Privacy Policy

1. What Information Do We Collect?

We collect minimal personal information needed to authenticate you with Salesforce and provide app functionality.

Account Data

We store minimal account information in our secure cloud infrastructure to enable app functionality:

• Salesforce username and organization ID
• Email address
• Authentication status
• Usage counters (for usage limits)

Retention: Until you request account deletion

Customer Support Data

When you contact support or submit feedback, we collect:

• Contact information (name, email, phone if provided)
• Support ticket descriptions and feedback
• Screenshots or error logs (only if you provide them)

Retention: 2 years

Device-Only Data

Your business data stays on your device only. The following is stored exclusively on your device in encrypted storage and never transmitted to our servers:

• All Salesforce Records (Contacts, Leads, Accounts, Opportunities, Tasks)
• App Preferences (display settings, default values, customizations)

Retention: Deleted immediately when you log out or uninstall the app

AI Processing Data

When you use AI features (image scanning, voice notes), the following data is processed temporarily:

• Images (sent to AI provider for text extraction)
• Voice recordings (sent to AI provider for transcription)
• Metadata (necessary technical information to enable accurate data extraction)

This data passes through our servers in memory only and is immediately forwarded to our AI service provider. Only extracted field values are returned to your device.

We do not send your existing Customer Data to AI providers. Only new data you're capturing is processed.

Retention: Our AI provider retains data temporarily for security monitoring, then permanently deletes it. Data is never used for AI model training.

Opt Out: Don't use AI features. You can manually enter all data.

Automatically Collected Data

We automatically collect device information and usage data to improve the service:

• Device type, operating system, app version
• Features used, error logs (anonymized)
• App crashes, response times (no personal data included)

2. How Do We Process Your Information?

We process minimal personal information to authenticate you and enable core features, for these specific purposes:

• To authenticate you with Salesforce (we facilitate direct connection between your device and Salesforce)
• To manage your account (we store basic account information to enable app functionality and subscription management)
• To enable AI extraction (temporary processing of images/audio with immediate deletion)
• To provide customer support (only when you contact us)
• To ensure security (preventing unauthorized access)
• To comply with legal obligations (when required by law)

Important: We do not process, access, or store your Salesforce records. All Contacts, Leads, Accounts, Opportunities, and Tasks remain on your device and sync directly with your Salesforce instance.

3. What Legal Bases Do We Rely On to Process Your Information?

We only process your personal information when we have a valid legal reason to do so.

If you are located in the EU or UK

Under GDPR, we rely on the following legal bases:

• Performance of a Contract (to provide the service you requested)
• Legitimate Interests (for support, security, and service improvement)
• Legal Obligations (to comply with applicable laws)
• Consent (for any optional features, you can withdraw anytime)

If you are located in Canada

We process your information with your express or implied consent, which you can withdraw at any time.

If you are located in the United States

We process your information in accordance with our Terms of Service and this Privacy Notice.

4. When and With Whom Do We Share Your Personal Information?

We share information only with essential service providers and never sell your data.

Service Providers

We use trusted service providers for:

• Cloud infrastructure and database hosting (USA)
• AI processing for image scanning and voice transcription (USA)

Other Sharing

We may share your information in these situations:

• Salesforce (direct authentication with your Salesforce instance)
• Legal Requirements (when required by law or to protect rights)
• Business Transfers (in connection with merger, sale, or acquisition)

We Never

• Sell your personal information
• Share your Salesforce records
• Allow third parties to use your information for their own purposes

5. Do We Use Cookies and Other Tracking Technologies?

Our mobile application does not use cookies or tracking technologies. Our website may use essential cookies for basic functionality only. We do not track users across third-party websites or use advertising cookies.

6. Do We Offer Artificial Intelligence-Based Products?

We use AI for temporary processing only — your data is never stored or used for training.

How We Use AI

Our AI features enable you to:

• Extract text from images
• Transcribe voice recordings to create tasks
• Process natural language for data extraction

For information about how AI features work and acceptable use, see our Terms of Service Section 6.

What Data is Sent to Our AI Provider

When you use AI features, the following data is temporarily sent to our AI service provider:

• Images or voice recordings (for text extraction and transcription)
• Metadata (technical information necessary for accurate data extraction)

See Section 1 for complete details.

Privacy Guarantee

Your images and recordings pass through our servers in memory only, are never persisted to disk, and are immediately forwarded to our AI provider for extraction. Our AI provider retains data temporarily for security monitoring, then permanently deletes it. Your data is never used for AI training. Only extracted field values return to your device and Salesforce.

We never send your existing Customer Data (Contacts, Leads, Accounts, Opportunities, Tasks) to AI providers. Only new data you're capturing is processed.

7. Is Your Information Transferred Internationally?

Our backend services are hosted in the United States. If you are located outside the United States, your authentication tokens and account data will be transferred to and processed in the US.

Audio and image data passes through our US-based infrastructure during AI processing but is not stored. Only extracted field values are returned to your device.

Your Salesforce records stay on your device: All Contacts, Leads, Accounts, Opportunities, and Tasks remain on your device and sync directly with your Salesforce instance.

International Transfer Safeguards: We use EU Standard Contractual Clauses (SCCs) to ensure appropriate safeguards for data transfers from the EU/UK/EEA to the United States. Our service providers are certified under industry-standard security frameworks including ISO 27001, SOC 2, and are GDPR compliant.

8. How Long Do We Keep Your Information?

We keep minimal account data until you delete your account. Device data is deleted instantly when you log out or delete the app.

Retention Periods

• Device Data (Salesforce records) — Deleted immediately when you log out or uninstall the app
• Account Data — Retained until you request account deletion
• Usage Counters — Reset monthly, retained for app functionality
• AI Processing (images and audio) — Deleted immediately after processing
• Support Tickets — Retained for up to 2 years for service improvement

9. How Do We Keep Your Information Safe?

We use industry-standard security with encryption at rest and in transit.

Security Measures

• Device storage uses platform-level encryption
• All data transmission uses TLS/HTTPS encryption
• Authentication tokens stored in secure device keychain
• No server-side storage of Salesforce records

Compliance and Certification

We have successfully passed Salesforce's Security Review, demonstrating our commitment to security best practices and data protection standards.

10. Do We Collect Information From Minors?

No. Our service is for business use only. We do not knowingly collect data from anyone under 18 years of age. This is a business application designed for professional use. If we learn that we have collected information from a minor, we will delete that information immediately. Please contact us if you believe we have inadvertently collected information from a minor.

11. What Are Your Privacy Rights?

You have full control over your data. Depending on your location, you have the following rights:

Your Rights

• Access (request a copy of your personal information)
• Delete (request deletion of your account and data)
• Correct (update inaccurate information)
• Export (receive your data in a portable format)
• Object (opt out of certain processing)
• Restrict (limit how we use your information)
• Withdraw Consent (remove permission for optional features)

Immediate Control

Log out or delete the app at any time to instantly remove all local data including all Salesforce records. Your data in Salesforce remains under your control through Salesforce.

12. Controls for Do-Not-Track Features

Our mobile application does not track users across websites. Our website respects Do-Not-Track signals where technically feasible. We do not engage in cross-site tracking or behavioral advertising.

13. Do United States Residents Have Specific Privacy Rights?

Yes, US residents have specific rights under state privacy laws.

Your Rights Under State Laws

If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you have the right to:

• Know what personal information we collect
• Access your personal data
• Correct inaccuracies
• Delete your personal data
• Opt out of sale (we do not sell personal data)
• Non-discrimination for exercising rights

California Residents

Under CCPA/CPRA, you have additional rights including the right to know if we sell or share personal information (we don't), limit use of sensitive personal information (we don't collect any), and request information about our data practices.

14. Do Other Regions Have Specific Privacy Rights?

Australia and New Zealand

We comply with the Australian Privacy Act 1988 and New Zealand Privacy Act 2020. You have rights to access and correct your information, and to complain to the respective privacy commissioners.

Republic of South Africa

Under POPIA, you have rights to access, correct, and delete your information. Complaints can be lodged with the Information Regulator.

15. Do We Make Updates to This Notice?

Yes, we will notify you of material changes. We may update this Privacy Notice from time to time. We will notify you of any material changes by posting the new Privacy Notice and updating the "Last updated" date. For significant changes, we will provide additional notice through the app or email.

17. How Can You Review, Update, or Delete Your Data?

You have several options to manage your data:

Your Options

• Immediate Deletion — Delete the app to instantly remove all local data including all Salesforce records (Contacts, Leads, Accounts, Opportunities, Tasks)
• Account Deletion — Email privacy@seamless.ly to request account deletion
• Data Access — Contact us for a copy of your personal information
• Salesforce Data — Manage your Contacts, Leads, Accounts, Opportunities, and Tasks through your Salesforce instance directly