Magnate is committed to protecting your privacy and ensuring that your personal data is handled in a transparent, secure, and GDPR-compliant manner. This Privacy Policy outlines the types of data we collect, how we use it, and the rights you have.

1. Who We Are

Magnate Software Ltd., an Irish registered company, is the controller of your personal data for the purposes of the General Data Protection Regulation (GDPR). We are responsible for the collection, processing, and storage of your data when you use our Services.

2. Information We Collect

We collect several categories of data to provide, improve, and maintain the Services:
    •    Account Information: Includes name, email address, and credentials.
    •    Connected Data: Includes messages, message metadata, and attachments accessed from Gmail, Outlook, Slack, or other integrations.
    •    Usage Data: Includes IP addresses, device types, browser information, cookies, and session logs.

3. How We Use Your Data

We use the data we collect for the following purposes:
    •    To deliver and personalise the Services
    •    To manage account access and user authentication
    •    To provide customer support and respond to inquiries
    •    To perform internal analytics and monitoring
    •    To comply with legal and regulatory requirements

4. Legal Basis for Processing

Under GDPR, we rely on one or more of the following legal bases:
    •    Contractual necessity: When processing is required to deliver our Services
    •    Legitimate interests: When we analyse usage data or improve functionality
    •    Consent: When you opt-in to marketing or optional features
    •    Legal obligations: When compliance with laws is necessary

5. Data Storage & Security
    •    Data is hosted on AWS servers within the European Union.
    •    Data is encrypted in transit using HTTPS and encrypted at rest using field-level encryption.
    •    OAuth tokens for integrations are currently stored unencrypted but will be encrypted as part of our roadmap.
    •    Access controls, monitoring systems, and periodic reviews help safeguard data.

6. Data Retention
    •    We retain message content and metadata for as long as your account remains active.
    •    Users may delete their account at any time, after which data will be permanently erased from our systems within 30 days unless we are required to retain it by law.

7. Your Rights Under GDPR

You have the following rights regarding your personal data:
    •    The right to access the data we hold about you
    •    The right to rectify or update your data
    •    The right to request deletion of your data
    •    The right to restrict processing of your data
    •    The right to object to processing activities
    •    The right to data portability

8. Data Transfers
    •    Magnate does not transfer personal data outside the European Union.
    •    All processing is conducted within the EU, ensuring GDPR compliance.

9. Cookies
    •    Magnate uses cookies to facilitate login sessions, track performance metrics, and improve user experience.
    •    Users can manage or disable cookies through browser settings.

10. AI & Automation Usage Disclosure

Magnate uses AI to deliver message summaries, search, prioritisation, and task suggestions. These services are powered by the LLaMA 8B model, hosted on Groq.com, which acts as a sub-processor. Raw message content is sent to Groq for real-time processing, but Groq does not train on user data, nor does it store or cache any identifiable content.Outputs (e.g. summaries or search results) are stored in Magnate’s secure, encrypted EU-based database to improve user experience. Groq is GDPR-compliant and SOC 2 certified. All processing takes place within the European Union.

11. Contact Information

For privacy-related inquiries or to exercise your rights under this policy, please contact us:
daragh@magnatesoftware.com
Block 14, Parkmore, Galway Technology Park, Co. Galway, H91 C3XW