Privacy Policy

SuccesstaSuccessta

Privacy Policy

Last Updated: August 17, 2025

1. Introduction

This Privacy Policy describes how Successta ("we," "our," or "us") collects, uses, and protects your personal information when you use our AI-powered email automation service ("the Service").

2. Information We Collect

2.1 Account Information

  • Email address and authentication credentials
  • Profile information (name, preferences)
  • SMTP/IMAP configuration settings
  • Usage preferences and settings

2.2 Email Data

  • Email content processed by your agents
  • Email metadata (sender, recipient, timestamps)
  • Email processing logs and status information
  • Agent interaction history

2.3 Usage Data

  • Service usage statistics and analytics
  • Agent performance metrics
  • API call logs and frequency
  • System interaction logs

2.4 Technical Data

  • IP addresses and device information
  • Browser type and version
  • Session information and cookies
  • Error logs and diagnostic data

3. How We Use Your Information

3.1 Service Provision

  • Creating and managing your AI email agents
  • Processing and routing emails through the system
  • Generating AI-powered email responses
  • Providing real-time status updates and notifications

3.2 Service Improvement

  • Analyzing usage patterns to improve the Service
  • Debugging and resolving technical issues
  • Developing new features and capabilities
  • Monitoring system performance and security

3.3 Communication

  • Sending service-related notifications
  • Providing customer support
  • Informing you about updates and changes
  • Responding to your inquiries

4. Information Sharing and Disclosure

4.1 Third-Party Services

We share data with third-party services necessary for operation:

OpenAI Integration

  • Email content is processed by OpenAI models for AI response generation
  • Data processing is subject to OpenAI's privacy policies
  • We implement measures to minimize data exposure

Supabase (Database)

  • User data is stored in Supabase with Row Level Security
  • All data access is authenticated and authorized
  • Data is encrypted in transit and at rest

MCP Servers

  • Limited data may be shared with MCP servers for tool functionality
  • Only necessary data for specific tool operations is shared
  • External MCP servers have their own privacy policies

4.2 Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal processes or government requests
  • Protect our rights, property, or safety
  • Prevent fraud or abuse of the Service
  • Enforce our Terms of Service

5. Data Security

5.1 Security Measures

  • All data transmission uses encryption (HTTPS/TLS)
  • Database access is protected with authentication and RLS
  • Regular security audits and monitoring
  • Secure email handling protocols (IMAP/SMTP over SSL/TLS)

5.2 Access Controls

  • User data is isolated using Row Level Security policies
  • Administrative access is logged and monitored
  • Multi-factor authentication for administrative accounts
  • Regular access reviews and credential rotation

6. Data Retention

6.1 Retention Periods

  • Account data: Retained while your account is active
  • Email logs: Retained for operational and debugging purposes
  • Usage analytics: Aggregated data may be retained indefinitely
  • System logs: Retained for security and performance monitoring

6.2 Data Deletion

  • You can request account deletion through account settings
  • Email data is removed within 30 days of account deletion
  • Some aggregated analytics may be retained for service improvement
  • Legal requirements may extend certain retention periods

7. Your Rights and Choices

7.1 Data Access and Control

  • View and update your account information
  • Access your email processing history
  • Download your data through the Service interface
  • Configure privacy settings and preferences

7.2 Communication Preferences

  • Opt out of non-essential communications
  • Control notification settings
  • Manage email processing preferences
  • Set agent behavior and response parameters

8. Cookies and Tracking

8.1 Cookies We Use

  • Authentication cookies for session management
  • Preference cookies for user settings
  • Analytics cookies for service improvement
  • Security cookies for fraud prevention

8.2 Cookie Management

  • You can control cookies through browser settings
  • Disabling cookies may affect Service functionality
  • We respect Do Not Track signals where applicable

9. International Data Transfers

  • Data may be processed in different jurisdictions
  • We ensure adequate protection for international transfers
  • EU users are protected under GDPR provisions
  • Data processing agreements are in place with third parties

10. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child, please contact us immediately.

11. California Privacy Rights (CCPA)

California residents have additional rights under the CCPA:

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt out of the sale of personal information
  • Right to non-discrimination for exercising privacy rights

12. European Privacy Rights (GDPR)

EU users have rights under GDPR including:

  • Right of access to personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to object to processing

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via:

  • Email notification to your registered address
  • Prominent notice in the Service interface
  • Updated "Last Modified" date at the top of this policy

14. Contact Information

If you have questions about this Privacy Policy or your personal data, please contact us:

  • Through the Service's support interface
  • Via email at our published support address
  • Through our official communication channels

By using Successta, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and use of your information as described herein.