Privacy Policy

Last Updated: December 22, 2025

1. Introduction

Sisimaro ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered workplace assistant service.

By using Sisimaro, you consent to the data practices described in this policy. If you do not agree with this policy, please discontinue use of our Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, company name, job title, and password
  • Profile Data: Optional profile photo, bio, preferences, and settings
  • Communication Data: Messages, questions, and feedback you send to Sisimaro
  • Payment Information: Billing address and payment details (processed securely through third-party providers)
  • Workplace Content: Documents, meeting notes, calendar events, and other content you share with Sisimaro

2.2 Information Collected Automatically

  • Usage Data: How you interact with Sisimaro, features used, time spent, and queries made
  • Device Information: IP address, browser type, operating system, device identifiers
  • Log Data: Access times, error logs, and system activity
  • Cookies: Tracking technologies to remember preferences and analyze usage

2.3 Information from Third-Party Integrations

When you connect Sisimaro to workplace tools (Slack, Microsoft Teams, Google Workspace, etc.), we may access data you authorize, such as messages, files, calendar events, and contact information.

3. How We Use Your Information

We use collected information to:

  • Provide the Service: Process queries, generate responses, search knowledge bases, and deliver AI assistance
  • Personalization: Customize your experience and improve relevance of responses
  • AI Model Training: Improve our AI models using anonymized and aggregated data (with opt-out available)
  • Service Improvement: Analyze usage patterns, fix bugs, and develop new features
  • Communication: Send service updates, security alerts, and support messages
  • Security: Detect fraud, prevent abuse, and protect our systems
  • Compliance: Meet legal obligations and enforce our Terms of Service
  • Analytics: Understand user behavior and measure effectiveness

4. How We Share Your Information

We do not sell your personal information. We may share data in these circumstances:

4.1 Service Providers

We work with trusted third parties who assist with:

  • Cloud hosting and infrastructure (AWS, Google Cloud, etc.)
  • Payment processing (Stripe, etc.)
  • Analytics and monitoring
  • Customer support tools

4.2 Within Your Organization

For enterprise accounts, authorized team members and administrators may access shared knowledge, meeting notes, and analytics according to your organization's permissions.

4.3 Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect rights, safety, and security.

4.4 Business Transfers

If Sisimaro is acquired or merged, your information may be transferred to the new entity.

5. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes outlined in this policy. Specifically:

  • Account Data: Retained while your account is active and for 90 days after deletion
  • Conversation History: Retained according to your organization's settings (default: 1 year)
  • Anonymized Data: May be retained indefinitely for AI training and analytics
  • Legal/Compliance Data: Retained as required by law

6. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption in transit (TLS/SSL) and at rest (AES-256)
  • Regular security audits and penetration testing
  • Access controls and authentication (including multi-factor authentication)
  • Employee training on data protection
  • Incident response and breach notification procedures
  • SOC 2 Type II compliance (in progress)

However, no system is completely secure. We cannot guarantee absolute security but continuously work to protect your data.

7. Your Rights and Choices

Depending on your location, you may have the following rights:

7.1 GDPR Rights (EU/EEA)

  • Access: Request copies of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Opt out of data processing you previously consented to

7.2 CCPA Rights (California)

  • Know: Learn what personal information we collect and how it's used
  • Delete: Request deletion of your personal information
  • Opt-Out: Opt out of the sale of personal information (we do not sell data)
  • Non-Discrimination: Receive equal service regardless of exercising your rights

7.3 Marketing Communications

You can opt out of marketing emails by clicking "unsubscribe" in any email or updating your preferences in account settings.

7.4 AI Training Opt-Out

Enterprise customers can opt out of having their data used for AI model training. Contact us to enable this setting.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Essential Cookies: Required for authentication and security
  • Analytics Cookies: Understand usage patterns (Google Analytics, etc.)
  • Preference Cookies: Remember your settings and preferences

You can manage cookie preferences in your browser settings. Disabling cookies may limit Service functionality.

9. International Data Transfers

Sisimaro operates globally. Your data may be transferred to and processed in countries outside your jurisdiction. We use standard contractual clauses (SCCs) and other safeguards to ensure adequate protection in accordance with GDPR and applicable laws.

10. Children's Privacy

Sisimaro is not intended for children under 16 (or under 13 in the U.S.). We do not knowingly collect personal information from children. If we become aware of such collection, we will delete the data immediately.

11. Third-Party Links

Sisimaro may contain links to third-party websites or services. We are not responsible for their privacy practices. Please review their privacy policies before providing information.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or through the Service. The "Last Updated" date at the top indicates when the policy was last revised. Continued use after changes constitutes acceptance.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Sisimaro

Email: founders@sisimaro.com

14. Supervisory Authority

If you are located in the EU/EEA and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection authority.