Legal

Privacy Policy

Last updated: January 1, 2025

1. Introduction

ShareTeamCodes ("we", "our") is committed to protecting your privacy. This policy describes how we collect, use, and protect your personal information when you use our service.

2. Information We Collect

Account Information

When you create an account, we collect your email address, name, and organization details. For billing purposes, we collect payment information through our payment processor (Stripe).

Message Content

We receive and store SMS messages, emails, and voice transcripts sent to your provisioned profiles. This content is encrypted at rest and only accessible to authorized members of your organization.

Usage Data

We collect information about how you use ShareTeamCodes, including audit logs of actions taken, integration events, and service performance data.

3. How We Use Your Information

  • To provide and operate the ShareTeamCodes service
  • To route messages to your configured destinations
  • To maintain audit logs for security and compliance
  • To process billing and payments
  • To communicate with you about your account and the service
  • To improve and develop our service

4. Data Security

We implement robust security measures to protect your data:

  • All sensitive data is encrypted at rest using AES-256-GCM
  • Data in transit is protected with TLS 1.3
  • We use KMS envelope encryption with per-organization keys
  • Access is controlled through role-based permissions
  • Regular security audits and penetration testing

5. Data Retention

Message content is retained according to your organization's configured retention policy (default: 30 days). Audit logs are retained for a minimum of 1 year. Account information is retained as long as your account is active.

6. Data Sharing

We do not sell your personal information. We may share data with:

  • Service providers who help us operate ShareTeamCodes (e.g., cloud hosting, payment processing)
  • Integration partners (Slack, Teams) as necessary to provide the service
  • Law enforcement when required by law or to protect our rights

7. Your Rights

Depending on your location, you may have rights including:

  • Access to your personal data
  • Correction of inaccurate data
  • Deletion of your data
  • Data portability
  • Objection to processing

To exercise these rights, contact us at privacy@secureaccess.io.

8. Contact Us

For questions about this privacy policy or our data practices, please contact us at privacy@secureaccess.io.