Privacy Policy
1. Introduction
Ruby (a product of Futureproof Lab, Inc., a Delaware corporation) ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, disclose, store, and safeguard your personal information when you ("user" or "you") access or use our websites, mobile applications, and related services (collectively, the "Services").
By using or accessing our Services, you acknowledge that you have read, understood, and agree to the collection and use of your information as described in this Privacy Policy. If you do not agree with our practices, please do not use or access the Services. We encourage you to review this Privacy Policy periodically to stay informed about how we handle your personal information.
2. Scope and Applicability
This Privacy Policy applies to users in North America, including the United States and Canada, and covers the collection and processing of personal data in connection with:
Sign-in via Google (e.g., Gmail)
Sign-in via Microsoft (e.g., Outlook)
Access to Google Calendar or Microsoft Calendar data
Any other personal data you provide when signing up for or using our Services
Our data handling processes comply with applicable laws and regulations, including:
The California Consumer Privacy Act (CCPA)
Canada's Personal Information Protection and Electronic Documents Act (PIPEDA)
Delaware state laws
Relevant Google and Microsoft developer guidelines
3. Information We Collect
3.1 Account and Profile Information
Contact Details: When you sign in with Google or Microsoft, we may collect your name, email address, profile picture, and any other authorized details.
Additional Details: You may optionally provide information such as your job title or phone number
User Credentials: We store secure OAuth tokens (not passwords) to authenticate you and enable access.
3.2 Calendar Information
With your explicit permission, we may access your calendar(s) from Google or Microsoft, including:
Event titles, descriptions, times, attendees, and metadata
3.3 AI-Generated Content and Insights
Ruby generates personalized insights and sales research through AI. These insights are:
Stored securely and associated with your account
Not shared or reused for other users
Deletable at your discretion through your user settings
3.4 Usage Information
Logs of how you interact with the Services (e.g., time spent, features accessed)
Device and log data including IP address, device model, OS, browser type, access times
3.5 Cookies and Similar Technologies
We use cookies and related tools for analytics, personalization, and improving the user experience.
Users can adjust cookie preferences via browser settings or opt-out tools
4. How We Use Your Information
Service Provision
To manage your account and profile
To authenticate your sign-in via Google or Microsoft
To integrate calendar data for insights and productivity workflows
Service Improvements
To understand usage patterns and improve features
To conduct diagnostics, testing, and debugging
To guide product roadmap and user personalization
AI Insights
To generate and display AI-driven content tailored to your sales interests
These insights are retained with your profile and never reused elsewhere
Communications
To respond to support queries and product feedback
To send policy updates and operational notifications
Legal and Compliance
To comply with CCPA, PIPEDA, and Delaware law
To prevent fraud, abuse, or unauthorized access
To enforce our terms and safeguard system integrity
Legitimate Interests
To analyze aggregate, anonymized usage data
To improve our research models and platform design
5. Third-Party Integrations
Ruby integrates with select Google services, including Gmail and Google Calendar, to enhance your experience and automate parts of your sales workflow. This functionality is enabled through secure OAuth-based authentication and used for purposes such as:
Fetching your calendar availability to surface meeting context or identify optimal scheduling windows.
Allowing Ruby to generate and export draft emails directly to your connected Gmail account for sending to prospects.
We do not store or retain any content from your Gmail messages beyond the immediate session necessary to provide the feature. Similarly, we do not use any Gmail or Google Calendar data for analytics, marketing, or to train our machine learning or large language models (LLMs).
Access to your Google account is limited to the specific scopes you authorize during the OAuth consent process. You may revoke Ruby’s access at any time by visiting your Google Account Permissions.
Ruby’s use of Google APIs fully complies with the Google API Services User Data Policy, including all Limited Use requirements.
6. Disclosure of Your Information
We Do NOT:
Sell or rent your personal data to third parties
Share your insights or AI-generated research with other clients
We MAY share your data with:
Service Providers for storage, analytics, customer support (under NDA and compliance obligations)
Successor Entities in case of acquisition, merger, or restructuring
Law Enforcement or Legal Requests when required by applicable law
With Your Consent, for any case not listed above
7. Data Retention
We retain your data (including AI insights) as long as needed for legitimate business use or as required by law
You may request deletion at any time, and we will securely purge or anonymize your data
8. Data Security
We maintain industry-standard technical, physical, and administrative security measures:
TLS/SSL encryption for data in transit
Role-based access controls
Secure token-based authentication
Regular internal reviews and (where applicable) third-party assessments
No system can be guaranteed 100% secure, but we continuously invest in improving data protection
9. Children's Privacy
Our Services are not directed toward children under 13 (or under 16 in Canada). We do not knowingly collect data from minors. If notified, we will promptly delete such data.
10. Your Rights and Choices
Depending on your jurisdiction, you may have rights to:
Access or receive a copy of your data
Request corrections to inaccurate data
Request deletion ("right to be forgotten")
Withdraw consent at any time
Opt-out of sale (though Ruby does not sell data)
If you are a resident of the European Union or the United Kingdom, you may have additional rights under the General Data Protection Regulation (GDPR), including:
The right to access, correct, or delete your personal data.
The right to restrict or object to processing.
The right to data portability.
The right to withdraw consent where processing is based on consent.
Contact support@heyruby.io to exercise these rights. We may request ID verification for your protection.
11. Third-Party Links and Tools
Our Services may link to or integrate with third-party platforms (e.g., Google, Microsoft). We are not responsible for their privacy practices. Please consult their policies directly.
12. International Users
If you access our Services from outside North America, your data may be processed in the U.S. By using Ruby, you consent to this cross-border processing.
We comply with applicable data protection laws including the GDPR, where applicable. Even if you reside outside the EU, Ruby commits to upholding high standards of user privacy and data protection.
All transaction data is handled securely by Paddle, which is PCI DSS SAQ A compliant. Ruby does not store cardholder data.
13. Updates to This Privacy Policy
We may revise this Policy periodically. When we do:
We'll update the "Effective Date" above
We may notify users via email or prominent notice within the app
Continued use constitutes acceptance of the updated terms
14. Contact Us
Futureproof Lab, Inc.
support@heyruby.io
Registered in the State of Delaware, USA
Disclaimer
This Privacy Policy is provided as a general example and does not constitute legal advice. Your organization's specific practices, as well as state and federal laws, may require additional or different disclosures. Always consult with a qualified attorney or privacy professional to ensure full compliance with all applicable requirements and regulations in your jurisdiction.