Privacy Policy

Last updated: March 13, 2026

1. Introduction

BizGenius (“we”, “us”, or “our”) operates the BizGenius platform at bizgenius.app (the “Service”). This Privacy Policy explains how we collect, use, and protect information about you when you use our Service.

2. Information We Collect

  • Account information: email address and password when you create an account.
  • Usage data: pages visited, features used, and interactions with AI agents you create.
  • Integration credentials: OAuth tokens for third-party services (Google Calendar, Calendly) you connect. These are encrypted at rest using AES-256-GCM.
  • Billing information: payment is processed by Stripe. We store only your Stripe customer ID and subscription status — no raw card data.
  • Booking data: names and email addresses entered by end-users when booking through your AI agent.
  • Knowledge base content: files and text you upload to train your agents.

3. How We Use Your Information

  • To provide, operate, and improve the Service.
  • To authenticate you and manage your subscription.
  • To enable AI agent features including booking, knowledge retrieval, and conversation.
  • To send transactional emails (account verification, billing receipts).
  • To respond to support requests.

4. Google Calendar Integration

If you connect Google Calendar, we request access to your free/busy information only (calendar.freebusy scope). We use this solely to check your availability when your AI agent offers booking slots to users. We do not read, store, or share the content of your calendar events. We do not create calendar events on your behalf via the API — bookings are completed by the end-user clicking a Google Calendar link.

Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

5. Calendly Integration

If you connect Calendly, we access your event types and available times to enable booking through your AI agent. OAuth tokens are encrypted and stored securely. We do not share your Calendly data with third parties.

6. Data Sharing

We do not sell your personal data. We share data only with:

  • Supabase — database and authentication infrastructure.
  • Stripe — payment processing.
  • Anthropic — AI inference for your agents (conversation messages are sent to Anthropic's API).
  • Vercel — hosting and edge infrastructure.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where required to retain it by law (e.g., billing records).

8. Security

We use industry-standard security practices including encryption in transit (TLS) and at rest (AES-256-GCM for OAuth credentials). However, no system is completely secure and we cannot guarantee absolute security.

9. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by contacting us at privacy@bizgenius.app.

10. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal data from children under 13.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the Service. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact

For privacy-related questions, contact us at privacy@bizgenius.app.