Privacy Policy

This policy applies to all visitors and registered users of the JAZARI Jarvis service ("Service") at hellojazari.com and related applications. Third-party integrations (Google, Slack, OpenAI, etc.) are governed by their own privacy policies; we only manage the data flow you explicitly authorize.

JAZARI Jarvis acts as the data controller under GDPR and KVKK. Single point of contact for all privacy matters:

• Email: privacy@hellojazari.com
• Security reports: security@hellojazari.com

We process only the categories required to deliver the service:

• Account & profile: email, name, language, timezone, personal tone/communication preferences, working and quiet hours, role.
• Productivity content: tasks, projects, quick notes, decisions, reports you create; derived fields like AI priority scores.
• Calendar data: event title, description, attendees, organizer email, meeting URL, location, raw payload pulled from your connected calendar (scoped only to your own user).
• Connected account & token data: OAuth token references, scope grants, account label, last sync time per integration.
• Drive / file metadata: file name, MIME type, size, web URL, parent folder, modified time pulled from connected drives.
• Voice assistant data: session durations, transcripts (with consent), assistant message history, selected provider and model.
• AI & knowledge queries: query text, model output, token counts, latency, estimated cost (for billing and transparency).
• Notification data: push subscription endpoint and encryption keys, delivery statuses.
• Automation & job run logs: input/output, status, and errors of automations you trigger.
• Contextual cache: weather cache for your selected location (scoped to your user).
• Operational logs: audit log of meaningful user actions and provider usage quotas.

Every table is protected by Row-Level Security (RLS), and a database triggerenforce_row_owner_uidprevents writes by anyone other than the row's owner.

We process your data only for the following purposes and legal bases:

We do not use your data to build marketing profiles, sell to third parties, or train our AI models on your content.

To deliver the service we use subprocessors in these categories: hosting (Lovable Cloud / Supabase), edge runtime (Cloudflare Workers), connected OAuth services (Google), AI providers (OpenAI, Google Gemini), voice providers (ElevenLabs), notification & email (Slack, Resend, Web Push), and contextual data (OpenWeather, Wolfram).

The complete, current list — with each provider's purpose, data category, and location — is published on a separate Subprocessors page. When we add a new subprocessor we update that page and notify active users of material changes.

Google API services: we use your Google Calendar / Drive data only to provide user-visible features. The data is never used for ads, general model training, or read by operators — we comply with the Google API Services User Data Policy and the Limited Use requirements.

Each connection is tied to one user only. A Google account cannot be linked to another user's identity in the system. This is enforced both by RLS and by database triggers.

• Requested scopes: only the minimum scope required for the features you enable (e.g. calendar.readonly, calendar.events).
• Token storage: access and refresh tokens live in user_oauth_tokens, scoped to the user, protected by RLS + ownership trigger.
• OAuth state TTL: connection-flow oauth_state records expire after 10 minutes; protects against CSRF.
• Disconnecting: deleting an integration from the Connections page permanently removes the token record and clears that provider's cached data.

• Which providers? OpenAI and Google Gemini for chat & summarization; OpenAI Realtime and ElevenLabs for voice.
• Training: your content is not used for model training — we rely on the zero-retention policies of the OpenAI API and the Lovable AI Gateway.
• Transcript storage: voice transcripts (voice_sessions) are stored only for your account. You can disable "Store transcripts" in voice settings.
• Ephemeral credentials: voice sessions mint short-lived tokens that expire automatically.
• Deletion: assistant messages (assistant_messages) and session history can be deleted at any time.

We only use functional state:

• Auth session cookies: to keep you signed in (managed by Supabase).
• localStorage: language preference (jazari.lang) and UI settings.
• Service worker: for PWA offline behavior and push notifications.

We do not use advertising or third-party tracking cookies.

• Account data: while the account is active + 30-day soft-delete after cancellation, then permanent deletion.
• Audit log: 12 months; then anonymized or deleted.
• AI usage logs: 6 months (for billing and abuse detection).
• Voice transcripts: until you delete them; never stored if you disable transcript storage.
• OAuth tokens: until you disconnect; unused tokens auto-purged after 12 months.
• Contextual cache (weather, calendar): 7-30 days.

Our primary data hosting is in the EU (Lovable Cloud / Supabase). However, some subprocessors (OpenAI – USA, Google – global) may transfer data outside the EU. For these transfers we rely on the European Commission–approved Standard Contractual Clauses (SCCs) and the Lovable Cloud DPA framework.

You have the following rights under applicable law:

• Access: ask what data we process about you.
• Rectification: have inaccurate data corrected.
• Erasure ("right to be forgotten"): request full deletion.
• Portability: receive a machine-readable copy of your data.
• Object: object to processing based on legitimate interest.
• Withdraw consent: revoke explicit consent (e.g. transcript storage).
• Automated decision-making: right not to be subject to fully automated decisions.

We commit to responding to all requests sent to privacy@hellojazari.com within 30 days of receipt.

• Row-Level Security (RLS): every user-owned table is filtered by ownership at the database layer.
• DB ownership trigger: enforce_row_owner_uid blocks writes under another identity even if the application logic fails.
• Encryption in transit: all traffic uses TLS 1.2+.
• Server-side secrets: third-party API keys live only behind the server boundary — never sent to the browser.
• OAuth state TTL: 10 minutes.
• Audit logging: meaningful actions are recorded with immutable timestamps.
• Breach notification: upon detecting a personal data breach we notify the relevant authority and affected users within 72 hours.

JAZARI Jarvis is not directed at children under 16. We do not knowingly collect personal data from anyone under 16; if we become aware of such, the account is deleted immediately.

When we make material changes to this policy we update the "last updated" date above and notify active users by email or in-app notification. Adverse retroactive changes are announced 30 days in advance.

For questions and requests: privacy@hellojazari.com

If you live in Türkiye and are dissatisfied with our handling of your request, you have the right to file a complaint with the Personal Data Protection Authority (KVKK). If you live in the EU, you may complain to your local data protection authority.