where such interests do not override your fundamental rights

3. Use of Google APIs

Agentivity Tech’s use and transfer of information received from Google APIs fully complies with the Google API Services User Data Policy, including the Limited Use requirements.

4. Restriction on the Use of Data from Google Workspace APIs

In accordance with GDPR principles of purpose limitation and data minimisation (Articles 5(1)(b) and 5(1)(c)):

  • Data obtained from Google Workspace APIs is not used to develop, train, or improve generalized artificial intelligence (AI) or machine learning (ML) models.
  • Data is processed solely to deliver the specific functionality explicitly requested by the user.

5. Personal Data We Collect

5.1 Google User Data

When you explicitly authorise access via Google APIs, we may process the following categories of personal data strictly necessary to provide the Service:

  • Email content and metadata
  • Calendar events
  • Contact information

We collect and process this data only with your explicit, informed consent (GDPR Article 7).

6. Purposes of Processing

We process personal data solely for the following purposes:

  • Providing and operating the Service
  • Automating email responses and scheduling
  • Analysing communication patterns to deliver user-requested insights
  • Improving usability and performance of the application

We do not use data obtained from Google APIs to train or enhance AI or ML models.

7. Data Protection and Security Measures

In compliance with GDPR Article 32, we implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of data in transit and at rest
  • Strict access control and authentication mechanisms
  • Role-based access limitations
  • Regular security reviews, audits, and vulnerability assessments

8. Data Retention and Storage Limitation

We adhere to the GDPR principle of storage limitation (Article 5(1)(e)):

  • Google user data is retained only for as long as necessary to provide the Service
  • Unused or inactive data is automatically deleted after 90 days
  • You may request deletion of your data at any time
  • We do not retain personal data without a valid legal basis or explicit consent

9. Data Sharing and International Transfers

  • We do not sell, rent, or share personal data with third parties
  • Personal data is disclosed only:
    • With your explicit consent
    • To comply with EU or Member State legal obligations

Where data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) in accordance with GDPR Chapter V.

10. Your Rights Under GDPR

As an EU/EEA data subject, you have the following rights:

  • Right of access (Article 15)
  • Right to rectification (Article 16)
  • Right to erasure (“right to be forgotten”) (Article 17)
  • Right to restrict processing (Article 18)
  • Right to data portability (Article 20)
  • Right to object to processing (Article 21)
  • Right to withdraw consent at any time (Article 7(3))
  • Right to lodge a complaint with a supervisory authority in your EU Member State

To exercise your rights, contact us at: info@agentivity.tech

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. Updates will be published on this page, and the “Last updated” date will be revised accordingly.