Touchpoint Privacy Policy

Data You Provide to Us

• Registration and Contact Information: Your name, email address, phone number, and company affiliation when you register, communicate with us, or request support.
• Payment Information: When purchasing our service, payment information is processed securely by our third-party payment provider (e.g., Stripe). We do not store your full payment card information.
• Email Contents and Attachments: When you integrate our Service with your Gmail or Outlook account, we collect the contents of inbound emails, including email bodies, attachments, and metadata such as sender, recipient, subject line, and timestamp.
• Feedback and Corrections: Any manual edits, corrections, or feedback you provide on the AI-generated outputs within the Service.

Data Collected Automatically

• Extracted Task Data: Descriptions, deadlines, dependencies, and related data points automatically generated by our AI from your emails.
• Usage and Analytics: Information such as timestamps of processing jobs, logs related to performance, service usage metrics, and system monitoring data.

Data from Third Parties

• Third-Party Authentication: Encrypted authentication tokens from Google and Microsoft when you connect your accounts to Touchpoint.
• Publicly Available Information: Occasionally, publicly available information related to professional contacts may be collected for providing enhanced Service features.

• AI Processing: Parsing your emails into tasks, extracting relevant deadlines, dependencies, and generating task descriptions.
• Knowledge Base: Storing and indexing emails, tasks, and related data for retrieval and ongoing matter management.
• Product Improvement: Using anonymized feedback and usage data to refine and enhance our AI models, algorithms, and product features.
• Communications and Notifications: Sending you updates on processing status, task reminders, Service updates, security alerts, and account notifications.

• Service Providers: We share data with essential technology partners to deliver our Service, including:
  • AWS (SES, Lambda, S3, Bedrock)
  • Supabase (Postgres, pgvector)
  • Amazon Textract
  • Third-party AI services (OpenAI, Anthropic, etc.)
• Legal Obligations: We may disclose your information in response to lawful requests by regulatory agencies, law enforcement, or pursuant to court orders.
• No Resale Commitment: We will never sell, rent, or lease your personal data to third parties.

• Retention Period: We retain emails, extracted task data, and related information for as long as your account remains active and for up to 2 years following account deletion, or as required by applicable law.
• Backup and Archival: Backup data is securely stored and retained separately for up to 6 months following account deletion.
• Your Data Rights: You may request data export, correction, or deletion of your personal data consistent with GDPR, CCPA, or applicable privacy laws.

• Encryption: All data is encrypted in transit using TLS and encrypted at rest in AWS S3 and Supabase Postgres databases.
• Access Controls: We employ strict, least-privilege access controls, AWS IAM roles, encrypted credentials, and multi-factor authentication.
• Logging and Monitoring: Comprehensive audit logs track who accessed data and when, ensuring transparency and accountability.

• AI Processing Opt-Out: You may configure settings to disable AI processing for specific emails or contacts within your account settings.
• Consent for Email Processing: By integrating your email account with Touchpoint, you consent to our processing of inbound emails as described herein.
• Notification Preferences: Customize notifications for new tasks, deadlines, processing statuses, and Service updates directly within your account preferences.

Touchpoint does not knowingly collect personal data from individuals under the age of 16. If we become aware of such collection, we will take immediate steps to delete this information.

We may periodically update this Privacy Policy. When we do, we will notify you by email or via a prominent in-app banner at least 14 days before such changes become effective.

We use essential, personalization, and analytics cookies to operate, personalize, and enhance your experience with our Service. You can control cookies through your browser settings or by using privacy-focused browser extensions. See our detailed Cookie Policy for more information.