Privacy Policy
Effective date: 2026-05-16
This policy explains what personal data Your Office AI processes, why, how long it is kept, and the rights you have under the EU and UK General Data Protection Regulations.
1. Who we are
The controller of your personal data is Ritter Ventures UG (haftungsbeschränkt), Bäckerbreitergang 14, 20355 Hamburg, Germany ("we", "us", "Your Office AI"). You can contact our Data Protection Officer at dpo@yoffice.ai or our privacy team at privacy@yoffice.ai.
2. What we collect
We process the following categories of personal data when you use Your Office AI:
- Identity: email address, name, profile picture, OAuth provider identifiers, and a hashed password.
- Authentication: access tokens, refresh tokens, and device identifiers used to keep you signed in.
- Membership: the organisations and groups you belong to, your role, and your group memberships.
- Content you create: chat messages, attachments, canvas documents, knowledge base files, transcripts, workflow runs, prompts, and AI responses.
- Behavioural data: audit log entries, crash reports, analytics events, and OpenTelemetry traces.
- Network data: IP address (in audit log and reverse proxy logs) and user-agent string.
3. Why we process it — lawful bases
| Purpose | Lawful basis (GDPR Art. 6) |
|---|---|
| Providing the service (sign-in, messaging, calls, AI) | Contract — Art. 6(1)(b) |
| Security, abuse prevention, audit logging | Legitimate interest — Art. 6(1)(f) |
| Tax and accounting | Legal obligation — Art. 6(1)(c) |
| Product analytics, crash reporting | Consent — Art. 6(1)(a) |
| Marketing communications | Consent — Art. 6(1)(a) |
| Using prompts to improve AI models | Consent — Art. 6(1)(a); default OFF |
4. Retention
We follow privacy-by-default retention windows. Organisation admins can shorten any of these for their workspace; they cannot extend retention beyond the platform maximum without a written agreement.
| Category | Default TTL | Notes |
|---|---|---|
| Chat messages | 365 days | Hard-deleted after the retention window. Earlier deletion available via in-app delete. |
| Meeting transcripts | 30 days | Short default due to potential sensitivity (Art. 9 special category may appear in speech). |
| Workflow run history | 90 days | Includes inputs, outputs, and node-level traces. |
| Audit log | 365 days | Actor anonymised after account deletion; raw records hard-deleted on TTL. |
| Telemetry (OTel logs) | 14 days | ClickHouse TTL; PII attributes scrubbed at collector. |
| Attachments | 365 days | Supabase Storage objects deleted alongside the parent message. |
| Account data | 30 days after deletion request | 30-day grace period with cancel-by-email; deleted from backups within 35 days. |
5. Who we share data with
We share personal data only with carefully selected sub-processors that are contractually bound to GDPR-equivalent protections. See the full sub-processor list for purposes, regions, and transfer mechanisms (Standard Contractual Clauses where applicable).
6. International transfers
Where data is transferred outside the European Economic Area (for example, to LLM providers in the United States), we rely on the European Commission's Standard Contractual Clauses (Decision 2021/914), supplemented by a transfer impact assessment and any applicable technical measures (encryption, pseudonymisation).
7. Your rights
Under GDPR you have the right to access, rectify, erase, restrict, and port your personal data, and to object to processing. You can exercise these rights from within the app (Account Settings → Privacy & data), by emailing privacy@yoffice.ai, or — for account deletion — via the dedicated Delete my account form.
You also have the right to lodge a complaint with a supervisory authority. Our lead authority is the Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI), datenschutz-hamburg.de.
8. Automated decision-making and AI
Your Office AI uses third-party large language models (currently OpenAI and Anthropic) to summarise content, suggest replies, route workflows, and generate transcripts. These features assist humans rather than make legally significant decisions automatically. You can opt out of "Use my data to improve our service" at any time in Privacy Settings; this flag is passed to providers as metadata.no_train: true where supported.
9. Children
Your Office AI is not intended for users under the age of 16. We require an age confirmation at signup and do not knowingly process data from children.
10. Changes to this policy
We will post material updates to this page and, where required, notify signed-in users in the app before the change takes effect. The "Effective date" above always reflects the current version.