Privacy Policy

My AI 4 Life ("we", "our", or "us") operates the Daneel AI assistant service via WhatsApp. This Privacy Policy explains how we collect, use, store, and protect your information when you use our service. By using Daneel, you agree to the practices described in this policy.

1. Information We Collect

When you use Daneel, we collect:

• Phone Number: Your WhatsApp phone number, used to identify and communicate with you.
• Messages: The content of messages you send to Daneel, used to provide the AI assistant service and maintain conversation context.
• Profile Information: Your name, language preference, timezone, and city — collected during onboarding to personalise your experience.
• Usage Data: Interaction timestamps, feature usage, and service performance metrics.
• Google Account Data (optional): If you choose to connect your Google account, we access:
  • Google Calendar: We read and write calendar events on your behalf, as directed by you through Daneel.
  • Gmail: We read, search, and send emails on your behalf, as directed by you through Daneel.
  Google account connection is optional and can be disconnected at any time. See Section 5 for details.

2. How We Use Your Information

We use your information solely to:

• Provide, personalise, and improve the Daneel AI assistant experience
• Remember context from previous conversations to enable continuity
• Send reminders, notifications, and proactive briefings you have requested
• Execute actions on connected services (calendar events, emails) as instructed by you
• Respond to your support requests
• Monitor service reliability and fix technical issues

We do not use your data for advertising, sell it to third parties, or use it to train general-purpose AI models.

3. Google API Services — Limited Use Disclosure

Daneel's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• Limited use: We only access Google data (Gmail, Calendar) to provide features you explicitly request through Daneel. We do not access, store, or process Google data for any other purpose.
• No transfer: We do not transfer your Google data to third parties except as necessary to provide the requested feature (e.g., sending a message through Gmail).
• No advertising: We do not use Google data to serve advertisements.
• No unauthorised use: We do not allow humans to read your Gmail or Calendar data unless you explicitly share it with us for support purposes, required by law, or with your consent.
• Token storage: Google OAuth tokens are encrypted at rest using AES-256 and stored only for as long as your account is active. Tokens are immediately revoked and deleted when you disconnect your Google account or stop using Daneel.

4. Data Storage and Security

We implement technical and organisational measures to protect your data:

• Encryption at rest: All stored data — including messages, profile information, and OAuth tokens — is encrypted using AES-256.
• Encryption in transit: All data transmitted between your device and our servers is protected using TLS 1.2 or higher.
• Access controls: Access to user data is restricted to authorised systems and personnel only.
• Infrastructure: Data is stored on AWS infrastructure in the EU (Stockholm, eu-north-1 region), subject to EU data protection standards.

Data Retention:

• Active accounts: Profile data and conversation history are retained while your account is active.
• On opt-out (STOP): All personal data — including profile information, conversation history, memory files, and connected Google tokens — is permanently deleted immediately upon confirmation.
• Inactive accounts: Accounts with no activity for 12 months may be automatically deleted.
• Backups: Deleted data may persist in encrypted backups for up to 30 days before permanent removal.

5. Google Account Connection

You may optionally connect your Google account to enable Calendar and Gmail features. When you do:

• We request only the minimum OAuth scopes required: calendar.events, gmail.readonly, and gmail.send.
• You can disconnect your Google account at any time by messaging Daneel "disconnect Google".
• Upon disconnection, your Google OAuth tokens are immediately revoked with Google and deleted from our systems.
• You can also revoke access directly at myaccount.google.com/permissions.

6. Data Sharing

We do not sell your personal information. We may share data only in the following limited circumstances:

• Infrastructure providers: AWS (cloud hosting and storage) and other sub-processors strictly necessary to operate the service. These providers are contractually bound to protect your data.
• AI processing: Conversation content may be processed by AI model providers (e.g., Anthropic, OpenAI, Google) solely to generate responses. These providers are subject to their own privacy policies and data processing agreements.
• Legal requirements: When required by applicable law, regulation, or valid legal process.
• Safety: To protect the rights, property, or safety of My AI 4 Life, our users, or others.

7. Your Rights

You have the following rights regarding your personal data:

• Access: Request a copy of all personal data we hold about you.
• Deletion: Request permanent deletion of your account and all associated data. Send STOP to Daneel on WhatsApp — your data will be deleted immediately upon confirmation.
• Rectification: Request correction of inaccurate personal data.
• Portability: Request an export of your data in a machine-readable format.
• Opt-out: Stop all communication and data processing at any time by sending STOP to Daneel.
• Withdraw consent: Disconnect your Google account at any time without affecting your use of the core Daneel service.

To exercise any of these rights, send STOP or HELP to Daneel on WhatsApp, or contact us directly at privacy@myai4.life. We will respond within 30 days.

8. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) and Israel, we process your data under the following legal bases:

• Contract performance: Processing necessary to provide the Daneel service you signed up for.
• Consent: For optional features such as Google Calendar and Gmail integration, and for receiving proactive messages. You may withdraw consent at any time.
• Legitimate interests: For service monitoring, security, and fraud prevention.
• Legal obligation: When required by law.

9. Children's Privacy

Daneel is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected such information, please contact us at privacy@myai4.life and we will delete it promptly.

10. International Data Transfers

Your data is stored in the EU (AWS eu-north-1, Stockholm). When processing requires transfer to AI providers outside the EU, we ensure appropriate safeguards are in place, including Standard Contractual Clauses where applicable.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated to you via WhatsApp before they take effect. The "Last updated" date at the top reflects the most recent revision. Continued use of Daneel after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

For privacy-related questions, data requests, or concerns, contact us at:

• Email: privacy@myai4.life
• WhatsApp: Send HELP to Daneel
• Company: My AI 4 Life
• Website: myai4.life