Privacy Policy

Last updated: March 2026

1. Introduction

Welcome to Time Wrinkler. We respect your privacy and are committed to protecting your personal and corporate data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our AI orchestration services and Microsoft 365 integrations.

2. Data We Collect

  • Microsoft Graph Data: When explicitly authorized via OAuth, we access your emails, calendar events, and relevant documents strictly for the purpose of executing automations on your behalf.
  • Agent Telemetry: We record the frequency of interactions with specific entities (e.g., project names, sender addresses) internally within your isolated tenant database to improve the AI's contextual awareness of your habits.
  • Communication Logs: We process your messages sent to the bot via Telegram, MS Teams, or Outlook add-ins.

3. Strict Data Isolation & Encryption

Your data is processed subject to cryptographic isolation. All interaction memories, database tables, and vector embeddings are physically separated by your Microsoft Entra User Object ID (OID). We utilize AES-256 encryption at rest. We do not aggregate user data across domains.

4. Third-Party AI Services

We leverage semantic LLM backends (such as OpenAI models). Data processed during reasoning operations is subject to zero-data-retention agreements where applicable, meaning your emails and calendar events are never utilized by large AI providers to train foundational models.

5. Data Retention & Erasure (Right to be Forgotten)

We practice strict data minimization. Agent telemetry and memory vectors are retained only as long as necessary to provide the orchestration service. If an active subscription ceases or access is revoked, data is scheduled for automated deletion. At any time, you may submit a formal request to your organization's administrator or directly to us to execute a complete, irreversible erasure of your personal telemetry and vectors from our systems.

6. Data Portability

You maintain the right to request an export of the semantic knowledge and behavioral telemetry we have securely recorded about your workflows. This data will be provided in a standard machine-readable format (e.g., JSON) upon verified request.

7. Your Control & Rights

You may revoke our access to your Microsoft 365 environment at any time by removing the application permissions within your Microsoft Entra console. Upon revocation, background ingestion instantly ceases.

8. Contact Us

If you have questions about this privacy statement, please contact your organization's IT administrator or reach out through your standard support channels.