Privacy Policy

Overview

Shabe AI, Inc. ("Shabe," "we," "our," or "us") operates app.shabe.ai and shabe.ai (the "Service"). This Privacy Policy governs your use of the Service and explains how we collect, use, disclose, and safeguard your information.

By using Shabe AI, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use our Service.

Information We Collect

1. Information You Provide

• Account Information: Name, email address, phone number, company name, job title, and authentication credentials (managed via Clerk)
• Profile Information: Communication preferences, timezone, language, department, bio, and AI personalization settings (communication style, detail level, emoji preferences)
• CRM Data: Contacts, accounts, deals, activities, notes, custom fields, and relationship data you input into Shabe
• Conversation Data: All messages, queries, and commands you send to Shabe AI, including conversation history and context
• Files and Documents: Files you upload for analysis, including PDFs, spreadsheets, presentations, and images
• Team Data: Team member information, roles, permissions, and team settings

2. Information from Integrated Services

• HubSpot: Contact, company, deal, activity, and forecasting data from your HubSpot account
• Google Workspace: Gmail emails, Google Calendar events, Google Drive files (with your explicit authorization)
• Apollo.io: Lead enrichment data, contact information, and company intelligence
• LinkedIn: Profile information and content publishing data (when you use our LinkedIn integration)

3. Automatically Collected Information

• Usage Data: Feature usage, conversation metrics, query patterns, time spent, and interaction frequency
• Device Information: IP address, browser type, operating system, device identifiers
• Log Data: API requests, error logs, performance metrics, and system events
• Cookies and Similar Technologies: Session cookies, authentication tokens, preference cookies

How We Use Your Information

We use the collected information for the following purposes:

• Provide the Service: Process your queries, execute CRM operations, generate insights, and deliver AI-powered features
• Machine Learning & Predictions: Train ML models for deal outcome prediction, time-to-close forecasting, anomaly detection, and prescriptive recommendations
• Personalization: Customize AI responses based on your communication preferences, role, and usage patterns
• Integrations: Sync data with HubSpot, Google Workspace, Apollo, and LinkedIn on your behalf
• Analytics & Improvement: Analyze usage patterns, improve AI accuracy, develop new features, and enhance user experience
• Security: Detect fraud, prevent abuse, monitor security threats, and maintain system integrity
• Communication: Send service updates, feature announcements, support responses, and transactional emails
• Compliance: Meet legal obligations, enforce our terms, and respond to legal requests

Information Sharing & Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• Service Providers:
  • • OpenAI (AI processing)
  • • Convex (database hosting)
  • • Clerk (authentication)
  • • Vercel (hosting)
  • • Sentry (error monitoring)
  • • PostHog (analytics)
  • • Stripe (payment processing)
• Team Members: Data is shared with your authorized team members based on their permissions
• Integrated Services: Data is synced with services you connect (HubSpot, Google, Apollo, LinkedIn) per your authorization
• Legal Requirements: When required by law, subpoena, or government request
• Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to you)
• With Your Consent: Any other sharing with your explicit permission

Data Security

We implement industry-standard security measures to protect your information:

• Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Authentication: Multi-factor authentication supported via Clerk
• Access Controls: Role-based permissions and team-based data isolation
• Monitoring: Real-time security scanning, intrusion detection, and audit logging
• Infrastructure: SOC 2 Type II compliant hosting (Vercel, Convex)

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.