Monogram AI, Inc. ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Monogram application ("App"), which is available exclusively through the Apple App Store.

This Privacy Policy also describes how we handle information received through Google Sign-In, which is the App's sole authentication method. Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

By using the App, you consent to the practices described in this Privacy Policy.

1. Information We Collect

1.1. Information Received Through Google Sign-In

When you authenticate using Google Sign-In, we receive the following information from your Google account, depending on the permissions you grant on the Google OAuth consent screen:

(a) Basic Profile Information: Your name, email address, and profile photo URL, as associated with your Google account. These are provided through Google's standard authentication scopes (openid, email, profile).

(b) Google Calendar Access: Google Calendar data through the https://www.googleapis.com/auth/calendar scope, used to read, schedule, and edit calendar events and to incorporate event information into the App's AI-powered responses at your direction.

We request only the minimum OAuth scopes necessary for the App to function. We do not request access to your Google account beyond the scopes listed above.

1.2. Information You Provide Directly

(a) User Content: Text, data, or other content you submit, input, or generate through the App.

(b) Communications: Content of messages you send to us for support or feedback.

(c) Feedback and Survey Data: Responses to surveys, feedback forms, or beta testing questionnaires.

1.3. Information Collected Automatically

(a) Usage Data: Information about how you interact with the App, including features used, actions taken, frequency and duration of use, and navigation patterns.

(b) Device Information: Device type, operating system and version, unique device identifiers (such as IDFV), and device settings.

(c) Log Data: IP address, access times, app crashes, and other system activity.

(d) Performance Data: App performance metrics, error logs, and diagnostic data.

2. How We Use Your Information

We use the information we collect for the following purposes:

(a) Authentication and Account Management: To verify your identity, create and manage your account, and provide access to the App through Google Sign-In.

(b) Providing and Maintaining the App: To operate, maintain, and improve the App and its features.

(c) AI Model and Service Improvement: We may use anonymized and aggregated usage data, User Content, and interaction patterns to improve our AI models, algorithms, and services This does not include Google user data. We do not use data obtained through Google APIs, including Google Calendar data, for advertising, profiling, selling data, or training generalized AI or machine learning models. We will not use your individually identifiable data to train our AI models without your explicit, separate consent. If we seek such consent, we will present a clear opt-in mechanism within the App before doing so.

(d) Product Development: To evaluate App performance, identify bugs, and develop new features based on usage patterns and Feedback.

(e) Personalization: To tailor your experience within the App, including by using information from your connected Google Calendar to build a personalized profile that helps the App provide more relevant and context-aware responses to your requests. This personalization is a core user-facing feature of the App and is performed solely to improve the quality of your individual experience.

(f) Communications: To send you service-related notices, updates, security alerts, and administrative messages.

(g) Analytics: To understand how users interact with the App and to measure feature effectiveness.

(h) Safety and Security: To detect, prevent, and address fraud, abuse, security risks, and technical issues.

(i) Legal Compliance: To comply with applicable laws, regulations, legal processes, or governmental requests.

3. Google User Data: Limited Use Disclosure

3.1. The App's use of information received from Google APIs is limited to providing and improving the App's user-facing features that are visible and prominent in the App's user interface. Specifically:

(a) We use Google user data only to respond to your direct requests (such as scheduling meetings, displaying your calendar, or providing directions to your next meeting) and to personalize the App's responses based on your calendar information, as described in Section 2(e). These are core user-facing features of the App.

(b) We do not transfer Google user data for advertising, serving ads, or ad targeting.

(c) We do not use Google user data for profiling, market research, or user analytics unrelated to the App's user-facing features.

(d) We do not sell, rent, or trade Google user data to any third party.

(e) We do not use Google user data to train, fine-tune, or improve generalized AI or machine learning models, whether or not the data has been de-identified or aggregated.

(f) We do not transfer Google user data to third parties except: (i) as necessary to provide or improve user-facing features that are prominent in the App's user interface (e.g., transmitting calendar data to an AI service provider solely to generate a response to your request); (ii) to comply with applicable laws; (iii) as part of a merger, acquisition, or asset sale, with notice to users; or (iv) for security purposes (e.g., investigating abuse).

(g) We do not allow humans to read Google user data unless: (i) we have your explicit consent; (ii) it is necessary for security purposes (e.g., investigating abuse); (iii) it is necessary to comply with applicable law; or (iv) the data is aggregated and anonymized and used for internal operations.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

(a) Service Providers: We share information with third-party service providers who perform services on our behalf (e.g., hosting, analytics, customer support, AI processing). These providers are contractually obligated to use your information only as directed by us and to protect your information.

(b) AI Processing: To deliver the App’s AI-powered features, we transmit User Content you submit through the App to third-party AI service providers for processing. The providers process your data solely to generate responses and deliver the App’s functionality on our behalf. If personal information is processed by these third-party service providers, we maintain data processing agreements with each of them that contractually require them to: (i) process our data only as directed by us and solely for the purpose of providing the services we have engaged them to perform; (ii) implement commercially reasonable technical and organizational security measures to protect your data; (iii) not sell, share, or use your personal information for their own purposes, including the training of their own AI models; and (iv) delete or return your personal information upon termination of our engagement with them, subject to any legal retention requirements. We evaluate our third-party AI service providers for their data handling practices and security posture before engaging them, and we periodically review their compliance with our contractual requirements. The specific third-party AI service providers we use may change as we develop and improve the App. For more information about the categories of third-party services the App integrates, see Section 5.

(c) Legal Requirements: We may disclose your information if required by law or in response to valid legal process (subpoena, court order, government request).

(d) Protection of Rights: We may disclose information where we believe it necessary to investigate, prevent, or act regarding potential violations of these Terms, suspected fraud, threats to safety, or as evidence in litigation.

(e) Business Transfers: If the Company is involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction. We will provide notice before your personal information becomes subject to a different privacy policy.

(f) With Your Consent: We may share your information with third parties when you have given us your consent.

5. Third-Party Services and SDKs

The App integrates third-party services that may collect or receive your information in connection with the App's functionality. These include providers of: (a) authentication services (Google Sign-In); (b) cloud hosting and infrastructure; (c) AI and machine learning processing; (d) analytics and performance monitoring; and (e) crash reporting and diagnostics. Each third-party service provider is contractually obligated to handle your data in a manner consistent with this Privacy Policy. We require that all such providers offer protections that meet or exceed the standards described herein.

6. Data Retention and Deletion

6.1. We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required by law.

6.2. Account Deletion: You may delete your account and request deletion of your associated personal data at any time by contacting us at support@monogram.ai

6.3. Google Access Revocation: You may revoke the App's access to your Google account data at any time through https://myaccount.google.com/permissions. Revoking access will prevent the App from receiving further data from your Google account but will not automatically delete data already collected. To delete previously collected data, use the account deletion process described in Section 6.2.

6.4. Upon receiving a deletion request, we will delete or anonymize your personal information within thirty (30) days, except where we are required to retain it by law. We will also direct our service providers to delete your information.

6.5. Anonymized and aggregated data that cannot be used to identify you may be retained indefinitely for analytics and product improvement, except that data derived from Google APIs (including Google Calendar) will not be retained in any form for purposes beyond providing or improving the App's user-facing features, even if de-identified.

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:

(a) Access: Request a copy of the personal information we hold about you.

(b) Correction: Request correction of inaccurate personal information.

(c) Deletion: Request deletion of your personal information (see Section 6).

(d) Opt-Out of AI Training: If we use your data for AI model training (which requires your prior consent), you may withdraw consent at any time through Settings > Privacy > AI Data Usage within the App.

(e) Data Portability: Request a copy of your data in a commonly used, machine-readable format.

(f) Restrict Processing: Request that we limit processing of your personal information in certain circumstances.

(g) Withdraw Consent: Where we rely on consent, you may withdraw it at any time.

(h) Google Account Controls: You may review, manage, and revoke the App's access to your Google account data at https://myaccount.google.com/permissions.

To exercise any of these rights, contact us at support@monogram.ai. We will respond within the timeframe required by applicable law (generally 30 to 45 days).

8. State-Specific Privacy Rights

8.1. California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act, as amended. These include the right to know what personal information we collect, the right to delete your personal information, the right to opt out of the sale or sharing of personal information (we do not sell or share your personal information as defined by California law), and the right to non-discrimination. To submit a request, contact us at support@monogram.ai.

8.2. Other U.S. State Privacy Laws

Residents of Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana, and other states with comprehensive privacy laws may have similar rights. Contact us at support@monogram.ai to exercise them.

9. Security Measures

9.1. We implement reasonable and appropriate technical and organizational measures to protect your personal information, including:

(a) Encryption of data in transit using TLS/SSL;

(b) Encryption of sensitive data at rest;

(c) Secure storage of Google OAuth tokens with appropriate access controls;

(d) Regular security assessments and vulnerability testing;

(e) Access controls limiting employee and contractor access on a need-to-know basis; and

9.2. No method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data, particularly during the Beta period when the App is under active development.

10. Children's Privacy

10.1. The App is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will delete that information promptly.

10.2. If you are a parent or guardian and believe your child has provided us with personal information, contact us at support@monogram.ai.

11. International Data Transfers

11.1. Your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. These countries may have data protection laws that differ from your jurisdiction.

11.2. By using the App, you consent to the transfer of your information to the United States and other jurisdictions as described in this Privacy Policy.

12. Changes to This Privacy Policy

12.1. We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy within the App and updating the "Last Updated" date.

12.2. Continued use of the App after changes are posted constitutes acceptance of the revised Privacy Policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy, our data practices, or the App's use of your Google account information, contact us at:

Monogram AI, Inc.

1840 Gateway Dr., Suite 400, PMB 2024

San Mateo, CA 94404

support@monogram.ai