Data Policy

Effective Date: 1 Jan 2024, Version 1.0.0

This Data Policy outlines the principles and practices by which 7Segments s.r.o. (7Segments) handles customer data, emphasizing our unwavering commitment to customer privacy and data protection.

1. Introduction

We are steadfast in our commitment to ensuring the privacy and security of our customers’ data. This Data Policy delineates the measures we take to responsibly protect and manage customer data.

2. Data Ownership

Customer Data: All data provided by our customers or generated through their use of our services remains the property of the customer.
Data Protection: We safeguard this data in accordance with applicable laws and our internal policies.

3. Data Handling Practices

Telemetry Data: We collect telemetry data to understand product usage and enhance our services. This includes tracking usage patterns, identifying issues, and improving user experience.
Customer Feedback: We process feedback forms and signals to gather insights and refine our offerings. This data is aggregated and analyzed without identifying individual users.
Generative AI Prompts: We prepare prompts for our generative AI services without accessing or utilizing customer-specific data.
No Training on Customer Data: We do not utilize customer data to train our AI models. Our AI training processes rely on data that does not include any customer-specific information.

4. Integration with MS Teams

As part of our service offering, we optionally integrate MS Teams to provide users with access to TeamDay via the MS Teams interface. The following outlines our data handling practices in this context:

Data Access and Consent: We do not collect data directly from MS Teams. To enhance the quality of AI-generated insights, we seek users’ explicit consent to access specific scopes of data through Microsoft Graph. The data scopes may include user information, calendar events, tasks, emails, and meetings.
Data Processing: The data accessed via Microsoft Graph is processed on the fly to generate AI insights. This processing is fully automated, and no human intervention occurs in the data handling process.
Data Security and Storage: We do not retain or store copies of the data accessed from Microsoft Graph within our service. Only the AI-generated reports derived from this data are stored. All data transmissions and processing activities are conducted securely and in compliance with applicable privacy regulations.

5. Subprocessors

We employ the following subprocessors to deliver our services:

Google LLC: Provides Google Firebase services. https://firebase.google.com/support/privacy
OpenAI: Provides API endpoints for AI services. https://platform.openai.com/docs/models/how-we-use-your-data
Microsoft Azure: Provides Azure cloud services. https://azure.microsoft.com/en-us/explore/trusted-cloud/privacy
PostHog: Provides product analytics services. https://posthog.com/handbook/company/security

All subprocessors adhere to stringent privacy and security standards to protect customer data.

6. Data Access and Control

Customer Control: Customers retain the right to request access, modification, or deletion of their data at any time.
Access Restrictions: Access to customer data is limited to authorized personnel only, with all access logged and monitored to ensure compliance.

7. Data Retention

Personal data, user-entered notes, comments, reactions, reports is retained only for as long as necessary to fulfill the purposes for which it was collected. Specific retention periods are determined based on the legal basis for processing and applicable regulations.

8. Compliance and Audits

We comply with all relevant data protection regulations and conduct regular audits to ensure adherence to our data policy.

9. Contact Information

For any inquiries or concerns regarding this data policy, please contact us at jozo@ayanza.com.

10. Updates to This Policy

We may periodically update this policy. Customers will be notified of significant changes, and the updated policy will be posted on our website.