1. Overview

Phenomenon Labs, Inc. ("we," "our," or "us") operates UsefulAI, a platform that provides specialized AI tools that integrate with existing AI assistants like Claude, ChatGPT, and Microsoft Copilot. This Privacy Policy explains how we collect, use, protect, and share information when you use our service.

                    Key Points:
                    We only access data you explicitly authorize through secure OAuth connections
We do not store your passwords or credentials from third-party services
Your data is used solely to provide the AI specialist services you request
You can revoke access permissions at any time

                

By using UsefulAI, you consent to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our service.

2. Information We Collect

2.1 Account Information

When you create a UsefulAI account, we collect:

Email address
Name (optional)
Company or organization name (optional)
Password (encrypted and stored securely)
Account preferences and settings

2.2 Subscription and Billing Information

For paid subscriptions, we collect:

Billing address
Payment method information (processed securely by our payment processor)
Transaction history and invoicing details
Tax identification information where required

2.3 Service Usage Data

To provide and improve our services, we collect:

AI specialist deployment configurations
Usage metrics and interaction counts
Error logs and performance data
Feature usage analytics
Support requests and communications

2.4 Third-Party Integration Data

When you connect third-party services (Google Workspace, Microsoft 365, Salesforce, etc.), we collect:

OAuth access tokens (encrypted and securely stored)
Integration configuration settings
Data you explicitly authorize us to access from connected services
Metadata about your connected accounts (account names, organization details)

Important: We only access data from your connected services that you explicitly authorize during the OAuth authentication process. You can review and modify these permissions at any time through your account settings or directly with the third-party service provider.

2.5 Technical Information

We automatically collect:

IP address and geographic location (country/region)
Browser type and version
Device information and operating system
Referring website and navigation patterns
Timestamps of service usage

3. How We Use Your Information

3.1 Primary Service Delivery

Deploy and manage AI specialists on your behalf
Process data through your AI specialists as requested
Maintain secure connections to your authorized third-party services
Provide customer support and technical assistance
Process payments and manage your subscription

3.2 Service Improvement

Analyze usage patterns to improve AI specialist performance
Develop new features and capabilities
Optimize system performance and reliability
Conduct security monitoring and threat detection

3.3 Communication

Send service-related notifications and updates
Provide customer support responses
Share important security or policy updates
Send marketing communications (with your consent)

3.4 Legal and Compliance

Comply with applicable laws and regulations
Respond to legal requests and court orders
Protect our rights and prevent fraud
Enforce our Terms of Service

4. Data Sharing and Third Parties

4.1 Service Providers

We may share your information with trusted third-party service providers who assist in delivering our services:

Cloud Infrastructure: Hosting and computing services (AWS, Google Cloud, etc.)
Payment Processing: Secure payment handling (Stripe, PayPal, etc.)
Analytics: Service performance and usage analytics
Customer Support: Help desk and communication tools
Security: Monitoring and threat detection services

                    Service Provider Standards: All service providers are contractually required to
                    maintain the confidentiality and security of your information and may only use it for the specific
                    purposes we authorize.
                

4.2 AI Platform Integration

UsefulAI integrates with AI platforms (Claude, ChatGPT, Microsoft Copilot) to deliver specialist services. We share:

MCP (Model Context Protocol) server configurations
Specialist tool definitions and capabilities
Data necessary for AI specialist functionality

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction. We will notify you of any such change in ownership or control.

4.4 Legal Requirements

We may disclose your information when required by law or when we believe disclosure is necessary to:

Comply with legal obligations, court orders, or government requests
Protect the safety and security of our users and the public
Prevent fraud or other illegal activities
Enforce our Terms of Service or other agreements

4.5 What We Do NOT Share

We do not sell your personal information to advertisers or data brokers
We do not share your data with unauthorized third parties
We do not use your connected service data for our own business purposes beyond providing your requested services

5. Data Security

5.1 Security Measures

We implement industry-standard security measures to protect your information:

Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
Access Controls: Role-based access with multi-factor authentication required
OAuth Security: Industry-standard OAuth 2.0 for third-party integrations
Regular Audits: Ongoing security assessments and penetration testing
Incident Response: Dedicated security team with 24/7 monitoring

5.2 Infrastructure Security

SOC 2 Type II compliant infrastructure providers
Network isolation and firewalls
Regular security updates and patch management
Backup and disaster recovery procedures

5.3 Employee Access

Access to your data is strictly limited to authorized personnel who require it to provide services. All employees undergo background checks and sign confidentiality agreements.

Security Limitations: While we implement robust security measures, no system is 100% secure. We encourage you to use strong passwords and enable two-factor authentication on your account.

6. Your Rights and Choices

6.1 Account Access and Control

Access: View and download your personal information
Correction: Update or correct your account information
Deletion: Request deletion of your account and associated data
Portability: Export your data in machine-readable formats

6.2 Integration Management

Connect or disconnect third-party services at any time
Modify permissions for connected services
View and manage active AI specialist deployments
Review usage history and analytics

6.3 Communication Preferences

Opt out of marketing communications (service notifications will continue)
Choose your preferred communication channels
Set notification preferences for account activity

6.4 Regional Privacy Rights

For EU/UK Residents (GDPR):

Right to access, rectify, or erase personal data
Right to restrict or object to processing
Right to data portability
Right to lodge complaints with supervisory authorities

For California Residents (CCPA):

Right to know what personal information is collected
Right to delete personal information
Right to opt-out of the sale of personal information (we do not sell personal information)
Right to non-discrimination for exercising privacy rights

7. Data Retention

7.1 Retention Periods

Account Information: Retained for the duration of your account plus 90 days
Usage Data: Retained for 24 months for service improvement
Billing Information: Retained for 7 years for legal and tax purposes
Support Communications: Retained for 3 years
OAuth Tokens: Retained until you disconnect the integration

7.2 Deletion Process

When you delete your account or request data deletion:

Account information is deleted within 30 days
All AI specialist deployments are immediately terminated
Third-party integration tokens are revoked
Some data may be retained for legal compliance requirements

8. International Data Transfers

UsefulAI is based in the United States. If you are located outside the United States, your information may be transferred to and processed in the United States or other countries where our service providers are located.

For transfers from the European Economic Area (EEA) or United Kingdom, we ensure adequate protection through:

Standard Contractual Clauses approved by the European Commission
Adequacy decisions where applicable
Other appropriate safeguards as required by applicable law

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. When we make material changes, we will:

Notify you by email at least 30 days before the changes take effect
Post a notice on our website
Update the "Last Updated" date at the top of this policy

Your continued use of UsefulAI after the effective date constitutes acceptance of the updated Privacy Policy.

10. Contact Information

For privacy-related questions or to exercise your rights, contact us:

Phenomenon Labs, Inc.
Email: support@usefulai.ai
Mail: Phenomenon Labs Inc.
1449 S Michigan Ave STE 13239
Chicago, IL 60605

Response Time: We will respond to your privacy requests within 30 days (or as required by applicable law).