Privacy Policy

1. OVERVIEW AND APPLICABILITY

This Privacy Policy outlines the information collection, processing, and disclosure practices of SALESVAULT TECHNOLOGIES PTE. LTD. ("SalesVault," "we," "us," or "our"). SalesVault operates a comprehensive B2B sales enablement platform designed, engineered and built exclusively for Google Workspace users. By accessing salesvault.ai, the SalesVault platform (app.salesvault.ai) , or any associated downloadable software (collectively, the "Services"), you consent to the data practices described herein.

2. DATA COLLECTION ARCHITECTURE

To deliver our modular SaaS ecosystem, we collect data through the following channels:

A. Information Provided by the User

• Account Credentials: Access is strictly limited to Google Workspace accounts; personal Gmail or third-party email providers are prohibited. We collect name, work email, title, and profile imagery via Google OAuth.
• Direct Content Uploads: We store and process files explicitly uploaded by users to our Services from their devices.
• Interaction Data: Information captured during account creation, profile edits, support requests, or testimonial submissions.
• Sensitive Personal Information: SalesVault does not knowingly collect or process "sensitive personal information" as defined by US state privacy laws (e.g., precise geolocation, genetic data, or biometric identifiers). We request that users do not upload or transmit such sensitive data through the Services.

B. Google Workspace and YouTube API Integration

Our Services maintain deep, multi-layered integration with the Google ecosystem to provide a seamless enablement experience. We request granular OAuth permissions for the following specific tools and Add-ons:

• SalesVault Chrome Extension: We provide a browser extension that requests specific permissions to facilitate social selling and content management directly within your web browser. This includes the ability to search your SalesVault Content Hub and insert Content Links directly into third-party platforms, such as LinkedIn messages or posts.
• Google Drive™ integration: To see, edit, create, and delete files in your Google Drive as required to synchronize and categorize sales assets into the SalesVault "Content Hub" and "Vaults." This access is limited to files you explicitly authorize for sync or use within our modules.
• SalesVault for Google Slides™ & Docs™ Add-on: To see, edit, create, and delete specific Google Drive files, and to insert SalesVault content and imagery directly into your presentations and documents.
• SalesVault for Google Forms™ Add-on: To view and manage form responses and automate the creation of SalesVault-enabled forms.
• SalesVault for Gmail™ Add-on: To read, compose, and send emails from your authorized account, enabling you to share Content Links and manage buyer engagement directly from your inbox.
• SalesVault for Google Chat™ & Meet™ Add-on: To create conversations and spaces in Google Chat, and to manage conference data and meeting interaction details within Google Meet.
• SalesVault for Google Sheets™ Add-on: To see, edit, create, and delete your spreadsheets in Google Sheets. This allows the Add-on to pull sales data into SalesVault Analytics, export "Vault" metadata to spreadsheets for reporting, and manage structured sales lists.
• Google Calendar & Contacts: To view and edit calendar events and download contact information to synchronize meeting schedules and buyer profiles within the SalesVault platform.
• YouTube API Services: Usage of SalesVault's Video Enablement products and features constitutes agreement to the YouTube API Terms of Service and the Google Privacy Policy.

C. Third-Party Sales Technology Integrations

To provide a unified enablement experience, SalesVault allows users to integrate the following third-party services:

• CRM (e.g., Salesforce CRM, HubSpot CRM, Pipedrive, Copper CRM, Freshsales, Zoho CRM etc.): SalesVault syncs with your CRM to extract and utilize specific deal metrics, stages, and values. This data is processed exclusively to provide automated Analytics, content-to-revenue attribution, and SalesVault ROI insights via our Analytics module. SalesVault maintains "Read-Only" access to these fields and does not edit or delete your CRM data. We also provide a CRM App to facilitate content sharing directly within your CRM deals and opportunities.
• Dropbox: We sync user-selected Dropbox folders and file content directly to the SalesVault Content Hub for organization and tagging.
• eSignature (e.g., DocuSign, Adobe eSign, Dropbox Sign, GetAccept, PandaDoc, Zoho Sign etc.): This integration enables users to prepare contracts or proposals for electronic signature and share them directly with buyers and stakeholders within a SalesVault Deal Room or Sales Proposal.
• LinkedIn: The SalesVault Chrome Extension requests permissions to facilitate social selling by allowing users to search and insert Content Links directly into LinkedIn messages or posts.
• Slack: The SalesVault Slack App facilitates the sharing of Content Links, intelligent knowledge search and the delivery of automated notifications to designated Slack channels.

D. Automated Data Acquisition

• Google Consent Mode: We utilize a Cookieless/Anonymous Google Analytics Tracking solution for users opting for restricted tracking.
• Anonymization Protocols: We generate session-specific, random clientIDs to prevent the storage of user-specific cookies while maintaining interaction visibility.
• Web & Marketing Analytics (GA4): We utilize Google Analytics 4 on our public-facing marketing website to understand traffic sources and campaign effectiveness. This data is primarily aggregated and is used to optimize our marketing reach.
• Product & Behavioral Analytics (PostHog): We utilize PostHog within the SalesVault application environment to analyze how authorized users interact with our product modules. This captures event-level data (e.g., button clicks, feature usage, and workflow paths) to help us identify friction points and improve product performance.

3. DATA PROCESSING MECHANISMS AND AI UTILITY

• SalesVault AI (Google Gemini): All AI-driven features, including auto-tagging, auto-categorization, auto-organizing, content generation, and business context understanding, are exclusively powered by the Google Gemini API.
• AI Processing Transparency: SalesVault provides various AI-enabled features within our unified ecosystem, including the Content Hub, Chrome Extension, Sales Proposals, Sales Plays, Video Enablement modules, and our suite of Google Workspace Add-ons (Gmail, Slides, Docs, Sheets, Forms, Chat, and Meet) that utilize the Google Gemini API. We do not use Customer Data to train or improve foundational AI models.
• Data Isolation and Siloed Processing: All AI processing occurs in a siloed, transactional environment. Customer Data—including information accessed via the Chrome Extension (e.g., generating a sales message or identifying context on a page) or retrieved from Gmail, Sheets, and Drive—is sent to the Gemini API, processed for a specific request and returned to the Customer’s secure environment without being incorporated into any global training set.
• Non-Persistent File and Browser Parsing: SalesVault does not store or cache actual Google Drive files or browser-based data parsed by the Chrome Extension on a permanent basis. We parse data during active sessions or sync cycles to facilitate AI auto-categorization into "Vaults" and context-aware suggestions. Files are cached temporarily only when necessary to generate secure Content Links or fulfill a specific user request.
• Expansion of Processing Logic: The non-persistent parsing and metadata-storage logic applied to Google Drive content extends universally to data accessed via all SalesVault Google Workspace Add-ons, the Chrome Extension, and content synced from Dropbox or external URLs.
• Website and Contextual Data Processing: We parse, cache, and store website data and metadata provided by the user. This data is utilized by SalesVault AI to automatically understand, categorize, and pre-populate key fields within the Services—including, but not limited to, identified business offerings, industry verticals, and product categories—to provide a personalized and context-aware user experience.
• Encryption and Storage Standards: To ensure absolute data isolation, all API calls and interactions performed through our platform, Google Workspace Add-ons, and the Chrome Extension are encrypted in transit via TLS 1.2+ or TLS 1.3. All processing occurs without persistent storage or human review by the Gemini API provider (Google).

4. STRICT GOOGLE API AND OAUTH RESTRICTIONS

In strict adherence to Google's Limited Use Requirements as per the Google API Services User Data Policy, SalesVault mandates the following for all data accessed via our Google Workspace Add-ons (including Gmail, Slides, Docs, Sheets, Forms, Chat, and Meet) and the SalesVault Chrome Extension:

• No Data Monetization: We do not sell or share Google user data with third parties for any purpose, including marketing or advertising.
• Functional Transfer Only: Data is only transferred to third parties (such as the Gemini API for processing) to provide or improve user-facing features that are prominent in the SalesVault interface and only with the user's explicit consent.
• No Extraneous Use: Google user data is never utilized for purposes outside of core application improvement or the specific functionality requested by the user.
• AI Training Prohibition: We do not use Google user data—including email content, spreadsheet data, or files accessed via our Google Workspace Add-ons and Chrome Extension—to develop, train, or improve generalized machine learning or artificial intelligence models (including foundational or frontier models).
• Google API Affirmative Disclosure: SalesVault’s use and transfer to any other app of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Our access is limited strictly to providing or improving user-facing features that are prominent in the SalesVault interface.

5. SALE OR SHARING OF PERSONAL INFORMATION

SalesVault does not "sell" your personal information to third parties for monetary consideration. Furthermore, we do not "share" (as defined under the CCPA/CPRA) your personal information with third parties for cross-contextual behavioral advertising purposes. Because we do not engage in these activities, we do not provide a "Do Not Sell or Share My Personal Information" link on our homepage. Our data transfers are limited strictly to "Functional Transfers" necessary to provide and improve the Services as described in this Policy.

6. DATA SHARING, INFRASTRUCTURE, AND SECURITY

• Google Cloud Platform (GCP) Exclusivity: The Services are hosted exclusively on GCP. Data is processed using secure services including Compute Engine, Cloud SQL, Cloud Storage, and Secret Manager.
• Enterprise Collaboration: Data may be visible to other authorized users within the Customer's organization.
• Advanced Security Protocols: We utilize Secret Manager, Cloud Key Management, and Cloud Armor to maintain a world-class security posture.

7. LEGAL BASIS FOR PROCESSING PERSONAL INFORMATION

We process your personal information (also referred to as "personal data" under international frameworks like the GDPR, UK Data Protection Act, and similar global frameworks) under the following legal bases:

• Consent (Art. 6(1)(a)): We rely on your explicit consent for GA4 marketing cookies and tracking on our public marketing site. You may withdraw this consent at any time via our cookie banner.
• Performance of a Contract (Art. 6(1)(b)): Processing is necessary to provide the core functionalities of the SalesVault platform, including:
  • The operation of all SalesVault Google Add-ons (Slides, Docs, Forms, Gmail, Chat, Meet, and Sheets) and the Chrome Extension as requested by you or your organization.
  • The secure synchronization of data between your Google Workspace, integrated CRMs (e.g., Salesforce CRM, HubSpot CRM, Pipedrive, Copper CRM, Freshsales, Zoho CRM etc.), and the SalesVault Content Hub.
• Legal Obligation (Art. 6(1)(c)): Retaining specific information, such as billing and transaction records, to comply with statutory tax, regulatory, and financial reporting requirements.
• Legitimate Interests (Art. 6(1)(f)): We process information for purposes that provide significant user value and support our business operations, including:
  • Value-Added Analytics: Providing automated ROI attribution and revenue insights based on CRM data.
  • Automated Customization: Using website and browser metadata to pre-populate industry and product categories for a seamless onboarding and product usage experience.
  • Platform Security: Maintaining audit logs and security protocols across all modules and extensions to protect the SalesVault ecosystem and prevent fraudulent activity.
  • Product Optimization & Service Improvement: Processing PostHog product analytics data to understand feature adoption, troubleshoot technical issues, and optimize the overall user experience within our siloed application environment.

Note on Your Rights: Where we rely on Legitimate Interests as a legal basis, you have the right to object to such processing at any time. To exercise this right, please contact us at info@salesvault.ai.

8. DATA SUBJECT RIGHTS AND INTERNATIONAL TRANSFERS

• Your Rights: Depending on your jurisdiction (including the EU, UK, Singapore, and California), you may have the following rights regarding your personal information:
  • (i) Access and Portability;
  • (ii) Rectification (correction);
  • (iii) Erasure (the "Right to be Forgotten");
  • (iv) Restriction of Processing;
  • (v) Objection to processing;
  • (vi) Universal Opt-Out Signals: We recognize and honor Global Privacy Control (GPC) signals sent by your browser. If our system detects a GPC signal from your browser, we will automatically apply your preference to opt-out of any non-essential data processing that qualifies as "sharing" or "targeted advertising" under applicable state laws.
• Direct Account Deletion: Individual users may permanently delete their own account at any time directly through the platform's Settings. Deletion is irreversible and results in the immediate removal of your personal identifiers from our active primary databases, subject to our residual legal and financial retention obligations (e.g., tax or audit logs).
• Exercise of Other Rights: Users may update account information via their Profile or download structured Activity Logs directly from the platform at any time. For formal restriction or manual data subject access requests (DSARs), please contact our Data Protection Officer.
• Corporate Account Governance: While individual users may delete their accounts, the Customer (the Organization) remains the Data Controller for all shared workspace data. The deletion of an individual user account does not automatically delete content that has been shared within the Customer's organization or Deal Rooms.
• International Data Transfers: SalesVault is hosted on Google Cloud Platform (GCP). By using the Services, you acknowledge that your information may be transferred to and stored in the United States or other jurisdictions where GCP facilities are located. We utilize Standard Contractual Clauses (SCCs) or other recognized transfer mechanisms to ensure your data receives an equivalent level of protection to that in your home jurisdiction.

9. DATA RETENTION AND DISPOSAL SCHEDULE

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected. Our retention periods are as follows:

• Active Account Data: Retained for the duration of the Customer's active subscription.
• Deleted User Accounts: Upon self-serve deletion or verified request, personal identifiers are purged from active production databases within 30 days.
• Financial/Billing Records: Retained for 7 years following the end of the fiscal year of the transaction to comply with statutory tax and audit obligations.
• Web Analytics (GA4): Aggregated event data is retained for 14 months per our Google Analytics configuration.
• Product Analytics Data (PostHog): Individual event-level interaction data is retained for 24 months to allow for year-over-year retention analysis, after which it is anonymized or deleted.
• System & Audit Logs: Retained for 12 months to support security monitoring and SOC 2 compliance, after which they are automatically rotated or deleted.
• Backups: Encrypted backups of production data are retained for 35 days on a rolling basis to facilit disaster recovery.

10. CONTACT AND COMPLIANCE

For inquiries regarding this Policy or our data practices, please contact our Data Protection Officer:

Preethkaran Jayaraj
SALESVAULT TECHNOLOGIES PTE. LTD.
160 Robinson Road, #14-04, Singapore Business Federation Center,
Singapore, 068914
Email: info@salesvault.ai