Legal

Privacy Policy

Effective date: January 2, 2026

This Privacy Policy explains how Teamate Inc. (“Teamate,” “we,” “us,” or “our”) collects, uses, shares, and protects information when you use Teamate’s website, applications, and related services (collectively, the “Services”).

1. Roles: Customer vs. Teamate

Teamate is typically used by organizations. In many cases:

  • The Customer (your organization) is the “controller” of Customer Data from Connected Workspaces.
  • Teamate acts as a “processor/service provider” for that Customer, processing Customer Data to provide the Services.

If you are using Teamate individually (not through an organization), Teamate may act as the controller for your account information.

2. Information We Collect

2.1 Account and Admin Information

  • Name, email, organization/workspace identifiers, and account settings (as provided by you or during admin setup).

2.2 Connected Workspaces Data (Customer Data)

When a Customer connects workspaces (e.g., Slack, Zoom, GitHub) Teamate may process data the Customer authorizes, such as:

  • messages and threads, meeting artifacts (titles, participants, summaries/transcripts if enabled), PRs/issues, tickets, documents, and related metadata (timestamps, authors, links, IDs).

2.3 Organizational Memory (Embeddings + Metadata)

To provide context, decision trails, and proactive insights, Teamate stores:

  • encrypted embeddings (vector representations) derived from Customer Data; and
  • supporting metadata such as timestamps, source references/URLs/IDs, relationships (e.g., decision → rationale → downstream work), and access-control attributes needed to enforce permissions.

We design Organizational Memory to be permissioned (RBAC/least privilege) and scoped to what the Customer authorizes.

2.4 OAuth Tokens and Credentials

  • OAuth tokens for Connected Workspaces (stored encrypted) to access authorized data and perform authorized actions.

2.5 Usage, Diagnostics, and Security Logs

  • device/browser info, IP address, timestamps, feature usage, error logs, audit/security events, and performance metrics.

2.6 Cookies and Similar Technologies (Website)

We use cookies or similar technologies for basic functionality, security, analytics, and preferences. You can control cookies via your browser settings (some features may not function without cookies).

3. How We Use Information

We use the information above to:

  • provide, maintain, and improve the Services;
  • connect and operate integrations and requested workflows;
  • generate Output (summaries, drafts, insights, actions) and deliver proactive follow-through;
  • store and secure Organizational Memory (embeddings + metadata);
  • enforce permissions, RBAC, and admin configurations;
  • protect against abuse, fraud, and security incidents;
  • provide customer support; and
  • comply with legal obligations.

4. How We Share Information

We do not sell your information.

We may share information with:

  • Service providers/subprocessors that help us operate the Services (e.g., cloud hosting, logging, analytics, email delivery). They are bound by confidentiality and security obligations.
  • AI model providers to generate Output (where enabled), subject to contractual safeguards.
  • Third-Party Services you choose to connect, consistent with your configuration and actions you initiate or approve.
  • Legal/Compliance: if required by law or to protect the rights, safety, and security of Teamate, Customers, or others.
  • Business transfers: in connection with a merger, acquisition, or sale of assets (we will provide notice if your data becomes subject to a different policy).

A list of subprocessors may be available upon request.

5. Security

We use industry-standard safeguards, including:

  • encryption in transit (TLS) and at rest;
  • RBAC and least-privilege access controls for Organizational Memory;
  • monitoring, logging, and security reviews; and
  • administrative controls for Customers (where available), including connector management and access revocation.

6. Data Retention and Deletion

6.1 Retention

We retain information only as long as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Retention may vary by plan and configuration.

6.2 Deletion and Uninstall

Customers can:

  • disconnect Connected Workspaces,
  • configure retention (where available), and/or
  • request deletion of Organizational Memory.

When a workspace is disconnected or the app is uninstalled, we delete or disable associated OAuth tokens promptly and handle stored memory according to the Customer’s deletion request and applicable retention needs.

To request deletion: founders@teamate.app

7. Access Controls and Privacy Choices

  • Admins control which workspaces are connected, what scope is authorized, and which users can access features.
  • Authorized Users should only access data they are permitted to access in the underlying Connected Workspaces.
  • You may have the ability to adjust approval settings (human-in-the-loop), notifications, and other controls depending on plan.

8. Legal Bases (EEA/UK)

Where applicable, we process personal data under:

  • contract necessity (to provide the Services),
  • legitimate interests (to secure and improve the Services),
  • consent (for optional communications), and
  • legal obligation (to comply with laws).

9. International Transfers

We may process data in the United States and other countries. Where required, we use recognized transfer mechanisms (e.g., Standard Contractual Clauses) and appropriate safeguards.

10. “Bring Your Memory” and VPC (Enterprise)

Enterprise plans may support customer-managed memory (“Bring Your Memory”) and/or VPC deployment. In these configurations, Organizational Memory can remain inside Customer-controlled infrastructure, reducing Teamate’s data storage footprint and keeping Customer Data within the Customer’s security boundary, depending on the chosen setup.

11. Children’s Privacy

The Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13.

12. Changes to This Policy

We may update this Policy periodically. If changes are material, we will provide reasonable notice (e.g., email to administrators or in-product notice) before changes take effect.

13. Contact

For privacy questions or requests: founders@teamate.app