Sampark Inc, doing business as Composio (“Composio,” “we,” “us,” or “our”), respects the privacy of our users (“user” or “you”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our embedded integration Platform as a Service (iPaaS) platform. We are committed to protecting your personal information and your right to privacy.

If you have any questions or concerns about our policy or our practices with regards to your personal information, please contact us at tech@composio.dev.

Collection of Your Information

We may collect information about you in a variety of ways. The information we may collect on the Composio platform includes:

• Personal Data: Personally identifiable information, such as your name, email address, and other contact details, that you voluntarily give to us when choosing to participate in various activities related to the Composio platform.
• Derivative Data: Information our servers automatically collect when you access the platform, such as your IP address, browser type, operating system, and other technical information about your means of connection to the platform.
• Data From Clients: We receive information from our clients (SaaS tools and applications) that use our platform for embedding their services. This information is strictly limited to what is necessary for the functioning of the embedded iPaaS platform.

Please note, our platform serves as a conduit between our clients and their users. We do not directly collect or store end-user data beyond what is necessary for the operation of our services.

Use of Your Information

Having accurate information about you permits us to provide a smooth, efficient, and customized experience. Specifically, we may use information collected about you via the platform to:

• Facilitate the creation and management of your account on our platform.
• Increase the efficiency and operation of the platform.
• Monitor and analyze usage and trends to improve your experience with the platform.
• Perform other business activities as needed.

Additional Use of Your Information

Google Workspace APIs: In alignment with our commitment to uphold the highest standards of data privacy and security, Composio wishes to clarify its stance regarding the use of data obtained through Google Workspace APIs. We explicitly affirm that:

• No Development of Generalized AI/ML Models: Composio does not use, nor does it retain, any user data obtained through Google Workspace APIs for the purpose of developing, improving, or training generalized artificial intelligence (AI) and/or machine learning (ML) models. Our use of Google Workspace APIs is strictly confined to the operational necessities of providing our embedded integration Platform as a Service (iPaaS) platform functionalities and does not extend into any form of AI/ML model development with this data.

This stance is a testament to our dedication to respecting user privacy and ensuring the ethical use of technology. We are committed to transparency in all aspects of our data use practices. Should our policy or practices change in the future, we pledge to update this section of our Privacy Policy accordingly and communicate these changes to our users in a timely manner.

No Data Sharing with AI Models

• We do not share user data with any AI models or third-party AI platforms. All user data remains within our secure systems and is used solely for the purposes outlined in this policy. Specifically:
  • Third-party AI models used: We do not utilize any third-party AI models in our app.
  • Data shared with these models: No user data is shared with any AI models.
  • Purpose of sharing this data with AI models: Since we do not share any data with AI models, there is no purpose for such sharing.
  • Use of data by AI models: Not applicable as no data is shared.
  • User control or opt-out options: Users have full control over their data and can request access, changes, or deletion of their data at any time by contacting us at tech@composio.dev.
  • Responsible and ethical use of data: We ensure that all data use is responsible and ethical, strictly adhering to our privacy policy and relevant regulations.

You have the right to request access to the personal data we collect from you, change that information, or delete it in some circumstances. To request to review, update, or delete your personal information or your data, please send a request to tech@composio.dev.

User Consent Requirements

We obtain explicit consent from users before collecting or using their data during the OAuth flow or authentication process.

• Explicit User Information: Users are explicitly informed about the use of their data through clear disclosures in our app during the OAuth flow or authentication process. This includes detailed information about what data will be collected and how it will be used.
• Obtaining Explicit Consent: The app obtains explicit consent from users before sharing their data with any services. This consent is obtained during the OAuth flow or the authentication process.
• User Consent Mechanism: Before using Google APIs, users will be explicitly informed about the specific Google user data we intend to collect, use, and store during the OAuth flow or Authentication. We will obtain clear and unambiguous consent from users before accessing their Google account data.
• Granular Consent: Users will have the option to deny access to specific data, ensuring they have control over data they are comfortable sharing.
• User Notifications: Users will be notified when there are significant changes to our data practices or when new data types are being accessed. They will have the opportunity to review and consent to these changes before they are implemented.

Data Protection and Security

We are committed to ensuring the security and confidentiality of your personal information. To protect your data, we have implemented the following security measures:

• We use advanced encryption technologies, such as TLS (Transport Layer Security), to protect your information during transmission. Data at rest is encrypted using industry-standard AES (Advanced Encryption Standard).
• Access to your data is restricted to authorized personnel only. We employ role-based access control (RBAC) mechanisms and enforce multi-factor authentication (MFA) to prevent unauthorized access.
• We conduct regular security audits and vulnerability assessments, both internally and through third-party security firms, to ensure ongoing protection of our systems and data.
• We have established comprehensive security procedures, including incident response plans, to safeguard and secure the information we collect online. These procedures include regular software updates, patch management, and intrusion detection systems.
• We adhere to data minimization principles, collecting only the data necessary for the operation of our services. We retain your data only for as long as needed to fulfill the purposes for which it was collected and comply with legal and regulatory requirements.

Disclosure of Your Information

We may share information we have collected about you in certain situations. Your information may be disclosed as follows:

• By Law or to Protect Rights: If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by any applicable law, rule, or regulation.
• Third-Party Service Providers: We may share your information with third parties that perform services for us or on our behalf, including payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance.

Disclosures

Composio’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Your Rights

You have the right to request access to the personal data we collect from you, change that information, or delete it in some circumstances. To request to review, update, or delete your personal information or your data, please send a request to tech@composio.dev.

Data Protection Rights under General Data Protection Regulation (GDPR)

If you are a resident of the European Union (EU), you have certain data protection rights covered by GDPR. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. If you wish to be informed about what Personal Data we hold about you and if you want it to be removed from our systems, please contact us at the details provided above.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. We will let you know via email and/or a prominent notice on our platform, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.

Contact Us

If you have any questions or comments about this Privacy Policy, please contact us at tech@composio.dev.