Data & Privacy Policy

During the processing of personal data, we comply with the requirements of applicable data protection legislation, including the GDPR and Dutch data protection laws. This means we:

• Clearly specify our purposes before processing personal data using this Privacy Policy.
• Limit the collection of personal data to only what is necessary for legitimate purposes.
• First ask for explicit permission to process your personal data in cases where your consent is required.
• Take appropriate security measures to protect your personal data and require the same from parties processing data on our behalf.
• Respect your right to inspect, correct, or delete your personal data held by us.

Nieuwegiessen Holding BV
Chamber of Commerce: 81604173
De Keerploeg 3
5056MM Berkel-Enschot
The Netherlands

Data Subprocessors

We work with the following third parties to deliver our services:

Third Party	Purpose	Location
Fly.io	Hosting our services and Redis caching	EU (Amsterdam)
Google	AI / LLM models and OAuth authentication	Netherlands
Posthog	Web and app analytics	EU
Customer.io	CRM and CX (email drip campaigns)	EU
Supabase	Data hosting and logins	AWS, eu-central-1
Cloudflare	Proxy services	Global/EU focused
People Data Labs	Profile enrichment for sales and marketing	United States
Perplexity.ai	Company data enrichment	United States
Stripe	Payment processing	Global

Integration Services and Data Access

One Horizon connects with various third-party services to provide our core functionality. You choose which services to connect, and we adhere to all data access controls at the user level. Here's what data we access and how we use it:

Google Services Integration

Google OAuth Authentication: When you sign in with Google, we collect and use:

• Your email address (for account identification)
• Your name (for display in the app)
• Your profile picture (for avatar display)

Google Calendar API: To generate your daily recaps and capture completed work, we access:

• Calendar event titles and descriptions
• Event start and end times
• Event attendees (when relevant to team context)
• Meeting room or location information
• Event status (confirmed, tentative, cancelled)

Google Meet Integration: Our Meet add-on accesses:

• Meeting metadata (meeting ID, start time, participant count)
• Meeting links for easy joining
• Basic meeting information for context in standups

Limited Use Commitment: One Horizon's use of information received from Google APIs adheres to Google's Limited Use requirements. We use Google user data only to provide and improve our core productivity features. We do not transfer, sell, or use Google data for advertising purposes or any activities unrelated to One Horizon's stated functionality.

Other Service Integrations

GitHub Integration: From repositories you grant access to, we collect:

• Commits you authored (including code changes for analysis)
• Pull requests you created or commented on
• Repository information and branch details
• Issue assignments and status updates

We use this data to:

• Analyze code changes to generate summaries of your development work
• Display assigned PRs in your daily recap and team standup boards
• Add comments to commits on your behalf when requested
• Provide context for team productivity insights

Important: We access code changes within commits for analysis but do not store your code permanently. We only review the specific changes (deltas) in each commit, never your entire codebase.

JIRA and Linear Integration: We access:

• Projects, tickets, and issue metadata
• Sprint/cycle information and timelines
• Issue status, priority, and assignment data
• Tags, labels, and custom field information
• Ticket descriptions and comments for context

We use this data to:

• Show in-flight and blocked issues in your daily recap
• Provide context for work summaries and productivity insights
• Display team blockers and progress on standup boards
• Generate AI-powered work summaries based on ticket activity

Slack Integration: When added to your Slack workspace, we access:

• Messages and content in channels, private groups, and direct messages where One Horizon is present
• Basic workspace information (name, domain, user list)
• User profiles and email addresses (to link with your One Horizon account)
• Emoji reactions on messages for confirmation workflows

We use this data to:

• Send personalized daily work recaps and standup reminders
• Respond to bot mentions and slash commands
• Create temporary channels or group messages for team discussions
• Add confirmation reactions to acknowledge work summary updates
• Match Slack users with their other integrated accounts (GitHub, JIRA, etc.)

Note: For Slack, permissions are managed at the workspace level by administrators.

Profile Enrichment

People Data Labs Integration

To enhance our sales and marketing capabilities, we use People Data Labs to enrich user profile information. When you provide your email address, we may collect:

• Job title and company information
• Professional social media profiles (LinkedIn, X)
• Industry and company size data
• Location information
• Company revenue estimates

Perplexity.ai Integration

We use Perplexity.ai to supplement company information by gathering:

• Company descriptions and founding information
• Industry vertical classifications
• Additional company social media profiles
• Revenue and employee count estimates

Purpose: This enriched data helps us provide personalized experiences and relevant business insights for sales and marketing purposes.

App Access

Within our app, you can access a management environment where you can set, specify, and change settings. For this purpose, we use your email address, IP address, profile picture, and name. We process this data based on our legitimate interest. This information is stored until our services to you have ended.

Subscription

Through One Horizon, you can take out a paid subscription. We use Stripe to process payments securely. We do not store any payment information - all payment data is handled directly by Stripe. We only receive confirmation of successful payments and subscription status updates.

Data Storage and Retention

How Long We Keep Your Data:

• Personal account information: Until you delete your account or leave all workspaces
• Workspace data: Until the workspace is deleted by an administrator
• Integration data: Only stored while actively using our service
• Subscription status: Until you cancel your subscription

What We Store from Integrations:

• Minimal metadata needed for our core features
• AI-generated summaries that may include portions of your calendar events or other integrated content
• No complete copies of external service data

Data Processing Location:

All data is processed and stored within the EU, primarily in Amsterdam through our Fly.io infrastructure.

Providing Data to Third Parties

Except for the subprocessors listed above, we do not provide your personal data to other companies or organizations unless required by law (for example, when the authorities demand access to personal data in the case of a suspected crime).

Analytics and Usage Statistics

We use PostHog for web and app analytics to understand how our service is used and to improve the user experience. This includes:

• Page views and user interactions
• Feature usage patterns
• Performance metrics
• User session data

We keep statistics on the use of our online service. These statistics help us provide you with relevant information. We may combine personal data to better understand your preferences, while always respecting your privacy. If you do not want us to process data for statistics, please let us know. For this purpose, we use your email address and name. We process this data with your consent and store it for six weeks.

Marketing Communications

We may inform you about new products or services through:

• Email
• Social media

You can opt out of promotional communications at any time. Every email will include an unsubscribe link. On social media, you can block us or use the cancellation option.

Data Publication

We will not publish any of your data.

Cookies

Our website uses cookies that are essential for the functionality of our service. Important: Our app requires cookies for login authentication - the service will not work without them.

Cookies are small files that store information to improve your user experience and avoid repeatedly entering the same data. When you first visit our online service, we will display a notification explaining our use of cookies and ask for your permission. You can disable cookies through your browser settings, but doing so will prevent you from using our service.

We do not use tracking cookies.

Security

One Horizon takes the security of your information seriously and employs commercially reasonable physical, administrative, and technological safeguards to maintain the integrity and security of the data we collect and share with service providers. However, no security system is completely impenetrable. In the event of a security breach compromising your data, we will investigate the situation and notify affected individuals as required by applicable laws and regulations.

Your Data Rights

You have the following rights regarding your personal data:

Access and Portability:

• Request a copy of all personal data we hold about you
• Export your data in a machine-readable format

Correction and Deletion:

• Correct any inaccuracies in your personal data
• Request deletion of your personal data
• Delete your account and all associated data at any time

Control and Consent:

• Revoke consent for data processing where applicable
• Object to certain uses of your data
• Control which integrations access your data

For Any Connected Integration:

• You can disconnect any integrated service from your One Horizon account at any time
• Deleting your One Horizon account will remove all data from connected integrations
• You can request deletion of specific data from any connected service

Please ensure that you provide sufficient identifying information when making requests so that we can verify your identity and prevent unauthorized modifications or deletions of data.

Legal Jurisdiction

This Privacy Policy is governed by Dutch law. In addition to the GDPR, Dutch data protection laws apply to the processing of your personal data.

Policy Updates

We reserve the right to modify this policy at any time. We recommend consulting this policy regularly to stay informed of any changes.

Complaints

If you believe we are not handling your data appropriately, please contact us: privacy@onehorizon.ai

Contact Us

For any questions about this Privacy Policy or your data rights, contact us at:

• Email: privacy@onehorizon.ai
• Address: De Keerploeg 3, 5056MM Berkel-Enschot, The Netherlands

The Rest

This policy does not establish or imply any partnership, agency, or joint venture. Thank you for taking the time to review our Privacy Policy.