Legal
Privacy Policy
Last updated: May 17, 2026
1. What We Collect
We collect: (a) Account information — name, email, company name provided during signup; (b) Integration metadata — OAuth tokens and scopes for connected tools; (c) Usage data — how you interact with the platform; (d) Billing data — processed securely by our payment provider.
We do not store raw Slack messages, emails, or document content. We process them in memory to generate summaries, then discard the source content.
2. How We Use Your Data
Your data is used to: (a) generate your weekly Company Pulse Brief; (b) operate and improve the Service; (c) send you transactional emails and product updates; (d) comply with legal obligations.
We do not use your data to train AI models. We do not sell your data to third parties.
3. Integration Access
Sovaryn connects to third-party services (Slack, Gmail, Notion, Linear, Stripe) using read-only OAuth scopes. We request the minimum permissions required. You can revoke access at any time from your connected app settings.
4. Data Storage and Security
Data is stored on servers in India and the EU. All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Access is restricted to authorised personnel only. We follow SOC2-aligned security practices.
5. Data Retention
Account data is retained for the duration of your subscription plus 90 days after cancellation, then permanently deleted. Generated briefs are retained for 12 months unless you request earlier deletion.
6. Your Rights
You have the right to: access your data, correct inaccuracies, request deletion, export your data in machine-readable format, and withdraw consent. To exercise these rights, email privacy@sovaryn.in.
7. Cookies
We use essential cookies for session management and analytics cookies (anonymised) to understand usage. You can disable cookies in your browser settings; this may affect certain features.
8. Third-Party Services
We use Resend for transactional email and Stripe for payments. These providers have their own privacy policies and security certifications.
9. Children
The Service is not directed at children under 18. We do not knowingly collect data from minors.
10. Changes
We may update this policy. Material changes will be communicated by email 30 days before taking effect.
11. Contact
Privacy questions: privacy@sovaryn.in