Privacy Policy

Introduction

Intelo, Inc. ("Intelo," "we," "us," or "our") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, store, and share your personal information when you use Intelo and Ivo, your AI coworker. We believe that transparency is the foundation of trust, and we want you to understand exactly how your data is handled.

This policy applies to all users of the Intelo platform, including our web application, APIs, and any related services. By creating an account and using Intelo, you agree to the practices described in this policy.

We encourage you to read this policy carefully. If you have any questions about our privacy practices, you can reach us at any time at privacy@getintelo.com.

Information We Collect

When you create an account, we collect basic account information including your name, email address, profile photo, and authentication credentials. If you sign up through Google OAuth, we receive only the profile information authorized by your Google account settings.

To power Ivo, we process content from your connected integrations, including emails, calendar events, and documents. This content is used exclusively to provide you with AI-powered insights, summaries, and recommendations within the Intelo platform.

We also collect usage data such as features accessed, actions taken, and preferences configured within the application. This helps us understand how you use Intelo so we can improve the experience.

Device and browser information, including device type, operating system, browser version, and IP address, may be collected for security monitoring and service optimization purposes.

How We Use Information

We use the information we collect primarily to provide and operate the Intelo service. Ivo uses your connected data to classify emails, extract action items, generate meeting preparation notes, build relationship intelligence, and draft recommended replies for your review.

We analyze aggregated, anonymized usage patterns to improve product features, identify and fix bugs, and optimize the performance of our platform. We do not use your personal content to train AI models.

We use your contact information to send you important service communications, including daily briefings, end-of-day summaries, weekly digests, and account notifications. You can configure or disable any of these from your settings at any time.

We use device information and usage patterns to detect unauthorized access, prevent fraudulent activity, and ensure the security and integrity of the platform for all users.

AI Data Processing

Ivo processes your data using a zero-retention architecture. When your connected data is sent to our AI infrastructure for analysis, it is processed in real-time and is not persistently stored by the AI provider. Only the structured outputs, such as summaries, classifications, and action items, are saved to your account.

Your data is never used to train, fine-tune, or improve any third-party AI models. We maintain strict data processing agreements with our AI providers that contractually prohibit the use of your data for model training purposes.

All AI processing happens on a per-user basis. Your data is never combined with, exposed to, or influenced by another user's data. Vector embeddings generated from your content are stored in isolated, user-scoped collections with strict access controls.

Sensitive personal information such as financial account numbers and government identifiers is automatically redacted before any AI processing takes place, providing an additional layer of protection for your most sensitive data.

Third-Party Integrations

Intelo integrates with Gmail, Outlook, Google Calendar, Slack, Microsoft Teams, Google Chat, WhatsApp, Google Drive, OneDrive, Dropbox, Discord, and Notion to provide a unified view of your work. Each integration requires a separate, explicit connection step using OAuth, so you always know which services are linked and can revoke access at any time.

We request only the minimum OAuth scopes necessary for each integration to function. For Gmail, we access email metadata and body content to classify, summarize, and extract action items. For Google Calendar, we read event details, attendee lists, and scheduling information to prepare meeting briefs.

For Slack, we access messages in channels and direct messages you have access to in order to surface action items and maintain relationship context across your communications. For Notion, we access pages and databases you authorize to incorporate your documentation into Ivo's context.

Data from your integrations is never shared with other users, used for advertising, or accessed for any purpose other than providing the Intelo service to you. When you disconnect an integration, we immediately delete the associated OAuth tokens and stop syncing new data.

Data Storage & Security

All data stored by Intelo is encrypted at rest using AES-256 encryption. Data in transit between your browser and our servers, as well as between our internal services, is protected using TLS 1.3. OAuth tokens for connected services are encrypted with AES-256-GCM using per-user encryption keys.

Our infrastructure is hosted on AWS with enterprise-grade security controls. We employ row-level security policies to ensure that users can only access their own data. API keys are stored as SHA-256 hashes, and webhook payloads are signed with HMAC-SHA256 for integrity verification.

We conduct regular security audits, penetration testing, and vulnerability assessments to maintain the highest standards of data protection. Our engineering team follows secure development practices and undergoes periodic security training.

In the unlikely event of a data breach, we will notify affected users and relevant regulatory authorities within 72 hours in accordance with applicable data protection laws.

Data Sharing

Intelo does not sell, rent, or trade your personal data to third parties. We will never monetize your data through advertising or data brokerage. Your information belongs to you.

We share data only with a limited set of service providers who are essential to operating the platform, including our cloud hosting provider for infrastructure, our email delivery service for transactional notifications, and our AI provider for data processing. Each provider is bound by data processing agreements that restrict how they can use your data.

We may disclose your information if required to do so by law, legal process, or a valid governmental request. We may also disclose information if we believe it is necessary to protect the rights, safety, or property of Intelo, our users, or the public.

In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.

Your Rights

You have the right to access all personal data that Intelo holds about you. You can view your data at any time through your dashboard and account settings, including contacts, feed items, action items, and chat history.

You can correct or update your personal information, including your profile details, preferences, and notification settings, at any time from your account settings. If you identify inaccuracies in AI-generated content, you can edit or delete those items directly.

You have the right to delete your account and all associated data at any time from your account settings. Deletion is permanent and irreversible, covering all contacts, feed items, calendar events, chat history, vector embeddings, API keys, and integration tokens.

You can export a complete copy of your data in a portable format at any time. You also have the right to opt out of all non-essential marketing communications while continuing to receive critical account notifications.

To exercise any of these rights, you can use the controls in your account settings or contact us at privacy@getintelo.com. We respond to all privacy-related requests within 30 days.

Cookies & Tracking

Intelo uses only essential cookies that are strictly necessary for the operation of the service. These include authentication cookies to maintain your login session and preference cookies to remember your application settings.

We do not use third-party advertising cookies, tracking pixels, or cross-site tracking technologies. We do not participate in any ad networks and will never serve targeted advertisements based on your data or browsing behavior.

We may use privacy-respecting analytics to understand aggregate usage patterns, but only with your consent and in a manner that does not identify individual users. You can withdraw your analytics consent at any time.

We respect Do Not Track browser signals and will not engage in any form of tracking when such signals are detected.

Children's Privacy

Intelo is a business productivity platform designed for professional use and is not intended for individuals under the age of 18. We do not knowingly collect, solicit, or store personal information from anyone under 18 years of age.

If we become aware that we have inadvertently collected personal data from a user under 18, we will take immediate steps to delete that information from our systems and terminate the associated account.

If you believe that a child under 18 has provided us with personal information, please contact us immediately at privacy@getintelo.com so that we can take appropriate action.

International Transfers

Intelo is operated by Intelo, Inc. from the United States. Your data is primarily processed and stored in data centers located within the United States. If you access Intelo from outside the US, your data will be transferred to and processed in the United States.

We participate in and comply with the EU-US Data Privacy Framework, ensuring that personal data transferred from the European Economic Area receives an adequate level of protection consistent with European data protection standards.

We also implement standard contractual clauses and other appropriate safeguards when transferring data to service providers located outside of the EEA, as required by the General Data Protection Regulation.

By using Intelo, you acknowledge and consent to the transfer of your information to the United States and other jurisdictions as described in this policy, subject to the protections outlined herein.

Data Retention

Your personal data and account information are retained for as long as your account remains active. We retain this data to provide you with continuous access to your AI-generated insights, relationship history, and communication context.

When you close your account, all associated data is permanently deleted within 30 days. This includes your profile information, contacts, feed items, calendar events, chat history, vector embeddings, API keys, and integration tokens. We do not maintain backups of deleted user data.

When you disconnect a specific integration, the associated OAuth tokens are immediately deleted and we stop syncing new data from that service. Previously synced data remains in your account until you manually remove it or delete your account.

Anonymized, aggregated analytics data that cannot be linked back to any individual user may be retained indefinitely for product improvement and research purposes.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last updated" date at the top of this page.

For material changes that significantly affect how we collect, use, or share your personal data, we will notify you via email at the address associated with your account at least 30 days before the changes take effect.

We encourage you to review this policy periodically to stay informed about how we protect your data. Your continued use of Intelo after any changes to this policy constitutes your acceptance of the updated terms.