Effective date: 2025-10-28

Version: 1.0

Product: DioVeo (“we”, “us”, “our”) — email organization and cleanup tools.

This Privacy Policy explains what we collect, how we use it, and the choices you have when you use our website, application, and related services (the “Service”).

1. Who we are

• Controller: Dioveo

• Address: 60 RUE FRANCOIS IER 75008 PARIS

• Privacy contact: hello@dioveo.com

2. Scope

This Policy applies to data processed when you browse our site, create an account, connect an email provider (e.g., Gmail/Google Workspace), or interact with support and product communications.

3. Data we collect

a) Account & billing

• Name, email address, password (hashed).

• Subscription status, invoices, and limited payment metadata from our payment processor (we do not store full card numbers).

b) Email integrations (Gmail / Google Workspace)

If you connect a Google account, we access data only to provide the features you enable. For example:

• Message metadata: sender, recipients, subject, date, labels, and size.

• Email classification: we analyze recent emails to determine their importance (e.g., priority, low-value, promotional, or waiting for reply) and create or update Gmail labels such as DD-To Reply, DD-Low Value, or DD-Done to help you visually organize your inbox.

• Lightweight content signals: used for classification and cleanup suggestions (e.g., newsletters, receipts, promotional messages).

• Attachment metadata: type, size, and filename, processed securely when required for search or attachment management features.

• OAuth tokens: stored encrypted with Google Cloud KMS following Google’s recommended security best practices to ensure confidentiality and integrity.

You can disconnect your Google account at any time from within Dioveo or directly in your Google Account → Security → Third-party access.

c) Product usage

• App events (clicks, views), device/browser info, IP-based coarse location (city/region), crash logs.

• Cookie/LocalStorage identifiers for sessions and preferences (see Cookies).

d) Support & feedback

• Messages you send us and any files you attach.

4. Google API disclosure (Gmail/Workspace)

Our use of Google user data complies with the Google API Services User Data Policy, including its Limited Use requirements.

4) Google API disclosure (Gmail/Workspace)

• We comply with the Google API Services User Data Policy, including Limited Use requirements.

• Gmail/Google Workspace data is accessed only to provide user-facing features (e.g., classification, cleanup suggestions, search including PDFs, and workflows).

• We do not use Google data for advertising and do not sell personal data.

• We do not transfer Google data to third parties except vetted sub-processors acting on our instructions under a DPA.

• Human access to Google data is rare, limited to security/abuse prevention or support you request, and is logged and restricted.

• We request least-privilege OAuth scopes and store OAuth tokens encrypted at rest; data is protected in transit with TLS.

• We store only minimal derived signals/metadata needed for features; attachments/content are processed only when you use features that require them and are deleted or de-identified when no longer needed.

• You can revoke access at any time in Dioveo settings or via Google Account → Security → Third-party access.

• We do not read emails for unrelated purposes and do not make automated decisions with legal or similarly significant effects.

• On disconnection or account closure, data is handled per our retention policy (see Section 10).

5. How we use data (purposes & legal bases)

• Provide & operate the Service — classify emails, display lists/boards, search emails, run workflows.

  Legal basis: Performance of a contract.

• Safety & integrity — authentication, abuse/fraud detection, troubleshooting, securing tokens, preventing misuse.

  Legal basis: Legitimate interests and/or legal obligation.

• Improve features — aggregated or de-identified metrics, performance analytics, A/B testing.

  Legal basis: Legitimate interests.

• Billing & support — payments, invoicing, tax compliance, responding to support requests.

  Legal basis: Contract / legal obligation.

• Optional updates — product tips, feature announcements, onboarding messages you opt into.

  Legal basis: Consent and/or legitimate interests (you can opt out anytime).

• Model improvement (optional) — de-identified/aggregated data to improve quality, only if you opt in.

  Legal basis: Consent.

• Your choice — You may withdraw consent at any time in settings or by emailing hello@dioveo.com.

6. AI & automated assistance

• AI models assist with classification, suggestions, and search.

• We do not make decisions with legal or similarly significant effects.

• You can review, override, or undo cleanup actions.

• We do not use your personal data to train models unless you opt in; where possible we use de-identified or aggregated data.

7. Sharing & sub-processors

We share personal data only with service providers acting on our instructions and bound by confidentiality:

• Hosting & databases: Hetzner

• Authentication & OAuth: Google

• Payments: Stripe

• Error monitoring / analytics: Grafana/Loki

• Email/support:Intercom

A current list of sub-processors is available on request at hello@dioveo.com.

We do not sell personal data.

8. International transfers

If data is transferred outside your region, we use appropriate safeguards (e.g., EU Standard Contractual Clauses) and perform transfer risk assessments.

Primary hosting region: Europe/Germany

9. Security

• TLS in transit; encryption at rest for databases and tokens.

• We are actively working toward SOC 2 Type II certification.

• Encrypted OAuth tokens; least-privilege scopes.

• Role-based access controls, audit logging, secret rotation, and backups.

• Report security issues: hello@dioveo.com.

No method is 100% secure, but we work continuously to protect your data.

10. Retention

• Account data: kept while your account is active; deleted within 30 days of closure (backups within 90 days).

• Email-derived indexes/signals: retained only as needed for features, then deleted or de-identified.

• Logs: typically 30–90 days, unless required longer for security or legal reasons.

You may request deletion at any time (see Your rights).

11. Your rights

Depending on your location, you may have the right to access, rectify, erase, restrict, port, and object to processing. You may also lodge a complaint with your local authority (e.g., CNIL in France, ICO in the UK).

California residents have rights under the CCPA/CPRA (including access and deletion). We do not sell or share personal data as defined by the CPRA.

Requests: hello@dioveo.com — we’ll verify and respond within applicable timelines.

12. Cookies & similar technologies

• Strictly necessary: authentication/session, CSRF, preferences (always on).

• Optional analytics: only with your consent; you can change choices in