Privacy Policy

1. Information We Collect

We collect information you provide directly, data we obtain through connected services (with your consent), and technical data from your use of our platform.

• Account & profile: Name, email address, password (hashed), and profile preferences.
• Financial data (via Plaid): When you link bank or financial accounts, we receive account identifiers, transaction history, balances, and related metadata—only to the extent permitted by Plaid and your authorization. We do not store your banking credentials.
• Email & calendar (Google, Outlook): With your consent we access email headers, bodies, and calendar events to power insights, scheduling, and the Ontology agent. We process this data according to the permissions you grant (e.g., read-only, send on your behalf).
• Notion & life journaling: Content you sync from Notion for life journaling and automation is processed to support your personal ontology and recommendations.
• Market & analysis (e.g., Databento): When you enable market or analysis features, we may process market data and your preferences to deliver insights.
• Usage & device data: Logs, IP address, device type, browser, and how you use the platform to improve service and security.

2. How We Use Your Information

We use your information to provide, secure, and improve the Oxagen platform and Ontology agent:

• Providing and personalizing the life operating system and AI agent.
• Mapping relationships between your spend (time and money) and your goals.
• Generating insights, recommendations, and automated actions you request.
• Securing accounts, detecting fraud, and complying with law.
• Communicating with you about the product, support, and policy changes.
• Improving our models and services (where we use aggregated or de-identified data).

3. AI and Machine Learning

Our AI systems process your connected data to power the Ontology agent and related features. We use industry-standard practices: data is used to train or improve models only where permitted by our agreements and applicable law; we do not sell your personal data for advertising; and we apply technical and organizational measures to protect your data. You can disconnect integrations and request deletion as described in Section 8.

4. Data Sharing and Third Parties

We do not sell your personal information. We may share data with:

• Service providers: Plaid (banking), Google, Microsoft (email/calendar), Notion, Databento, cloud infrastructure (e.g., hosting, databases), and support tools—under contracts that limit use to providing our services.
• Legal & safety: When required by law, to protect rights and safety, or to enforce our terms.
• Business transfers: In connection with a merger, sale, or other transfer of assets, subject to the same privacy commitments.

5. Data Security and Retention

We implement appropriate technical and organizational measures (encryption, access controls, monitoring) to protect your data. Financial and other sensitive data is handled in line with industry standards and our agreements with providers like Plaid.

We retain your data for as long as your account is active or as needed to provide the service, comply with law, resolve disputes, and enforce our agreements. You may request deletion of your data as described in Section 8.

6. Cookies and Similar Technologies

We use cookies and similar technologies for authentication, preferences, security, and analytics. You can manage cookie settings in your browser. Some features may depend on cookies for proper operation.

7. International Data Transfers

Your data may be processed in the United States or other countries where we or our service providers operate. We ensure appropriate safeguards (e.g., standard contractual clauses or equivalent) where required by applicable law.

8. Your Rights and Choices

Depending on your location, you may have the right to:

• Access and receive a copy of your personal data.
• Correct or update inaccurate data.
• Request deletion of your data (subject to legal and operational requirements).
• Restrict or object to certain processing.
• Data portability (where applicable).
• Withdraw consent for processing based on consent.
• Lodge a complaint with a supervisory authority.

You can manage connected accounts (Plaid, Google, Outlook, Notion, etc.) and delete your account from your Oxagen settings. For requests or questions, contact us at success@oxagen.ai.

9. Children

Our services are not directed to individuals under 16. We do not knowingly collect personal data from children under 16. If you believe we have done so, please contact us and we will take steps to delete such information.

10. SMS Communications

SMS Terms of Service

By opting in to SMS messages from Oxagen Inc., you agree to receive text messages for customer support, service updates, and other communications related to your account.

You can cancel the SMS service at any time. Just text STOP. After you send the SMS message "STOP" to us, we will send you an SMS message to confirm that you have been unsubscribed. After this, you will no longer receive SMS messages from us. If you want to join again, just sign up as you did the first time and we will start sending SMS messages to you again.

If you are experiencing issues with the messaging program, you can reply with the keyword HELP for more assistance.

Carriers are not liable for delayed or undelivered messages.

As always, message and data rates may apply for any messages sent to you from us and to us from you. Message frequency varies. If you have any questions about your text plan or data plan, it is best to contact your wireless provider.

SMS Privacy

Oxagen Inc. does not share mobile numbers, text messaging originator opt-in data, or consent with any third parties or affiliates for marketing or promotional purposes.

Mobile information may be shared only with subcontractors and service providers that support the delivery of SMS services, such as messaging platforms, telecommunications providers, or customer support vendors. This information is used solely to provide and operate the messaging service.

All other use case categories exclude text messaging originator opt-in data and consent. This information will not be shared with any third parties.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date, and where required by law we will seek your consent or provide additional notice.

12. Contact Us

For privacy-related questions or to exercise your rights, contact Oxagen Inc. at success@oxagen.ai.