Privacy Policy for Copera

Effective Date: April 30, 2025

1. Our Commitment to Your Privacy

Welcome to Copera. Our mission is to provide a secure, all-in-one platform that enhances productivity and collaboration. The trust of our users is the cornerstone of our service. This Privacy Policy outlines our unwavering commitment to safeguarding the personal and business information you entrust to us.

We have designed Copera with privacy at its core. We do not sell your data, and we do not use your content (such as documents, messages, or meeting transcriptions) to train our or third-party AI models. This policy explains in clear terms how we collect, use, and protect your information. By using our Services, you acknowledge you have read and understood this Privacy Policy.

2. Information We Collect

To provide and improve our Services, we collect the following types of information:

• Account Information: When you register for a Copera account, you provide us with personal details such as your name, email address, and contact information.
• Payment Information: For subscription services, we collect payment details through our secure, PCI-compliant payment processor. Copera does not store your full credit card information on its servers.
• User Content: User Content: Any data you create, upload, or share within your Copera workspace, including documents, messages, tasks, board entries, files, and transcriptions from Gathering Spaces ("User Content"). This data is yours, and we process it solely to provide the Services to you.
• Technical and Usage Information: We automatically collect technical data to operate and improve the service, such as your IP address, device type, browser information, and anonymized interaction data (e.g., which features are used most frequently). This data is used for service optimization and security and is not linked to your personal User Content for any other purpose.

3. How We Use Your Information

Your information is used exclusively for the following purposes:

• To Provide and Maintain the Services: To operate your workspace, authenticate users, process subscriptions, and deliver the features you use every day.
• To Secure and Protect Our Platform: To monitor for and prevent security threats, fraud, and other malicious activity.
• To Improve Our Services: We analyze aggregated and anonymized usage data to understand how our platform is used, allowing us to enhance features and improve the user experience. This analysis never involves accessing the content of your private documents, messages, or meetings.
• To Communicate With You: To send service-related announcements, billing information, and technical notices. You may also opt-in to receive marketing communications about new features.
• To Provide Support: To respond to your requests for assistance. Please note that Copera support staff cannot access your workspace content unless you explicitly grant access or share specific content with them (e.g., via screen share) to resolve an issue or inviting them into your workspace.

4. Our Commitment to Data Privacy & AI

Your data privacy is paramount in how we leverage artificial intelligence.

• No AI Model Training on Your Data: We state unequivocally: Your User Content is never used to train any AI models, neither our own nor those of our third-party partners. Your workspace data remains your own.
• Secure AI Processing: Copera utilizes a proprietary AI router that directs requests to various state-of-the-art AI models. We have strict contractual agreements with our AI service providers that prohibit them from storing your data or using it for training purposes. Information is sent for processing and is immediately discarded by the model after the response is generated.
• Encrypted Storage: The AI-generated text (e.g., a summary or a drafted email) is transmitted back to Copera, encrypted, and stored securely within your workspace database, subject to the same rigorous security protocols as all your other User Content.

5. Your Data, Your Control: Permissions and Sharing

You control who has access to the content within your workspace.

• Workspace Permissions: The primary account holder and designated administrators manage access and permissions for all users, channels, boards, and documents within the workspace.
• AI Access Follows Your Rules: The Copera AI assistant's ability to access information is governed by the permissions of the user interacting with it. For example, if a Gathering Space's rules grant all participants access to a meeting transcription, the AI can access that transcription when prompted by any of those participants. If a document is restricted to specific users, the AI can only access it when prompted by one of those authorized users.
• Public Sharing: Information only becomes accessible outside of your secure workspace if a user with the appropriate permissions intentionally makes it public (e.g., by creating a public sharing link for a document).

6. Data Sharing and Disclosure

• We Do Not Sell Your Data: We will never sell, rent, or trade your Personal Information or User Content to third parties for marketing purposes.
• Service Providers (Sub-processors): We share information with a limited number of third-party service providers who help us operate, secure, and improve our Services. These include cloud hosting providers, payment processors, and AI service providers. These providers are bound by strict data protection agreements and are only permitted to use the information to deliver the services we have contracted them for.
• Legal Compliance: We may disclose your information if required by law, subpoena, or other legal process, or if we have a good faith belief that disclosure is reasonably necessary to protect the rights, property, or safety of Copera, our users, or the public.

7. Data Security

We employ robust, enterprise-grade security measures to protect your data, including:

• Encryption at Rest: All your User Content is encrypted before being stored in our databases.
• Encryption in Transit: We use Transport Layer Security (TLS) to encrypt data moving between your device and our servers.
• Access Control: We enforce strict internal access controls to ensure that only authorized personnel can access system infrastructure, and never your User Content.
• Regular Audits: We conduct regular security assessments to identify and patch potential vulnerabilities.

8. Data Retention & Deletion

You have control over your data's lifecycle.

• User Removal from a Workspace: If an administrator removes a user from a workspace, the content created by that user (e.g., messages, documents, tasks)remains within the workspace to ensure operational continuity for the team.
• Workspace Deletion: When an authorized administrator chooses to delete an entire workspace, this action is permanent. All information and User Content associated with that workspace will be permanently deleted from our application databases in accordance with our data disposal timeline.
• Data Export: If you wish to download a copy of your workspace data before deletion, you may submit a request to our support team at support@copera.ai.

9. Children's Privacy

Our Services are not directed to individuals under the age of 13, and users under 13 are prohibited from creating an account. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information without verifiable parental consent, we will take steps to delete such information.

10. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new policy on our website and, where feasible, through an in-app notification.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at privacy@copera.ai.

Last Updated: April 30, 2025