Privacy Policy

We collect and process only the information required to deliver meeting dossiers. This includes:

• Google Calendar event metadata (attendee names, email addresses, meeting titles, times, and join links)
• Optional Gmail metadata when you enable email history (subject line, sender, recipient and timestamps — never message bodies)
• Publicly available professional data such as LinkedIn profiles and company information
• Information you provide directly, such as your role, preferred talking points, or support inquiries

We do not request or store passwords. Access to Google data always occurs through Google OAuth with the scope you authorise.

We use your Google Calendar and (if enabled) Gmail metadata solely to:

• Identify upcoming meetings that include external attendees
• Create meeting dossiers, talking points, and reminders that you requested
• Send occasional product updates directly related to Chris AI

We do not use Google user data for advertising, profiling, or any secondary purpose outside the core Chris AI service.

Beyond Google data, we may also use information you provide to:

• Respond to questions, bug reports, or feature requests
• Monitor service performance, detect abuse, and maintain platform reliability
• Comply with legal obligations, enforce our Terms of Service, and protect the rights and safety of Quantana and our users

When we process personal data, we rely on the following legal bases under applicable data protection laws (such as the GDPR):

• Your consent for connecting Google services and receiving meeting dossiers
• Performance of a contract when we provide the Chris AI service you signed up for
• Legitimate interests in operating, improving, and securing our product, balanced against your privacy rights
• Compliance with legal obligations when we must retain or disclose limited data pursuant to law

We do not sell, rent, or trade Google user data. We do not share your information with third parties except trusted infrastructure vendors (such as email and cloud hosting providers) that help us deliver the service. Those vendors only receive the minimum data required to perform their contractual duties and are bound by confidentiality and security obligations.

We may disclose limited information if required by law, court order, or a valid legal process, but only after verifying the request and, where permitted, notifying you.

We protect Google user data with security procedures including encryption in transit (TLS) and encryption at rest. Access to data is restricted to authorised personnel, logging is enforced, and we monitor for unusual activity.

We retain Google Calendar and Gmail metadata only for as long as it is needed to generate dossiers or deliver updates. Temporary copies are deleted automatically once processing is complete, and you can request deletion at any time.

We regularly review our security controls, follow least-privilege access principles, and maintain a vulnerability management program. If we ever discover unauthorised access to your data, we will notify you and the appropriate regulators in accordance with applicable laws.

Quantana Pty Ltd is based in Australia and uses cloud infrastructure that may operate in multiple regions. When we transfer data outside your home jurisdiction, we do so using legally recognised safeguards such as Standard Contractual Clauses or equivalent protections to ensure your data receives the same level of protection.

We rely on carefully selected service providers to support Chris AI, including hosting platforms, email infrastructure, analytics tools, and optional enrichment partners (for example, LinkedIn data providers). These providers act as data processors on our behalf and must adhere to privacy commitments consistent with this policy.

Depending on where you live, you may have rights to access, correct, download, or delete the personal data we hold about you. You can:

• Disconnect Google access at any time from the Google security console and within Chris AI settings
• Update your preferences, including daily digest timing or disabling automated emails
• Request a copy or deletion of your data by contacting us at the email below

We will respond to all privacy requests within a reasonable timeframe and in accordance with applicable laws.

Chris AI is designed for working professionals and is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will remove the information.

We may update this Privacy Policy to reflect operational changes, regulatory requirements, or best practices. When we make material changes, we will update the “Last updated” date above and notify you via email or an in-product message where appropriate. Continued use of Chris AI after any update constitutes acceptance of the revised policy.

For any privacy concerns, data deletion requests, or general support inquiries, please get in touch with us at: