Legal

Privacy Policy

How ForceTeam.AI collects, uses, and protects personal data when you use ForceAI.

Last updated: June 8, 2026

Introduction

[Your Legal Entity Name, Inc.] ("ForceTeam.AI", "we", "us", or "our") operates ForceAI, an AI-powered Salesforce automation platform available at https://forceteam.ai. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when you visit our website, create an account, connect a Salesforce org, upload meeting transcripts, or otherwise use our services (collectively, the "Services").

We are committed to protecting your privacy and handling personal data in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the UK GDPR, and other relevant privacy frameworks. This policy is designed to be transparent and readable while meeting enterprise compliance expectations.

By using the Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not use the Services.

Data controller & contact

For the purposes of applicable data protection law, [Your Legal Entity Name, Inc.] is the data controller responsible for your personal data processed through the Services.

Registered address: [Street Address], [City, State/Province, Postal Code], [Country].

Data Protection Officer / Privacy inquiries: [email protected] (or [email protected] if no DPO is appointed).

Information we collect

We collect information you provide directly, information generated through your use of the Services, and limited information from third-party integrations you authorize.

Account & profile information

When you register or sign in (including via Salesforce OAuth), we may collect:

  • Name, email address, job title, and company name
  • Authentication identifiers and session tokens
  • Workspace, team, and role assignments within the platform
  • Profile preferences and notification settings

Salesforce & org connection data

When you connect a Salesforce org, we process metadata and configuration data necessary to deliver the Services. Depending on your configuration and permissions, this may include:

  • Org identifiers, instance URLs, and API versions
  • Schema metadata (objects, fields, flows, permission sets, etc.)
  • Deployment and validation results
  • OAuth tokens stored using industry-standard encryption (we do not store Salesforce passwords)

Meeting & transcript data

If you upload transcripts, paste meeting notes, or connect meeting AI assistants, we process the content you submit to extract requirements and generate work items. You control what content is submitted.

Usage & analytics data

We automatically collect technical and usage information to operate, secure, and improve the Services, such as:

  • IP address, browser type, device identifiers, and operating system
  • Pages viewed, features used, clicks, and session duration
  • Error logs, performance metrics, and diagnostic events
  • Approximate location derived from IP address

Payment & billing data

If you purchase a paid subscription, payment card and billing details are processed by our third-party payment processor. We receive limited billing information (e.g., last four digits, billing address, transaction status) but do not store full payment card numbers on our servers.

Communications

If you contact support, sales, or security teams, we retain the content of those communications and associated metadata.

How we use your information

We use personal data only where we have a lawful basis, including contract performance, legitimate interests, consent, and legal obligation.

  • Provide, maintain, and improve the Services
  • Authenticate users and manage accounts and workspaces
  • Process meeting transcripts and generate Salesforce-related outputs you request
  • Connect to and interact with your authorized Salesforce orgs
  • Process subscriptions, invoices, and payment-related communications
  • Monitor usage, troubleshoot issues, and prevent fraud or abuse
  • Send service announcements, security alerts, and administrative messages
  • Comply with legal obligations and enforce our Terms of Service
  • Analyze aggregated, de-identified usage trends to improve product quality

Cookies & similar technologies

We use cookies and similar technologies to keep you signed in, remember preferences, measure product usage, and protect against malicious activity.

Types of cookies we use

  • Strictly necessary — required for authentication, security, and core functionality
  • Functional — remember settings such as theme and locale
  • Analytics — help us understand how the Services are used (e.g., page views, feature adoption)

Your choices

You can control non-essential cookies through your browser settings and, where available, our cookie preference controls. Disabling certain cookies may limit functionality. We honor applicable opt-out signals where required by law.

Third-party services

We use carefully selected subprocessors and integrations to deliver the Services. These providers process data only on our instructions and under contractual data protection obligations.

  • Cloud infrastructure and hosting providers
  • Authentication and identity services
  • Payment processors for subscription billing
  • Analytics and error monitoring tools
  • Customer support and email delivery platforms
  • Meeting/recording integrations you explicitly connect (e.g., AI meeting providers)
  • AI model providers used to process transcripts and generate outputs (subject to contractual use restrictions)

Salesforce

When you authorize a Salesforce connection, your use of Salesforce is also governed by Salesforce's own privacy policy and terms. We access only the scopes you approve.

When we disclose information

We do not sell your personal data. We may share information in the following circumstances:

  • With service providers acting on our behalf under data processing agreements
  • With your organization administrators when you use a team or enterprise workspace
  • To comply with law, regulation, legal process, or governmental request
  • To protect the rights, property, or safety of our users, the public, or ForceTeam.AI
  • In connection with a merger, acquisition, financing, or sale of assets (with notice where required)
  • With your consent or at your direction

Security measures

We implement administrative, technical, and organizational safeguards designed to protect personal data, including encryption in transit (TLS 1.2+), encryption at rest for sensitive data, access controls, audit logging, and regular security reviews.

No method of transmission or storage is completely secure. We encourage you to use strong passwords, enable available security controls, and promptly report suspected incidents to our security team.

For more detail, see our Security page at /security.

Data retention

We retain personal data only as long as necessary for the purposes described in this policy, unless a longer period is required or permitted by law.

  • Account data — retained while your account is active and for a reasonable period afterward
  • Transcript and project data — retained according to your workspace settings and product configuration
  • Billing records — retained as required for tax and accounting obligations
  • Security logs — retained for a defined period to investigate incidents and meet compliance needs

Deletion

You may request deletion of certain data subject to applicable exceptions (e.g., backup retention, legal holds, or data needed to resolve disputes). Deletion requests can be submitted to the contact details below.

Your privacy rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access — request a copy of personal data we hold about you
  • Rectification — request correction of inaccurate or incomplete data
  • Erasure — request deletion in certain circumstances
  • Restriction — request limited processing in certain circumstances
  • Portability — receive data in a structured, commonly used format where applicable
  • Objection — object to processing based on legitimate interests or direct marketing
  • Withdraw consent — where processing is based on consent
  • Lodge a complaint — with your local supervisory authority

How to exercise your rights

Submit requests to [email protected]. We may verify your identity before responding. We aim to respond within the timeframes required by applicable law (typically 30 days under GDPR).

International data transfers

We may process and store information in countries other than your own. Where personal data is transferred outside the European Economic Area, United Kingdom, or other regions with transfer restrictions, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs), supplementary measures, and vendor due diligence.

You may request additional information about transfer mechanisms by contacting our privacy team.

Children's privacy

The Services are not directed to individuals under 16 years of age (or the minimum age required in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us and we will take appropriate steps to delete it.

Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the Services, email, or a prominent notice on our website. The "Last updated" date at the top indicates when this policy was last revised. Continued use after changes become effective constitutes acceptance of the updated policy.

Contact us

For privacy-related questions, data subject requests, or subprocessors inquiries, contact:

[Your Legal Entity Name, Inc.]

[Street Address], [City, State/Province, Postal Code], [Country]

Privacy: [email protected]

Data Protection Officer: [email protected]

Questions? Return to home or contact us using the information in the Contact section above.