Privacy Policy
1. Overview
This Privacy Policy explains how coAmplifi by CuraeSoft (“coAmplifi,” “we,” “our,” or “us”) collects, uses, discloses, and protects personal data.
coAmplifi is a product of CuraeSoft Corporation, headquartered at:
39 Beta Court
San Ramon, California, United States
This Privacy Policy applies to personal data collected through the coAmplifi platform and related services (the “Services”).
2. Controller and Processor Roles
Data Controller:
coAmplifi acts as a Data Controller for personal data collected directly for account administration, authentication, billing, communications, and platform operations.
Data Processor:
coAmplifi acts as a Data Processor with respect to Customer Data submitted by customers or authorized users. Processing is governed by a Data Processing Agreement (DPA), where applicable. The customer acts as Data Controller for Customer Data.
3. Data We Collect
We may collect:
- Account identification data (name, business email, role)
- Authentication metadata (login timestamps, session tokens)
- Service usage data (feature interactions, timecards, project data)
- Google user data when authorized through OAuth scopes
4. How We Use Personal Data
We process personal data to:
- Provide and improve the Services
- Enable scheduling and availability features
- Secure the platform and prevent fraud
- Fulfill contractual obligations
- Comply with legal requirements
5. Google API Services and Google User Data
When users connect a Google account, coAmplifi may access Google user data using authorized OAuth scopes including calendar.readonly.
We may access:
- Event titles
- Event dates and times
- Attendee metadata
- Event identifiers for synchronization
We do not create, modify, or delete calendar events.
Google user data is:
- Used only for user-facing functionality
- Not used for advertising
- Not used to train generalized AI/ML models
- Not sold or shared
Users may revoke Google access at any time. Upon disconnection, associated Google data is deleted within a commercially reasonable timeframe unless legally required to retain it.
coAmplifi complies with the Google API Services User Data Policy and Limited Use requirements.
Human access to Google user data is strictly limited and permitted only with explicit user consent, when necessary for security or fraud investigation, to comply with applicable law, or where data is aggregated and anonymized for internal operational purposes. Access is restricted to authorized personnel on a need-to-know basis and protected by role-based access controls and multi-factor authentication.
6. Data Sharing and Disclosure
We may share data with:
- Service providers and subprocessors
- Affiliates
- Legal authorities when required
- Successor entities in business transfers
- Third parties with user consent
We do not sell personal information or share it for cross-context behavioral advertising.
7. Data Security
We implement safeguards including:
- TLS 1.2+ encryption in transit
- AES-256 encryption at rest
- Role-Based Access Controls (RBAC)
- Vulnerability scanning and penetration testing
- Incident response procedures
8. Data Retention
We retain data only as long as necessary for:
- Service provision
- Legal compliance
- Security and fraud prevention
Upon account termination, Customer Data is deleted or returned according to contractual obligations.
9. International Data Transfers
Personal data may be processed in the United States or other jurisdictions. Where required, we implement appropriate safeguards such as Standard Contractual Clauses.
10. Data Subject Rights
Depending on location, users may have rights to:
- Access
- Correction
- Deletion
- Portability
- Non-discrimination
Contact: info@coamplifi.com
11. Contact Information
CuraeSoft Corporation
39 Beta Court
San Ramon, CA
General inquiries: info@coamplifi.com