CEOist — Privacy Policy

1. Who we are

CEOist ("CEOist", "we", "us", "our") is operated by [REPLACE BEFORE PUBLISH — legal entity name, ABN, registered office address]. CEOist is a chat-first AI platform that gives small business owners a team of expert AI advisors. Phase 1 ships pre-configured for Shopify store operators with a CFO Expert and an Operations Expert.

Contact for privacy enquiries: [REPLACE BEFORE PUBLISH — privacy@…].

2. Scope

This policy describes how we collect, use, and disclose information when you (the customer) sign up for and use CEOist. It applies to the web application at [REPLACE BEFORE PUBLISH — homepage URL] and the backend services that support it.

3. Information we collect

Account information — your name, email address, and authentication identifiers we receive from Clerk (our authentication provider).

Business profile — your organisation name, time zone, the business niche you select during onboarding (Phase 1: Shopify), and the Experts you instantiate from our templates.

Conversation content — the messages you exchange with your Experts, the briefings they produce, and the working / vector memory you and your Experts maintain.

Integration data — when you connect a third-party service (Shopify, Google Workspace, Microsoft 365, Zendesk, Trustpilot), we store the OAuth access and refresh tokens needed to read data on your behalf, and we cache the data the Experts use to produce briefings. Tokens are encrypted at rest with a per-tenant data encryption key wrapped by AWS KMS; they are decrypted only at the moment of use and never logged.

Audit logs — authentication events, tool invocations, approvals, admin actions, and Expert outputs. We retain these for security investigation and statutory record- keeping.

Technical information — IP address, browser/user agent, page views, error reports (via Sentry). We use this for service operation and security monitoring.

4. How we use information

• Provide the CEOist service: load your Experts, run the tasks you configure, render briefings.
• Authenticate you and enforce tenant isolation (your data is not accessible to other customers — see §7).
• Operate and improve the platform: debug errors, monitor performance and cost, evaluate Expert output quality.
• Communicate with you about your account, service status, and security matters.
• Comply with legal obligations.

5. Google user data — limited-use disclosure

CEOist's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• We use Google user data only to provide or improve user-facing features that are prominent in the CEOist application.
• We do not transfer Google user data to others except as necessary to provide or improve the user-facing features.
• We do not use Google user data for serving advertisements.
• We do not allow humans to read Google user data unless (a) we have your affirmative agreement for specific messages, (b) it is necessary for security purposes (such as investigating abuse), (c) to comply with applicable law, or (d) the data is aggregated and used for internal operations, consistent with the policy.

6. AI processing of your content

Experts call large language models (Anthropic Claude in Phase 1) to generate briefings and replies. Conversation content, integration data the Experts fetch, and memory contents are sent to the model provider as part of the prompt. Anthropic processes this data according to their data processing terms; they do not train their models on your content under our agreement.

7. Tenant isolation

Your organisation's data lives in a database row partition keyed to your organisation id, enforced by Postgres row-level security policies that run on every query. Application code cannot escape this boundary. Your data is also stored in exactly one regional "pod" (Phase 1: AWS Sydney) and never cross-replicated to another pod without your explicit consent.

8. Storage location and transfers

Customer data for the Phase-1 pod is stored in AWS region ap-southeast-2 (Sydney, Australia). Inference calls to Anthropic go to their nearest available region (currently US) — we'll bring inference in-region as soon as Anthropic supports it. We do not transfer your data to other regions unless required by law.

9. Retention

We retain your account, conversation, and integration data for as long as you have an active CEOist account. On account closure we delete personal data within 90 days, except for records we must keep for legal, financial, or security purposes (typically up to 7 years).

You can request export or deletion of your data at any time by emailing [REPLACE BEFORE PUBLISH — privacy@…].

10. Sub-processors

When you connect a third-party service (Shopify, Google, Microsoft, etc.), that provider acts as an independent processor under its own terms.

11. Your rights

Depending on where you are, you may have the right to access, correct, export, or delete your personal data, to object to processing, and to lodge a complaint with a supervisory authority (the Office of the Australian Information Commissioner for AU customers).

To exercise any of these rights, email [REPLACE BEFORE PUBLISH — privacy@…].

12. Security

We follow industry-standard practices: TLS everywhere, encryption at rest, KMS-managed keys, tenant-isolated databases, sandboxed integration service with allow-listed egress, audit logging, and documented incident response.

13. Changes

We will update this policy from time to time and notify you of material changes by email or in-product banner before they take effect.

14. Contact

[REPLACE BEFORE PUBLISH — legal entity name]
[REPLACE BEFORE PUBLISH — postal address]
Privacy enquiries: [REPLACE BEFORE PUBLISH — privacy@…]
General contact: [REPLACE BEFORE PUBLISH — support@…]