Legal

Privacy Policy

Effective: June 4, 2026Last updated: June 4, 2026Version: 1.0

1. Overview

This Privacy Policy explains how Eijent (“Eijent,” “we,” “us,” or “our”) collects, uses, discloses, and protects information when you use the Eijent platform, including our website at eijent.app, our web and mobile applications, our Pulse hardware companion, and any related services (collectively, the “Service”).

Eijent is an AI-first operational platform for revenue teams, currently in private beta. By using the Service, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Service.

Eijent is operated by Eijent, Inc., a Delaware corporation, in collaboration with our sister companies Blueprint Studios and Hensley Event Resources. We act as a data controller for personal information collected through our website and as a data processor for information our customers upload or generate while using the Service.

2. Information we collect

2.1 Information you provide directly

  • Account information: name, email address, company, role, profile photo, and password (hashed). For waitlist signups, only the email address is collected.
  • Authentication credentials: when you sign in with Google, we receive your Google account identifier, email address, name, and profile picture (see Section 4).
  • Workspace content: entities, pipelines, workflows, knowledge base documents, comments, tasks, and any other content you create or upload inside Eijent.
  • Communications: any messages you send to us, including support requests, feedback, and survey responses.
  • Payment information: when applicable, billing details processed by our payment provider (Stripe). We do not store full card numbers.

2.2 Information collected automatically

  • Usage data: pages viewed, features used, click events, session duration, referring URLs, and similar product analytics.
  • Device & log data: IP address, browser type, operating system, device identifiers, timestamps, error logs, and crash reports.
  • Cookies & similar technologies: we use first-party cookies for essential session management and a limited set of analytics cookies. See our Cookie practices below.

2.3 Information from Pulse

If you use the Pulse hardware companion or the Pulse mobile app, we collect audio recordings of conversations you choose to capture, along with the date, time, and (with your permission) the approximate location of the capture. Audio is transcribed on-device for a first pass and encrypted before transmission to our servers for further enrichment. You can review, edit, redact, or delete any Pulse capture at any time.

2.4 Information from third parties

We may receive information from third-party services you connect to your Eijent workspace — including Google Workspace, Microsoft 365, Slack, calendar providers, CRM and call tools — only to the extent you authorize. See Section 4 for the specific scopes we request from Google.

3. How we use information

We use the information we collect to:

  • Provide, maintain, secure, and improve the Service;
  • Authenticate you and protect against fraud, abuse, and unauthorized access;
  • Personalize your workspace, including AI features (Copilot and custom Eijents) grounded in your Knowledge Base;
  • Communicate with you about product updates, security alerts, billing, and customer support;
  • Generate aggregated, de-identified analytics to understand and improve product performance;
  • Comply with legal obligations and enforce our Terms of Use.

We do not use your workspace content, Pulse audio, or any data accessed via Google API Services to train generalized machine-learning or AI models. AI features operate only within your workspace context.

4. Google API Services

Limited Use disclosure

Eijent’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, Eijent affirms that data received from Google APIs is used only to provide or improve user-facing features that are prominent in the Eijent user interface; is not transferred to third parties except as necessary to provide or improve the Service, comply with applicable law, or as part of a merger or acquisition; is not used for serving advertisements; and is never read by humans unless we have your affirmative agreement for specific messages, do so for security purposes, to comply with applicable law, or our use is limited to internal operations and the data has been aggregated and anonymized.

4.1 Google services we access

If you sign in with Google or connect a Google Workspace account, Eijent may request access to one or more of the following Google API scopes — only those you explicitly grant during the OAuth consent flow:

  • Sign-in (OpenID Connect): openid, email, profile — used to authenticate you, create your Eijent account, and display your name and avatar in the product.
  • Gmail (optional): gmail.readonly, gmail.send, gmail.modify — used to surface email threads against the correct Eijent Entity, draft and send follow-ups on your behalf when you instruct us to, and apply labels. We do not scan your inbox for advertising purposes.
  • Google Calendar (optional): calendar.events, calendar.readonly — used to display meetings against Entities, propose times, and create or update calendar events when you instruct us to.
  • Google Drive (optional): drive.file — used only to access files you explicitly select or that Eijent creates on your behalf. We do not request full-Drive read access.

4.2 How Google data is stored and used

  • OAuth tokens are stored encrypted at rest using industry-standard envelope encryption (AES-256 with keys managed by a dedicated KMS).
  • Google data is processed only to deliver the user-facing features described above and is never shared with any third party for advertising or analytics.
  • Google data is not used to train any machine-learning model, including those provided by third-party LLM vendors.
  • Eijent does not transfer Google user data to any third party except service providers acting on our behalf under strict data-protection agreements (see Section 5).

4.3 Revoking access

You can revoke Eijent’s access to your Google account at any time from your Google Account permissions page or from within Eijent under Settings → Connections. Revoking access immediately terminates our ability to read or write data on your behalf.

5. How we share information

We share personal information only in the following circumstances:

  • With your workspace members. Content you create inside a workspace is visible to other members of that workspace according to the access controls you configure.
  • With service providers. We use vetted third-party processors who provide hosting (Amazon Web Services), email delivery, customer support, error monitoring, payment processing (Stripe), and AI model inference. Each provider is bound by a written data-protection agreement and is permitted to use data only to provide services to us.
  • For legal reasons. We may disclose information if we have a good-faith belief that disclosure is required to comply with a law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Eijent, our users, or the public.
  • In a corporate transaction. If Eijent is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred to the successor entity, subject to the protections of this Privacy Policy.
  • With your consent. Where required by law or where you have specifically authorized a disclosure.

We do not sell personal information. We do not share data with third parties for advertising purposes.

6. Data retention

We retain personal information only as long as needed to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. Specifically:

  • Workspace content: retained for as long as your workspace is active, plus 30 days after deletion for recovery.
  • Pulse audio: retained according to your workspace settings (default: 90 days after transcription, then audio is deleted while structured signal is kept).
  • Account information: retained while your account is active; deleted within 60 days of account closure unless retention is required by law.
  • Analytics & log data: retained in identifiable form for up to 13 months, then aggregated.
  • Waitlist email addresses: retained until you ask to be removed.

7. Security

We take security seriously and use industry-standard administrative, technical, and physical safeguards to protect personal information, including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256);
  • OAuth tokens stored under envelope encryption with keys managed by a dedicated KMS;
  • On-device first-pass transcription for Pulse audio so audio never leaves your context unencrypted;
  • Role-based access controls and least-privilege principles for all employee access;
  • Continuous vulnerability scanning, dependency monitoring, and quarterly penetration testing;
  • SOC 2 Type II audit in progress; we expect to complete certification within twelve months of general availability.

No system is perfectly secure. If we become aware of a personal-data breach, we will notify affected users in accordance with applicable law.

8. Your rights & choices

Depending on where you live, you may have the following rights under applicable data protection laws (including the GDPR in the European Economic Area, the UK GDPR, and the CCPA/CPRA in California):

  • Access. Request a copy of the personal information we hold about you.
  • Correction. Ask us to correct inaccurate or incomplete information.
  • Deletion. Ask us to delete your personal information, subject to limited exceptions.
  • Portability. Receive a copy of your data in a structured, machine-readable format.
  • Restriction or objection. Ask us to restrict or stop certain types of processing.
  • Withdraw consent. Where we rely on your consent (such as for Google API access), withdraw it at any time.
  • Lodge a complaint. Contact your local data-protection authority.

To exercise any of these rights, email us at privacy@eijent.app. We will respond within 30 days.

9. International transfers

Eijent is headquartered in the United States. If you are located outside the United States, your information will be transferred to, stored in, and processed in the United States and other countries where our service providers operate. For transfers from the European Economic Area, the United Kingdom, and Switzerland, we rely on Standard Contractual Clauses approved by the European Commission and equivalent mechanisms in other jurisdictions.

10. Children’s privacy

Eijent is not directed to children under sixteen (16), and we do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us and we will delete it promptly.

11. Changes to this policy

We may update this Privacy Policy from time to time. The most current version will always be posted at this URL, with the “Last updated” date noted at the top. If we make material changes, we will notify you by email or through a prominent in-product notice at least 30 days before the change takes effect.

12. Contact us

If you have questions about this Privacy Policy or our data practices, please reach out:

Emailprivacy@eijent.app
Generalhello@eijent.app
MailEijent, Inc. · 1730 Marin Way · San Francisco, CA 94124 · USA
DPOdpo@eijent.app (EU/UK data protection inquiries)