Privacy Policy

Introduction

0tab (“we,” “our,” or “us”) is committed to protecting your privacy and handling customer data responsibly. This Privacy Policy explains how we collect, use, store, and safeguard information when you use the 0tab Chrome extension and related services (the “Services”).

0tab is designed as a user-authorized productivity tool. We only access third-party systems when access is explicitly granted by the user and/or their organization, in accordance with each platform's security and approval requirements.

Information We Collect

Information You Provide

Account Information

Email address and basic profile information used for account creation, authentication, and support.

Google Workspace Data (Optional)

• Gmail, Calendar, and Contacts data accessed via OAuth 2.0 based on individual user authorization.
• Vendor or administrator approval is not required unless enforced by the user's Google Workspace organization policies.
• Access is limited to approved scopes and is read-only where applicable.

Salesforce Data (Optional)

• CRM data (including Accounts, Contacts, Opportunities, and Activities) accessed via OAuth 2.0 only after authorization by the user and/or their Salesforce organization administrator, and subject to Salesforce connected-app approval, permissions, and security controls.
• Access is read-only.

Automatically Collected Information

Usage Data

Feature usage, interactions, and in-extension behavior.

Technical Data

Browser type, operating system, timestamps, and anonymized identifiers.

Performance & Diagnostic Data

Error logs and response times used solely to maintain service reliability and performance.

How We Use Your Information

We use your information to:

Provide the Services

Generate summaries, insights, reminders, and contextual assistance requested by the user.

Operate and Improve the Product

Monitor performance, fix issues, and enhance features.

Communicate with Users

Deliver service updates, security notices, and respond to support requests.

Protect the Platform

Detect fraud, prevent abuse, and maintain system security.

We do not use customer data for advertising or resale.

Authorization & Access Controls

0tab follows a least-privilege, OAuth-based access model:

Google Workspace

• Access is granted directly by the individual user via OAuth 2.0, where permitted by the platform.
• Administrative approval is required only if enforced by the organization's Google Workspace policies.

Salesforce

Access is subject to Salesforce organization-level controls, including administrator approval, connected-app policies, and permission settings.

0tab cannot and does not bypass platform-level security controls. If access is revoked at the user or organization level, 0tab immediately loses access to the associated data.

Data Storage and Security

Encryption

Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).

Data Isolation

Customer data is logically isolated by account. Users may only access their own data.

Infrastructure

Data is stored on secure, managed cloud infrastructure using industry-standard databases.

Internal Access Controls

Access to customer data is restricted to authorized personnel on a need-to-know basis.

Retention

Data is retained only while the account remains active or as required to provide the Services. Users may request deletion at any time.

Data Sharing

We do not:

• Sell personal data
• Share data with advertisers
• Use customer data to train generalized or shared AI models

We may share data only:

With User Authorization

When required to deliver an explicitly requested feature.

With Service Providers (Subprocessors)

Trusted vendors who support hosting, authentication, analytics, or AI inference, under contractual confidentiality and security obligations.

For Legal or Security Reasons

When required by law or to protect our users, rights, or systems.

AI & Automated Processing

0tab uses third-party AI APIs to generate insights and summaries.

• Only the minimum necessary context is transmitted.
• Sensitive personal data is avoided when possible.
• Customer data is not retained by AI providers for training purposes.

Your Rights

Depending on your jurisdiction, you may have the right to:

• Access your data
• Correct inaccurate data
• Delete your data
• Export your data
• Object to or restrict certain processing activities

Requests can be made by contacting support@0tab.ai.

Third-Party Services

Google Services

• Accessed via OAuth 2.0 with user consent and limited scopes.
• Google Privacy Policy: https://policies.google.com/privacy

Salesforce

• Accessed via OAuth 2.0 and subject to Salesforce organization approval and security policies.
• 0tab does not modify Salesforce data.
• Salesforce Privacy Policy: https://www.salesforce.com/company/privacy/

AI Providers

• Used strictly for inference and operational purposes.
• Customer data is not used to train public or shared models.

Cookies & Tracking

0tab uses minimal tracking:

• Session cookies for authentication
• Limited, anonymized analytics for product improvement

We do not use advertising or cross-site tracking cookies.

Children's Privacy

0tab is not intended for users under the age of 13. We do not knowingly collect data from children.

International Data Transfers

Data may be processed in countries other than your own. Appropriate safeguards are in place to protect transferred data.

Changes to This Privacy Policy

We reserve the right to update this Privacy Policy periodically. Material changes will be communicated via email or in-product notice.

Contact Information

Email: support@0tab.ai

Website: https://www.0tab.ai

Compliance & Standards

0tab is designed to align with:

• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA / CPRA)
• Google API Services User Data Policy
• Enterprise SaaS security best practices

By using 0tab, you acknowledge that you have read and understood this Privacy Policy.