Privacy Policy

Last Updated: March 24, 2025

1. Introduction

Welcome to August ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a positive experience when using our AI-powered universal interface application ("the Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services.

1.1 Scope of Service

August serves as a universal interface to digital services, allowing you to interact with multiple third-party platforms through our AI-powered assistant. Our service includes:

  • Natural language processing of your requests
  • Integration with various third-party services
  • Secure authentication management
  • Automated task execution
  • Proactive notifications and alerts

2. Information We Collect

2.1 Information You Provide

  • Account information (email address and password)
  • Chat messages and interactions with our AI assistant
  • Service connection preferences and settings
  • Third-party service credentials and tokens (stored securely)
  • Payment information (processed securely through RevenueCat and your device's app store)
  • Custom tool configurations and preferences
  • Task-specific information provided in chat conversations

2.2 Automatically Collected Information

  • Device information (type, operating system, unique identifiers)
  • App usage statistics and interaction patterns
  • Performance metrics and error logs
  • API call logs and service interaction records
  • Authentication tokens and session information
  • Network connection information
  • Time zone and language preferences

2.3 Third-Party Service Information

When you connect third-party services, we may receive:

  • Service-specific authentication tokens
  • Profile information from connected services
  • Activity logs related to automated tasks
  • Service-specific permissions and scope access
  • Integration-specific metadata

2.4 Usage Analytics

We collect analytics about:

  • Feature usage patterns
  • Tool and integration effectiveness
  • Error rates and performance metrics
  • User interaction patterns
  • Service reliability metrics

3. How We Use Your Information

3.1 Service Provision

  • To authenticate your account and maintain security
  • To process and respond to your natural language requests
  • To connect and interact with third-party services on your behalf
  • To provide personalized assistance and recommendations
  • To process your subscription payments through RevenueCat
  • To maintain service connection histories
  • To execute automated tasks and workflows
  • To provide proactive notifications and alerts

3.2 Service Improvement

  • To analyze and improve service performance
  • To optimize response accuracy and relevance
  • To enhance integration capabilities
  • To develop new features and functionality
  • To improve error handling and recovery
  • To optimize tool suggestions and workflows
  • To enhance the user experience

3.3 Security and Compliance

  • To protect against unauthorized access
  • To monitor and prevent fraud
  • To maintain audit logs of system actions
  • To ensure compliance with service agreements
  • To verify authentication integrity
  • To protect user data and privacy

3.4 Communication

  • To send essential service notifications
  • To provide support and assistance
  • To communicate about account status
  • To send subscription-related updates
  • To notify about security incidents
  • To alert about privacy policy changes

4. Data Protection

4.1 Security Infrastructure

We employ robust security measures to protect your information from unauthorized access, use, or disclosure. These measures include:

  • Encryption: We use industry-standard encryption protocols to protect your data in transit and at rest. All data transmitted between your device and our servers is encrypted using HTTPS. Sensitive data, such as passwords and payment information, is encrypted using AES-256 encryption.
  • Access Controls: We implement strict access controls to limit access to your information to authorized personnel only. Access to sensitive data requires multi-factor authentication and is logged for auditing purposes.
  • Regular Security Audits: We conduct regular security audits and penetration testing to identify and address potential vulnerabilities in our systems.
  • Intrusion Detection and Prevention: We use intrusion detection and prevention systems to monitor our network for malicious activity and to prevent unauthorized access to our systems.
  • Data Loss Prevention: We implement data loss prevention (DLP) measures to prevent sensitive data from being accidentally or intentionally disclosed.
  • Incident Response Plan: We have a comprehensive incident response plan in place to address any security incidents that may occur. This plan includes procedures for identifying, containing, and eradicating security threats, as well as for notifying affected users.

4.2 Data Storage

  • Encrypted database management
  • Secure credential vaulting
  • Temporary message caching
  • Secure token storage
  • Protected audit logs
  • Encrypted backup systems

4.3 Access Controls

  • Role-based access control
  • Multi-factor authentication for sensitive operations
  • Regular access reviews
  • Audit logging of access patterns
  • Automated suspicious activity detection

4.4 Data Retention

  • Chat messages: Retained for service provision, deleted after 30 days
  • Account information: Maintained while account is active
  • Authentication tokens: Rotated regularly per service requirements
  • Usage logs: Retained for 90 days
  • Audit logs: Retained for 1 year
  • Backup data: Encrypted and retained for 30 days

You can request deletion of your account and associated data at any time through the app settings.

5. Information Sharing and Third-Party Services

5.1 Service Providers

We use select third-party service providers:

  • Authentication and database services (Supabase)
  • Payment processing (RevenueCat)
  • Cloud infrastructure providers
  • Analytics and monitoring services
  • Error tracking and reporting
  • Natural language processing (Azure OpenAI)

5.2 Integrated Services

When you enable specific features, we may interact with:

  • GitHub (for repository management)
  • Slack (for messaging and notifications)
  • Google Workspace (for calendar and email)
  • Other user-authorized services

5.3 Data Processing Agreements

We maintain data processing agreements with our service providers that:

  • Restrict data usage to service provision
  • Require appropriate security measures
  • Mandate privacy protection standards
  • Ensure GDPR and CCPA compliance
  • Prohibit unauthorized data sharing

5.4 Important Disclosures

To ensure transparency and protect your privacy, we make the following disclosures:

  • We do not sell your personal information to third parties.
  • We do not use your data for training our AI models.
  • We do not share your information with third parties for marketing or advertising purposes. Your data is strictly used for personalizing your AI experience and improving the Service.
  • We do not retain third-party service data beyond the necessary operational periods.
  • We do not combine data across services without your explicit consent.

6. Your Rights and Choices

6.1 Account Controls

You have the following rights regarding your personal information:

  • Access: You have the right to request access to the personal information we hold about you.
  • Correction: You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.
  • Deletion: You have the right to request that we delete your personal information, subject to certain exceptions.
  • Objection: You have the right to object to the processing of your personal information in certain circumstances.
  • Restriction: You have the right to request that we restrict the processing of your personal information in certain circumstances.
  • Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit that information to another controller.

To exercise these rights, please contact us using the contact information provided in Section 9.

6.2 Service Connections

You can:

  • Connect/disconnect third-party services
  • Modify service permissions
  • Review connected services
  • Revoke access tokens
  • Update integration preferences

6.3 Privacy Controls

You can:

  • Adjust data retention settings
  • Manage cookie preferences
  • Control analytics sharing
  • Configure notification settings
  • Update communication preferences

6.4 Data Portability

You can:

  • Export your chat history
  • Download your account data
  • Transfer service connections
  • Retrieve integration logs

7. Children's Privacy

7.1 Age Restrictions

Our service is intended for users aged 12 and older. We do not knowingly collect information from children under 12. Users between 12 and 18 should have parental consent.

7.2 Verification

We implement reasonable measures to verify user age, including:

  • Age verification during registration
  • Parental consent mechanisms
  • Account restriction capabilities
  • Content and feature limitations

7.3 Data Protection

If we discover we have collected information from a child under 12:

  • We will immediately suspend the account
  • Delete all associated data
  • Notify parent/guardian if possible
  • Document the incident
  • Review prevention measures

8. Changes to This Policy

8.1 Policy Updates

We may update this Privacy Policy periodically to reflect:

  • New features and functionality
  • Changed business practices
  • Legal and regulatory requirements
  • Security and privacy enhancements
  • User feedback and concerns

8.2 Notification

We will notify you of material changes through:

  • In-app notifications
  • Email communications
  • Service announcements
  • Website updates

8.3 Prior Versions

  • Archives of previous policies are available upon request
  • Change logs are maintained for transparency
  • Major changes are summarized for clarity

9. Contact Us

9.3 Consent

By using the Service, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not use the Service.

9.1 General Inquiries

For questions about this Privacy Policy or our practices:

  • Email: privacy@august.ai
  • In-app support chat
  • Help center: help.august.ai
  • Postal mail: August AI, 123 Tech Lane, San Francisco, CA 94107

9.2 Data Requests

For specific data-related requests:

  • Privacy team: privacy@august.ai
  • Data protection officer: dpo@august.ai
  • Security team: security@august.ai

10. Legal Rights

10.1 California Privacy Rights (CCPA)

California residents have the right to:

  • Know what personal information is collected
  • Know whether personal information is sold or disclosed
  • Say no to the sale of personal information
  • Access their personal information
  • Request deletion of their information
  • Equal service and price

10.2 European Privacy Rights (GDPR)

EU residents have the right to:

  • Access their personal data
  • Rectify inaccurate data
  • Erase their data
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent

10.3 Other Jurisdictions

We comply with privacy laws in:

  • Canada (PIPEDA)
  • Australia (Privacy Act)
  • Brazil (LGPD)
  • Other applicable jurisdictions
Back to Home