Legal

Privacy Policy

Last updated: May 2026

What we collect

When you sign up, we collect your email address and business name. When you connect a calendar, we store an encrypted OAuth token — we never store calendar event content. When your customers interact with your ReachAI assistant, we log conversation transcripts associated with your workspace so you can review bookings.

How we use it

We use your data to operate the service: routing customer conversations to your AI assistant, reading availability from your calendar, and writing bookings back. We do not sell your data. We do not use your customer conversation data to train shared AI models.

Data storage & security

All data is stored in the United States. OAuth tokens are encrypted at rest using AES-256. Connections are encrypted in transit via TLS 1.2+. We perform regular security reviews and are working toward SOC 2 Type II certification.

Your rights

You can export or delete your workspace data at any time by emailing hello@reachaiapp.com. We will respond within 30 days. If you disconnect a calendar provider, we delete the stored token immediately.

Third-party services

We use Anthropic (Claude) for AI inference, Render for hosting, Resend for transactional email, and your chosen calendar provider (Google, Microsoft, or Calendly). Each is bound by their own privacy policies. We do not share your data with these providers beyond what is necessary to operate the service.

Contact

Privacy questions? Email hello@reachaiapp.com. We're a small team and we read every message.