Privacy Policy

When you register for and use our Service, we collect information that you provide directly to us, including:

• Account Information: Your name, email address, company name, and password when you create an Account.
• Integration Credentials: Authentication tokens and credentials necessary to access your Integration Sources. These are securely stored and used only to fetch data on your behalf.
• Payment Information: Payment details processed through our third-party payment processor, Stripe. We do not directly store your complete payment card information.
• Communication Data: Information you provide when you contact us for support, feedback, or other inquiries.
• Profile Settings: Preferences and settings you configure within your Account.

When you access and use our Service, we automatically collect certain information:

• Usage Data: Information about how you interact with our Service, including features accessed, actions taken, and time spent on the platform.
• Device Information: Device type, operating system, browser type and version, IP address, and unique device identifiers.
• Log Data: Server logs that include IP addresses, access times, pages viewed, and diagnostic data.
• Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies to enhance your experience. See our "Cookies and Tracking Technologies" section for more details.

With your explicit authorization, we access data from your Integration Sources during scheduled daily pulls in read-only mode. This means we can never send emails, modify calendar events, or take any actions within your connected accounts on your behalf — access is strictly limited to reading the data necessary to generate your Daily Briefing. This may include:

• Email Data: Subject lines, sender information, timestamps, and metadata (we do not store email body content after processing).
• Calendar Data: Event titles, dates, times, attendees, and meeting metadata.
• Collaboration Tools: Messages, tasks, project updates, and related metadata from platforms like Slack, Jira, and Linear.
• Other Connected Services: Information from any other third-party services you choose to integrate with Dailystack.

• To provide, operate, and maintain the Dailystack Service.
• To process data from your Integration Sources and generate AI-powered Daily Briefings and actionable insights.
• To authenticate your Account and manage your access to the Service.
• To personalize your experience and improve the quality of our insights.
• To develop new features, products, and services.
• To analyze usage patterns and optimize Service performance.

• To send you Daily Briefings and notifications about your integrated services.
• To respond to your inquiries, support requests, and feedback.
• To send important Service announcements, updates, and security alerts.
• To provide information about new features or changes to our Service (you may opt out of marketing communications).

• To detect, prevent, and address technical issues, fraud, and security vulnerabilities.
• To enforce our Terms of Service and protect our rights and property.
• To comply with legal obligations, court orders, and government requests.
• To protect the safety and security of our users and the public.

Dailystack uses artificial intelligence to analyze data from your Integration Sources and generate your personalized Daily Briefings (digests). Each time your briefing is generated, our AI reads the relevant data from your connected tools, identifies key themes, tasks, and events, and produces a concise, actionable summary — all in real-time during the scheduled data pull.

While we implement safeguards to ensure accuracy and relevance, AI systems may occasionally produce errors or unexpected results. By using our Service, you acknowledge and accept the inherent limitations associated with AI-powered analysis.

We engage trusted third-party service providers to assist us in operating our Service. These providers have access to your information only to perform specific tasks on our behalf and are obligated to protect your data:

• Payment Processing: Stripe processes all payment transactions. Please review Stripe's privacy policy for information on how they handle your payment data.
• Cloud Infrastructure: We use secure cloud hosting providers to store Daily Briefings and maintain Service infrastructure.
• AI and Analytics Services: Third-party AI providers may assist in processing and generating insights. All such providers are bound by strict confidentiality agreements and are contractually prohibited from using your data to train or improve any AI or machine learning models.
• Email and Communication Services: Providers that help us deliver notifications and Daily Briefings to you.

When you connect Integration Sources, you authorize us to access specific data from those services in read-only mode. We cannot send emails, modify calendar events, or take any actions within your connected accounts. We access only the data necessary to provide our Service, subject to the permissions you grant through each Integration Source's authorization process.

We may disclose your information if required to do so by law or in response to:

• Valid legal processes such as subpoenas, court orders, or search warrants.
• Government or regulatory requests where disclosure is necessary for national security, law enforcement, or other legal purposes.
• Situations involving potential violations of our Terms of Service or to protect the rights, property, or safety of Dailystack, our users, or others.

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the acquiring entity. We will notify you via email and/or a prominent notice on our Service before your information becomes subject to a different privacy policy.

We may share your information for purposes not described in this Privacy Policy if we obtain your explicit consent.

Dailystack follows a privacy-conscious approach to data retention:

• Integration Source Data: Raw data pulled from your Integration Sources is processed in real-time and is not stored after the Daily Briefing is generated. This ensures your sensitive information remains in your control.
• Daily Briefings and Summaries: Generated briefings and insights are stored in your dashboard so you can access them later. These summaries are retained until you choose to delete them.
• Account Information: We retain your Account information for as long as your Account is active or as needed to provide you with the Service.
• Usage and Log Data: Technical logs and usage data are retained for a limited period for security, debugging, and Service improvement purposes.

You have control over your data:

• Disconnect Integrations: You can disconnect any Integration Source at any time from your dashboard. Your access tokens are revoked immediately upon disconnection.
• Delete Individual Briefings: You can delete specific Daily Briefings at any time through your dashboard.
• Delete All Data: You can request complete deletion of all your stored briefings and summaries through your Account settings.
• Account Deletion: If you delete your Account, we will delete or anonymize your Personal Information within 30 days, except where we are required by law to retain certain information.

To exercise your deletion rights or for assistance, contact us at help@dailystack.ai.

Cookies are small text files stored on your device when you visit our Service. We use cookies and similar tracking technologies to enhance your experience, analyze usage, and improve our Service.

• Essential Cookies: Required for the Service to function properly, including authentication and security features.
• Functional Cookies: Enable enhanced functionality and personalization, such as remembering your preferences.
• Analytics Cookies: Help us understand how users interact with our Service to improve performance and user experience.
• Performance Cookies: Collect information about Service performance and usage patterns.

You can control cookie settings through your browser preferences. Most browsers allow you to refuse cookies or alert you when cookies are being sent. However, disabling cookies may limit your ability to use certain features of our Service. To learn more about managing cookies, visit your browser's help section.

• Access: Request access to the Personal Information we hold about you.
• Correction: Request correction of inaccurate or incomplete information.
• Deletion: Request deletion of your Personal Information, subject to legal retention requirements.
• Portability: Request a copy of your data in a structured, machine-readable format.
• Objection: Object to certain processing activities of your Personal Information.
• Restriction: Request restriction of processing under certain circumstances.
• Withdraw Consent: Withdraw consent for processing where we rely on consent as the legal basis.

As a Canadian company based in Toronto, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). Canadian residents have the right to:

• Know what Personal Information we collect and how it is used.
• Access their Personal Information and request corrections.
• Withdraw consent for collection, use, or disclosure of Personal Information (subject to legal or contractual restrictions).
• File a complaint with the Office of the Privacy Commissioner of Canada if they believe their privacy rights have been violated.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

• The right to lodge a complaint with a supervisory authority.
• The right to object to processing based on legitimate interests.
• Enhanced rights regarding automated decision-making and profiling.

We process your data based on the following legal bases: your consent, performance of our contract with you, compliance with legal obligations, and our legitimate interests in operating and improving our Service.

California residents have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request disclosure of the categories and specific pieces of Personal Information we have collected.
• Right to Delete: Request deletion of your Personal Information.
• Right to Correct: Request correction of inaccurate Personal Information.
• Right to Opt-Out: We do not sell or share Personal Information as defined by the CCPA/CPRA.
• Right to Limit: Request limitation of use and disclosure of sensitive Personal Information.
• Right to Non-Discrimination: Exercise your rights without facing discriminatory treatment.

We do not sell Personal Information and have not sold Personal Information in the preceding 12 months. We do not share Personal Information for cross-context behavioral advertising.

To exercise any of these rights, please contact us at help@dailystack.ai. We will respond to your request within the timeframe required by applicable law (generally within 30-45 days). We may need to verify your identity before processing your request.