Privacy Policy
Last updated: January 20, 2025
At FuturixAI, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use Tablet.
1. Information We Collect
Account Information
When you create an account using OAuth (Google or GitHub), we collect:
| Data | Source | Purpose |
|---|---|---|
| Name | OAuth Provider | Display in app |
| Email Address | OAuth Provider | Authentication, notifications |
| Profile Picture | OAuth Provider | Avatar display |
| Phone Number | User Input (optional) | WhatsApp integration |
User Content
We store the content you create and upload, including:
- Projects, items (issues/features), and comments
- Tags and labels you create
- Files uploaded to the Credentials Vault
- WhatsApp messages sent to create tasks
- Image attachments from WhatsApp
Technical Data
For security and audit purposes, we collect limited technical data:
- IP Addresses: Logged only for credential vault access audits
- User Agent Strings: Logged only for credential vault access audits
- OAuth Tokens: Stored encrypted for authentication with third-party services
Data We Do NOT Collect
- We do not use third-party analytics or tracking services
- We do not use advertising cookies
- We do not track your browsing history
- We do not sell your data to third parties
2. How We Use Your Information
Service Provision
We use your information to:
- Authenticate your identity and maintain your session
- Display your content and enable collaboration with team members
- Synchronize data with connected GitHub repositories
- Process WhatsApp messages to create tasks
- Send email notifications for mentions, invitations, and assignments
AI Processing
When you use WhatsApp integration, your messages are processed by Google Gemini AI to:
- Extract task details (title, description, priority)
- Match messages to relevant projects
- Detect potential duplicate tasks
- Analyze attached images for context
This processing is necessary to provide the WhatsApp task creation feature. By using this feature, you consent to this processing.
Security & Audit
We log access to sensitive data (credentials vault) for security purposes. Audit logs include:
- Timestamp of access
- Type of action (viewed, downloaded, updated, deleted)
- IP address and user agent of the requester
- User who performed the action
3. Third-Party Services
We share data with the following third-party services to provide Tablet:
| Service | Purpose | Data Shared |
|---|---|---|
| Google OAuth | Authentication | Name, email, profile picture |
| GitHub OAuth | Authentication & repo sync | Name, email, profile, repository data |
| Google Gemini | Message analysis (AI) | WhatsApp message content, images |
| Twilio | WhatsApp & SMS | Phone numbers, message content |
| Resend | Email delivery | Email addresses, notification content |
| Vercel Blob | File storage | Uploaded files (images, large credentials) |
| Upstash QStash | Job queue | Internal IDs only (no personal data) |
Each of these services has their own privacy policy governing their handling of your data.
4. Data Security
Encryption
- Credentials Vault: All credentials are encrypted using AES-256-GCM with per-credential key derivation (PBKDF2, 100,000 iterations)
- OAuth Tokens: Stored encrypted at rest in our database
- Transit Security: All connections use HTTPS/TLS encryption
Access Controls
- Role-based access control for project resources
- JWT-based session tokens with secure expiration
- Webhook signature verification for GitHub and Twilio
- Rate limiting on sensitive operations (OTP verification)
5. Data Retention
Active Accounts
We retain your data for as long as your account is active. Audit logs for credential access are retained for 90 days.
Account Deletion
When you delete your account:
- All your personal data is permanently deleted
- Projects you own are deleted along with all items, comments, and credentials
- Your membership in other users' projects is removed
- OAuth tokens are revoked
- This deletion is irreversible
6. Your Rights
Access
You can access all your data through the Tablet dashboard:
- View all projects, items, and comments you've created
- Download credentials individually or in bulk (as ZIP)
- View audit logs for your credentials
Deletion
You can delete your account at any time:
- Go to Settings → Delete Account
- All your data will be immediately and permanently removed
Data Portability
You can download your credentials at any time. Full project data export is coming soon.
7. Children's Privacy
Tablet is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.
8. International Data Transfers
Your data may be processed and stored in the United States through our cloud service providers (Vercel, Google Cloud, etc.). By using Tablet, you consent to this transfer of data.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website or sending you an email. Your continued use of Tablet after changes become effective constitutes acceptance of the revised policy.
10. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at:
Email: connect@futurixai.com
Data Controller: FuturixAI