Privacy Policy

InsideSync Pty Ltd ("InsideSync", "we", "us", or "our") is an Australian technology company that provides AI–powered software and data-integration solutions through our website at https://insidesync.ai/ (the "Site") and through our related platforms, applications and software products (collectively, the "Services").

We are committed to protecting your privacy and handling personal information responsibly in accordance with the Privacy Act 1988 of Australia, including the Australian Privacy Principles, as well as applicable international data- protection and privacy laws.

This Privacy Policy applies to all users of the Services worldwide. It explains how we collect, use, disclose and safeguard personal information, including information you provide directly, information obtained through third-party integrations and any sensitive information, such as health or wellness data, that you choose to share.

This policy also covers information we process through email, calendar and inbox integrations with providers such as Google and Microsoft. In addition, it describes how we use artificial intelligence (AI) strictly for real-time processing and never for training or improving AI models.

We use personal information to provide, maintain and enhance the Services; to process integrations you authorise; to deliver insights and AI-powered features; to tailor your user experience; to secure our systems; and to communicate with you regarding updates, support and new features. We also use personal information to comply with legal requirements and to enforce our terms and policies.

We do not use any data you provide, including personal information, sensitive information, or integration data to train, fine-tune, or improve any AI models under any circumstances.

Some personal information, such as health or wellness data, may be classified as sensitive under various data-protection laws. We treat such information with heightened safeguards. We collect sensitive information only with your informed and explicit consent, and we use it solely for the specific purposes you authorise. We do not sell sensitive information or use it for advertising.

We uphold privacy principles similar to those required by platforms such as Apple HealthKit, including minimal collection, purpose limitation and strong security protections. You may revoke permissions or delete integrations involving health or wellness data at any time.

You may choose to connect your email or calendar accounts to use certain InsideSync features. We use this information only to provide the Services you have enabled. We do not use email or calendar data for advertising, nor do we sell this information. We do not share email content with third parties except where required to operate the Services and only under strict confidentiality obligations.

We do not use Gmail or Microsoft Outlook data falling under restricted permissions to train AI models or for any purpose not essential to providing the Services.

If you choose to connect a Google account to InsideSync, we access only the information you explicitly authorise and use it solely to deliver the features you select. InsideSync complies with the Google API Services User Data Policy, including the Limited Use Policy, which restricts how data from Gmail may be handled.

We do not use data obtained from Google's restricted scopes, such as Gmail message content or associated metadata, for advertising, profiling, reselling or training AI models. Any restricted data is used exclusively to provide the requested functionality and is retained only for as long as necessary to deliver that functionality.

If you connect a Microsoft Outlook or Office 365 account, we collect and use only the information you permit through Microsoft's authentication process. We follow Microsoft's Developer Policies in how we collect, use and store this data.

We do not use data obtained from Microsoft's restricted scopes, such as message content or associated metadata, for advertising, profiling, reselling or training AI models. Any restricted data is used exclusively to provide the requested functionality and is retained only for as long as necessary to deliver that functionality.

Depending on your location, we may rely on different legal bases to process personal information. These include your consent, where processing is necessary to perform a contract with you, our legitimate interest in delivering and improving the Services, and compliance with legal or regulatory obligations. We will identify and apply the legal basis relevant to your jurisdiction.

We may share personal information with trusted third-party service providers who host, process or support the Services. These providers act under strict confidentiality and do not use your data for their own purposes, including AI model training. If you integrate Google or Microsoft accounts, information will be shared with those providers according to your permissions. We may also disclose personal information to courts, regulators or government authorities where required by law. We do not sell personal or sensitive information.

As InsideSync operates globally and relies on cloud infrastructure, your personal information may be transferred to or processed in countries outside your own. We take reasonable steps to ensure that such transfers comply with applicable data-protection laws and that the receiving parties offer safeguards equivalent to those required under the Australian Privacy Principles and other international frameworks.

We retain personal information only for as long as necessary to provide the Services, meet legal or regulatory obligations, maintain records for accounting or auditing purposes, or prevent fraud and ensure security. When you delete your account, we will delete or anonymise your personal information unless retention is required by law.

Your privacy rights depend on your location and applicable law. These rights may include the ability to access your personal information, request correction of inaccurate information, withdraw consent at any time, opt out of certain communications, delete integrations or request deletion of your personal information. We will respond to such requests in accordance with applicable legal obligations.

If you have concerns or complaints about how we handle personal information, we encourage you to contact us directly, as set forth below. We will acknowledge your request within seven days and aim to respond within thirty days. If you are located in Australia and are dissatisfied with our response, you may contact the Office of the Australian Information Commissioner. Users in other regions may have the right to contact their local data protection authority.

We use administrative, technical and organisational measures to protect your personal information. These include encryption of data during transmission and at rest, strict access controls, internal confidentiality requirements, security monitoring, audits and reviews of third-party service providers. While we strive to protect your information, no system can be guaranteed completely secure. If a security incident occurs, we will notify you in accordance with applicable legal requirements. By using the Services, you agree that we may communicate with you electronically regarding security, privacy and administrative matters.

We use cookies and similar technologies to provide essential functionality, enhance performance and conduct analytics. You may manage cookie preferences through your browser settings, though disabling certain cookies may affect the functionality of the Services.

Our Services are designed for general audiences and are not directed at children. If we discover that we have collected data from children without legally valid parental consent, we will take reasonable steps to delete it promptly.

We may update this Privacy Policy periodically to reflect changes in our Services, legal obligations or data-handling practices. When we make material changes, we will update the "Last updated" date and provide notice where required by law.