Privacy Policy

usemoos, Inc. (“usemoos,” “we,” “our,” or “us”) operates an AI-powered organizational knowledge platform. This Privacy Policy explains what information we collect, why we collect it, how we use and share it, and the rights available to you. By using our services you agree to the practices described here.

1. Information We Collect

Account and Workspace Information

When you create an account we collect your name, work email address, and authentication credentials. If your organization uses an identity provider (Google Workspace, Microsoft Entra ID, or SAML SSO) we receive the profile attributes your provider shares: name, email address, and profile picture. We also store your workspace name, organization identifier, and billing contact information.

Content from Connected Integrations

usemoos indexes content from the tools you explicitly connect — such as Google Drive, Slack, GitHub, Notion, Jira, Confluence, and others. The specific content retrieved depends on the scopes you grant and your organization’s configuration. Indexed content includes document text, file metadata (titles, authors, modification timestamps), and structural information needed to answer questions accurately. We retrieve and store only what is necessary to power search and AI responses within your workspace.

Query and Conversation Data

We store the questions you ask and the AI-generated answers we return, along with the source citations used. This history powers the conversation thread experience. You may delete individual conversations or request deletion of all conversation history at any time.

Usage and Diagnostic Data

We collect information about how you interact with usemoos: features accessed, session timestamps, browser type, operating system, and IP address. We use this to monitor service health, debug issues, and understand aggregate product usage. This data is never linked to the content of your queries or documents for analytical purposes.

2. Google API Services

When you connect Google Workspace integrations (such as Google Drive), usemoos requests only the scopes required to index and search your organization’s content. The following restrictions apply to all data received from Google APIs:

• Google user data is accessed solely to build a searchable knowledge index for your workspace and to respond to your queries.
• Google user data is never used to serve advertisements or to train general-purpose AI models outside your workspace.
• We do not share Google user data with third parties except as necessary to provide the service (for example, our vector database provider stores embeddings derived from your content under equivalent data protection obligations) or when required by law.
• We do not allow humans to read Google user data unless you explicitly request support assistance, give written permission, it is required for security purposes, or we are legally compelled.
• You may revoke Google access at any time through your Google Account permissions or by disconnecting the integration within usemoos. Revoking access triggers deletion of all indexed content from that source within 30 days.

3. How We Use Information

• Providing the service: indexing your connected sources, answering queries, and returning cited AI responses within your workspace.
• Authentication and security: verifying identity, enforcing access controls, detecting abuse, and protecting accounts.
• Communications: sending account confirmations, invitation emails, security alerts, and — where you have opted in — product updates.
• Service improvement: analysing aggregate usage patterns and error rates to fix bugs and improve features. We do not use the content of your queries or indexed documents to train general-purpose AI models without explicit opt-in.
• Legal compliance: meeting obligations under applicable law and responding to lawful requests from public authorities.

4. Information Sharing

We do not sell personal information. We share information only in the following circumstances:

• Sub-processors: we engage infrastructure and AI service providers to operate the platform. Each sub-processor is bound by data protection obligations consistent with this policy. A current list of sub-processors is available in our Data Processing Agreement.
• Your organization: workspace administrators can view member activity and manage connected integrations within their workspace.
• Business transfers: in the event of a merger, acquisition, or sale of assets, personal information may be transferred to the successor entity under equivalent privacy protections.
• Legal requirements: we may disclose information when required by law, regulation, or governmental request, and when disclosure is necessary to protect the rights, property, or safety of usemoos, our customers, or the public.

5. Data Retention

We retain account information for the duration of your subscription and for up to 90 days after account closure, after which it is permanently deleted. Indexed content from connected integrations is deleted when you disconnect a source or close your account, typically within 30 days. Conversation history is retained until you delete it or close your account. Anonymised, aggregated analytics data may be retained indefinitely.

6. International Data Transfers

usemoos is headquartered in the United States. If you are located in the European Economic Area, the United Kingdom, or Switzerland, your personal data is transferred to the US under Standard Contractual Clauses approved by the European Commission, or under other appropriate transfer mechanisms as described in our Data Processing Agreement. By using our services you acknowledge this transfer.

7. Your Privacy Rights

GDPR (EEA and UK)

If you are in the European Economic Area or the United Kingdom, you have the right to: access the personal data we hold about you; rectify inaccurate data; request erasure (“right to be forgotten”); restrict or object to processing; receive your data in a portable format; and lodge a complaint with your local supervisory authority. To exercise these rights contact us at privacy@usemoos.com.

CCPA (California)

California residents have the right to know what personal information we collect, to request deletion, and to non-discrimination for exercising these rights. We do not sell personal information as defined under the CCPA. To submit a request, email privacy@usemoos.com.

8. Cookies and Tracking

We use strictly necessary cookies to maintain your session and authentication state. We may use analytics cookies — where permitted and consented — to understand aggregate product usage. We do not use advertising or cross-site tracking cookies. You can control cookie preferences through your browser settings.

9. Security

We implement technical and organisational measures to protect personal information, including encryption in transit (TLS 1.2+) and at rest (AES-256), network segmentation, least-privilege access controls, and continuous security monitoring. See our Security page for a full description of our security programme.

10. Children's Privacy

usemoos is a business-to-business service not directed at individuals under 18. We do not knowingly collect personal information from children. If you believe we have inadvertently done so, contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes we will update the effective date above and, where required by law, notify workspace administrators by email at least 30 days in advance. Continued use of the service after changes are posted constitutes acceptance of the revised policy.

12. Contact

For privacy questions, data subject requests, or concerns, contact us at: privacy@usemoos.com
usemoos, Inc.