Privacy Notice for Little Kat

This summary provides key points from our Privacy Notice. You can find more detail about each topic in the full sections below.

What personal information do we process? We process personal information depending on how you interact with the Services, including information you provide to us, information received from Google if you sign in with Google or connect Google Calendar, information contained in scheduling-related email threads that include Little Kat, and certain technical and usage information collected automatically.

Do we process sensitive personal information? We do not intentionally process sensitive personal information.

Do we collect any information from third parties? Yes. If you sign in with Google or connect Google Calendar, we receive certain identity, authentication, and calendar information from Google. We may also receive information about participants and messages from the real email threads in which Little Kat is included.

How do we process your information? We process your information to provide, improve, and administer the Services, authenticate your account, coordinate meetings, communicate with you, protect the service, and comply with law.

When and with whom do we share personal information? We may share information with service providers such as Google, OpenAI, Mailgun, hosting providers, database providers, and analytics providers, as well as in legal or business transfer situations described below.

How do we keep your information safe? We use reasonable technical and organizational measures designed to protect personal information, but no system can guarantee perfect security.

What are your rights? Depending on where you live, you may have rights to access, correct, export, or delete personal information we maintain about you.

How do you exercise your rights? The easiest way is through our public data request page, by using our contact form, or by contacting us directly.

In short: We process your information to provide, improve, and administer the Services, communicate with you, protect the Services, and comply with law. We may also process your information for other purposes with your consent or another valid legal basis.

We process personal information for a variety of reasons, including:

• To facilitate account creation and authentication and otherwise manage user accounts.
• To deliver and facilitate delivery of services to the user.
• To respond to user inquiries and offer support.
• To send administrative information, such as updates to terms or policies.
• To enable user-to-user communications in scheduling workflows.
• To protect the Services, including fraud monitoring, abuse prevention, and security review.
• To evaluate and improve our Services, products, marketing, and user experience.
• To identify usage trends and better understand how the Services are used.
• To comply with legal obligations and respond to lawful requests.
• To authenticate users with Google and connect their Google Calendar.
• To coordinate meetings from email and calendar context, including reading thread context, checking availability, suggesting meeting times, sending scheduling replies, and creating, updating, or removing calendar events.
• To maintain case history, action logs, account memory, and connection status so users can review what happened and manage their workspace.

In short: We may share information in specific situations described in this section and with the service providers needed to operate Little Kat.

We may disclose personal information in the following situations:

• Service providers. We may share information with providers such as Google for identity and calendar access, OpenAI for scheduling analysis and draft generation, Mailgun for email delivery and routing, hosting and database providers, and analytics providers such as PostHog.
• Business transfers. We may share or transfer information in connection with a merger, sale of assets, financing, or acquisition of all or part of our business.
• Legal or security reasons. We may disclose information when reasonably necessary to comply with law, respond to legal process, investigate abuse, protect rights, or secure the Services.

We do not sell personal information to data brokers, advertisers, or information resellers, and we do not share Google user data for targeted advertising.

In short: We use cookies and similar tracking technologies to collect and store information needed to run, secure, and measure the Services.

We may use cookies and similar technologies such as web beacons, local storage, and analytics identifiers to maintain account sessions, complete the Google OAuth flow securely, reduce fraud risk, save preferences, diagnose crashes, and understand product usage.

Little Kat does not use cookies or similar technologies for targeted advertising or cross-context behavioral advertising. If analytics is enabled, we may use PostHog or similar tools to measure page visits and usage trends.

Specific information about how we use these technologies is available in our Cookie Policy.

In short: Yes. Little Kat offers products, features, or tools powered by artificial intelligence or similar technologies.

As part of the Services, we offer AI-powered scheduling features that analyze thread context, generate scheduling plans, draft replies, and help users coordinate meetings. The terms of this Privacy Notice govern your use of those AI-powered features.

In short: If you choose to sign in with Google or connect Google Calendar, we may have access to certain information about you from Google.

When you use Google sign-in, we receive certain profile information from Google such as your name, email address, account identifier, and the authentication data necessary to maintain your session. If you connect Google Calendar, we also receive the calendar information you authorize us to access.

We use that information only for the purposes described in this Privacy Notice or that are otherwise made clear to you on the Services. We do not control, and are not responsible for, Google's own use of your personal information. We recommend reviewing Google's privacy notice to understand how it handles your data.

In short: We keep your information for as long as necessary to fulfill the purposes described in this Privacy Notice unless a longer retention period is required or permitted by law.

We will keep account records, scheduling cases, audit history, connection data, logs, and other personal information for as long as reasonably necessary to operate the Services, investigate incidents, enforce agreements, and comply with applicable legal obligations.

In general, no purpose in this Notice requires us to keep personal information for longer than the period during which a user has an account with us, except where retention is reasonably necessary for backups, fraud prevention, troubleshooting, legal compliance, or similar legitimate business needs.

When we have no ongoing legitimate business need to process your personal information, we will delete or anonymize it, or if that is not possible, securely store it and isolate it from any further processing until deletion is possible.

In short: We aim to protect your personal information through a system of reasonable technical and organizational security measures.

We use security measures designed to protect the personal information we process. Those measures may include encrypted storage for sensitive credentials such as OAuth tokens, access controls, transport security, audit logging, and operational review limited to support, reliability, security, abuse prevention, and legal compliance.

However, no electronic transmission over the internet or information storage technology can be guaranteed to be one hundred percent secure, so we cannot promise or guarantee that unauthorized parties will never be able to defeat our safeguards.

In short: We do not knowingly collect data from or market to children under 18 years of age.

By using the Services, you represent that you are at least 18 years old or that you are the parent or guardian of such a minor and consent to that dependent's use of the Services. If we learn that we have collected personal information from a child under 18, we will take reasonable steps to delete that information.

If you believe we may have collected information from a child under 18, please contact us at bot@littlekat.co.

In short: Depending on where you are located, you may review, change, export, or terminate your account and may have additional privacy rights under applicable law.

Most web browsers and some mobile operating systems include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected.

Because there currently is not a uniform technology standard for recognizing and implementing DNT signals, we do not currently respond to DNT browser signals. Little Kat also does not currently honor Global Privacy Control browser signals.

If an industry or legal standard for online tracking is adopted that we must follow in the future, we will describe that practice in an updated version of this Privacy Notice.

In short: If you are a resident of certain US states, including California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have rights to access, correct, export, or delete personal information we maintain about you, and to understand how we process it.

In short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this Privacy Notice from time to time. The updated version will be indicated by an updated date at the top of this Privacy Notice. If we make material changes, we may notify you by prominently posting a notice or by contacting you directly when appropriate.

If you have questions or comments about this notice, you may contact Interstellar8, LLC by using our contact form or by emailing bot@littlekat.co.

Based on the applicable laws of your country or US state of residence, you may have the right to request access to the personal information we collect from you, details about how we process it, correction of inaccuracies, export, or deletion.

To review, update, export, or delete your personal information, please visit our data request page or manage your account through app settings.