Privacy Policy

We are committed to protecting your privacy and handling your data responsibly. This policy explains how we collect, use, and protect your information.

This Privacy Policy is between you and Sujar Tech LLC, doing business as Fyxture.

1. Information We Collect

1.1 Account Information — We collect your email and encrypted password, and optionally your name and organization.

1.2 Uploaded Documents — Documents are processed automatically; no human reviews unless you request support. Stored securely and retained unless you delete them.

1.3 Usage Data — We collect pages visited, features used, and session timing to improve the Service.

1.4 Calendar Integration Data — If you choose to connect your Google Calendar or Outlook Calendar, we access calendar events only to sync contract deadlines. We request read, write, and delete permissions to create, update, and remove calendar events that correspond to your contract deadlines. We do not access any other calendar data beyond what is necessary for this functionality.

2. How We Use Your Information

Provide and improve the Service; process contracts; send service communications; ensure security; comply with legal obligations.

2.1 Calendar Integration — Google Calendar and Outlook Calendar data is used solely to sync contract deadlines to your calendar. We create calendar events for contract dates (inspection deadlines, financing deadlines, closing dates, etc.), update them when you modify dates in Fyxture, and delete them when you remove deadlines. This data is used exclusively to provide and improve the calendar synchronization feature. We do not use calendar data for any other purpose, including advertising or selling to third parties.

3. Data Storage and Security

Data is encrypted in transit and at rest. Stored via Supabase (SOC 2 Type II). Access is restricted to authorized personnel.

3.1 Calendar Integration Security — Calendar access tokens are encrypted and stored securely. We use industry-standard OAuth 2.0 protocols for authentication. Calendar data transmitted between Fyxture and Google/Microsoft APIs is encrypted using HTTPS/TLS. We implement access controls to ensure only authorized systems can access calendar integration tokens, and these tokens are never exposed in client-side code or logs.

4. Document Confidentiality

Do not upload confidential information you are not authorized to share. By uploading, you represent that you have rights to the document.

5. AI Processing

5.1 Documents are analyzed using AI/ML models. 5.2 Anonymized, aggregated data may improve models; documents are not shared for external training. 5.3 Processing is automated; human review only if you request support.

6. Data Retention

6.1 Account data retained while active. 6.2 Documents/results retained until deletion or account closure. 6.3 Upon account deletion, data is removed within 30 days unless required by law.

6.4 Calendar Integration Data — Calendar access tokens are stored securely and retained only while your calendar is connected. When you disconnect your calendar or delete your account, we immediately revoke access tokens and delete all stored calendar integration data. Calendar events created by Fyxture remain in your calendar until you manually delete them, but we no longer have access to modify or delete them after disconnection.

7. Your Rights

Access, correction, deletion, portability, objection to certain processing.

8. Third-Party Services

Supabase (database/auth), OpenAI/Anthropic (AI analysis per their policies), Vercel (hosting).

8.1 Google Calendar Integration — When you connect Google Calendar, we use Google OAuth 2.0 to securely authenticate and access your calendar. We only access calendar events necessary for syncing contract deadlines. Calendar data is transmitted securely and stored only as necessary to maintain the sync functionality. You can disconnect Google Calendar at any time in Account settings, which will revoke our access and stop all calendar synchronization.

8.2 Outlook Calendar Integration — When you connect Outlook Calendar, we use Microsoft OAuth 2.0 to securely authenticate and access your calendar. We only access calendar events necessary for syncing contract deadlines. Calendar data is transmitted securely and stored only as necessary to maintain the sync functionality. You can disconnect Outlook Calendar at any time in Account settings, which will revoke our access and stop all calendar synchronization.

8.3 Data Sharing with Calendar Providers — We do not sell, rent, or share your Google Calendar or Outlook Calendar data with third parties. Calendar data is only shared with Google or Microsoft as necessary to provide the calendar synchronization feature through their respective APIs. We do not transfer calendar data to third parties for reasons other than providing or improving the application's calendar synchronization functionality.

9. Cookies

We use essential cookies for authentication/session management; no tracking cookies for advertising.

10. Children's Privacy

Not intended for children under 18; we do not knowingly collect their data.

11. Changes to This Policy

We may update this policy and will notify you of significant changes.

12. Contact Us

For privacy inquiries, contact contact@fyxture.com.