Privacy Policy

Last updated: December 2025

DaisyAI, LLC (“DaisyAI,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and protect information in connection with:

• Our websites, including daisymarketingteam.com and daisy-ai.com and any subdomains.

• Our web applications, SaaS platforms, and related services (collectively, the “Services”).

• Any other interactions you have with us, such as email, support, or marketing communications.

By accessing or using the Services, you agree to this Privacy Policy. If you do not agree, please do not use the Services.

1. Information we collect

We collect information in the following categories:

1.1 Information you provide to us

This may include:

• Contact details, such as name, business name, email address, phone number, and mailing address.

• Account information, such as username, password, role, and settings for your workspace or client accounts.

• Content and materials you upload or submit to the Services, including text, images, videos, and other media.

• Billing and payment-related information (processed via third‑party payment providers; we typically do not store full payment card numbers).

• Communications you send to us, such as support requests, survey responses, and feedback.

1.2 Information collected automatically

When you use the Services, we may automatically collect:

• Usage data, such as pages viewed, features used, links clicked, referring/exit pages, and timestamps.

• Device and technical data, such as IP address, browser type and version, operating system, device identifiers, and network information.

• Cookies and similar technologies data, such as session identifiers, authentication tokens, preferences, and analytics identifiers.

You can manage cookies through your browser settings, but disabling them may affect the functionality of the Services.

1.3 Information from third parties

We may receive information about you from:

• Third‑party platforms you choose to connect (for example, Google, YouTube, social networks, or other marketing tools).

• Our service providers, such as payment processors, analytics providers, and customer support tools.

• Publicly available sources, business partners, and other users who invite you into an account or workspace.

2. Google & YouTube API Services

Our Services use Google APIs, including YouTube API Services, to allow you to connect your Google and YouTube accounts and manage or publish content through our application.

By using features that rely on these integrations, you are also agreeing to be bound by the YouTube Terms of Service, available at:
https://www.youtube.com/t/terms

You should also review the Google Privacy Policy to understand how Google collects and uses your information:
https://www.google.com/policies/privacy

2.1 What Google and YouTube data we access

When you authorize our application via Google OAuth, we access only the specific types of data that are necessary to provide the features you choose to use. Depending on your configuration and the scopes you approve, this may include:

• Basic profile and account information.

• Business Profile / Google Business data (for example, locations, posts, media, and related metadata).

• YouTube channel and video information, including titles, descriptions, thumbnails, and other metadata.

• Content you choose to upload, publish, or schedule for publication to your connected accounts.

• Configuration and authorization data such as OAuth tokens and IDs required to maintain your connection.

We do not sell Google or YouTube user data, and we do not share it with third parties except as described in this Privacy Policy.

2.2 How we use Google and YouTube data

We use Google and YouTube data to:

• Provide core features such as connecting accounts, creating and scheduling posts, uploading videos, and managing metadata.

• Maintain and secure your account, including authentication, error logging, and abuse prevention.

• Improve and support the Services, including diagnostics, analytics, and product development (in a way consistent with this Policy and relevant platform rules).

We do not use YouTube API data to create user profiles for advertising beyond what is disclosed in this Policy, nor do we use such data in ways that are unrelated to your use of the Services.

2.3 How we share Google and YouTube data

We may share Google and YouTube data:

• With internal team members who need access to operate, secure, or support the Services.

• With service providers (for example, hosting, logging, analytics, security, or support tools) who process data on our behalf under contractual safeguards.

• When required by law, regulation, legal process, or to protect our rights, property, or the safety of users or others.

• In connection with a business transaction such as a merger, acquisition, or asset sale, subject to appropriate safeguards and notifications where required.

We do not sell Google or YouTube data.

2.4 Cookies and similar technologies

Our Services may use cookies, local storage, and similar technologies to:

• Keep you signed in and maintain your session.

• Remember your preferences and settings.

• Measure usage of features that integrate with Google and YouTube.

• Help protect your account and our Services (for example, by detecting unusual activity).

You may control or delete cookies via your browser, but some features—particularly those relying on Google and YouTube integrations—may not function properly if cookies are disabled.

2.5 Retention of Google and YouTube data

We retain Google and YouTube data only for as long as:

• Necessary to provide the features and Services you are actively using.

• Reasonably necessary to maintain security, prevent fraud or abuse, and support business operations.

• Required by applicable laws, regulations, or legal obligations.

In general, we store OAuth tokens and related configuration data while your account remains active and connected to our application, and for a limited period afterward for backup, logging, and security purposes. When you disconnect your Google or YouTube account, we stop using your Google/YouTube data for new processing and delete or anonymize the associated tokens and data from our active systems within approximately 30 days, unless a longer retention period is required for legal or legitimate business reasons.

2.6 Revoking access and data deletion

You can revoke our access to your Google and YouTube accounts at any time by:

• Disconnecting your Google/YouTube account within our Services (where available), and/or

• Visiting your Google Account permissions/security page (e.g., https://myaccount.google.com/permissions or https://myaccount.google.com/connections) and removing our application’s access.

Once access is revoked or your account with us is closed, we will delete or irreversibly anonymize stored Google OAuth tokens and associated Google/YouTube data from our active systems within approximately 30 days, subject to any legally required retention.

You may also contact us using the details in the “Contact Us” section to request access to or deletion of Google/YouTube data associated with your account. We will respond and act on your request in accordance with applicable law.

3. How we use other information

We use the information we collect (including personal information) to:

• Provide, operate, and maintain the Services and your account.

• Communicate with you, including responding to inquiries, providing customer support, and sending administrative messages (such as security alerts, service updates, and account notices).

• Send marketing communications about features, promotions, content, or services we believe may interest you, in accordance with applicable law and your communication preferences.

• Personalize your experience, including recommending features, content, or settings.

• Monitor and analyze usage, trends, and activities to improve the Services and develop new features.

• Detect, prevent, and address fraud, security incidents, and other harmful or unauthorized activity.

• Comply with legal obligations and enforce our agreements and policies.

4. Email and communications

We may use your email address and other contact details to:

• Send transactional or service‑related messages (for example, account confirmations, billing notices, password resets, or important updates). These are necessary to operate the Services and you generally cannot opt out of them while maintaining an active account.

• Send marketing or promotional communications, where permitted by law. You can opt out of marketing emails at any time by using the unsubscribe link in the email or by contacting us directly.

Even if you opt out of marketing emails, we may still send you non‑marketing messages related to your account and the Services.

If you invite other users or clients into our platform, you represent that you have authority to provide their contact information and that they consent to being contacted in connection with that invitation or account.

5. Legal bases for processing (EEA/UK users)

If you are located in the European Economic Area, the United Kingdom, or another jurisdiction that requires a legal basis for processing, we rely on the following legal bases:

• Performance of a contract: To provide and operate the Services you request.

• Legitimate interests: To improve and secure the Services, communicate with you about relevant features, and run our business in a reasonable and expected manner.

• Consent: For certain marketing, cookies, and integrations or processing where consent is required by law.

• Legal obligations: To comply with applicable laws, regulations, and legal processes.

You may withdraw your consent at any time where we rely on consent, but this will not affect the lawfulness of processing before withdrawal.

6. How we share information

We may share information as follows:

• Service providers: With vendors and service providers who perform services on our behalf (for example, hosting, storage, analytics, email delivery, payment processing, customer support, and security).

• Integrations and third‑party platforms: When you connect or use third‑party services (such as Google, YouTube, or other marketing platforms), data may be shared as necessary to enable the integration and in accordance with the third party’s own terms and privacy policies.

• Business transfers: In connection with a merger, acquisition, financing, reorganization, sale of assets, or similar transaction, your information may be disclosed or transferred as part of that transaction.

• Legal and safety: When we reasonably believe disclosure is necessary to comply with a law, regulation, or legal request; to protect the rights, property, or safety of DaisyAI, our users, or others; or to enforce our agreements and policies.

• With your consent: With third parties when you authorize us to do so.

We do not sell your personal information as “sale” may be defined under certain privacy laws. If this changes, we will update this Policy and provide any required notices or opt‑out mechanisms.

7. Data retention

We retain personal information for as long as:

• Your account is active or as needed to provide the Services.

• Required to comply with our legal, tax, accounting, or reporting obligations.

• Necessary to resolve disputes, enforce our agreements, and protect our rights.

When we no longer need personal information, we will delete it or anonymize it so that it can no longer reasonably identify you. Where deletion is not technically or commercially feasible (for example, in backup archives), we will securely store the information and isolate it from further processing until deletion is possible.

8. Data security

We use reasonable and appropriate technical and organizational measures to protect personal information from unauthorized access, use, disclosure, alteration, or destruction. These may include:

• Encryption in transit (for example, HTTPS/TLS).

• Access controls, authentication, and role‑based permissions.

• Logging, monitoring, and regular review of systems and infrastructure.

• Internal policies, training, and safeguards for staff and contractors.

No security measures are perfect, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and for all activities under your account.

9. Your privacy rights and choices

Depending on your location and applicable law, you may have some or all of the following rights with respect to your personal information:

• Access: Request a copy of personal information we hold about you.

• Correction: Request that we correct inaccurate or incomplete information.

• Deletion: Request that we delete personal information, subject to certain exceptions.

• Restriction/Objection: Object to or request restriction of certain processing.

• Portability: Request a copy of your data in a structured, commonly used, and machine-readable format.

• Opt out of marketing: Opt out of marketing emails and communications at any time.

To exercise these rights, please contact us using the information in the “Contact Us” section. We may ask you to verify your identity before responding. We will respond to legitimate requests within the time frame required by applicable law.

If you are located in the EEA, UK, or another jurisdiction with similar laws, you may also have the right to lodge a complaint with a supervisory authority or data protection regulator.

10. Children’s privacy

The Services are not directed to children under the age of 13 (or a higher age where required by local law), and we do not knowingly collect personal information from children. If we learn that we have collected personal information from a child without appropriate consent, we will take reasonable steps to delete it. If you believe a child has provided us with personal information, please contact us.

11. International transfers

We are based in the United States and may process and store information in the United States and other countries, which may have privacy laws that are different from those in your jurisdiction. When transferring personal information internationally, we take appropriate measures to comply with applicable data protection laws and to protect your information, including by using standard contractual clauses or other lawful transfer mechanisms where required.

12. Third‑party links and services

The Services may contain links to third‑party websites, apps, or services that are not owned or controlled by us. This Privacy Policy does not apply to those third parties, and we are not responsible for their practices. We encourage you to review the privacy policies of any third‑party services you use.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page. In some cases, we may provide additional notice (such as by email or within the Services). Your continued use of the Services after an update means you accept the revised Privacy Policy.

14. Contact us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, you can contact us at:

DaisyAI, LLC
info@daisy-ai.com

If required by law in your region, you may also have the right to contact your local data protection authority.