Data & Privacy Policy
During the processing of personal data, we comply with the requirements of applicable data protection legislation, including the GDPR and Dutch data protection laws.
We clearly specify our purposes before processing personal data using this Privacy Policy. We limit the collection of personal data to only what is necessary for legitimate purposes. We first ask for explicit permission to process your personal data in cases where your consent is required.
We take appropriate security measures to protect your personal data and require the same from parties processing data on our behalf. We respect your right to inspect, correct, or delete your personal data held by us.
Nieuwegiessen Holding BV
Chamber of Commerce: 81604173
De Keerploeg 3
5056MM Berkel-Enschot
The Netherlands
Data Subprocessors
We work with the following third parties to deliver our services:
| Third Party | Purpose | Location |
|---|---|---|
| Fly.io | Hosting our services and Redis caching | EU (Amsterdam) |
| AI / LLM models and OAuth authentication | Netherlands | |
| Posthog | Web and app analytics | EU |
| Customer.io | CRM and CX (email drip campaigns) | EU |
| Supabase | Data hosting and logins | AWS, eu-central-1 |
| Cloudflare | Proxy services | Global/EU focused |
| People Data Labs | Profile enrichment for sales and marketing | United States |
| Perplexity.ai | Company data enrichment | United States |
| Stripe | Payment processing | Global |
Integration Services and Data Access
One Horizon connects with various third-party services to provide our core functionality. You choose which services to connect, and we adhere to all data access controls at the user level. Here's what data we access and how we use it:
Google Services Integration
Google OAuth Authentication: When you sign in with Google, we collect and use your email address for account identification, your name for display in the app, and your profile picture for avatar display.
Google Calendar API: To generate your daily recaps and capture completed work, we access calendar event titles and descriptions, event start and end times, and event attendees when relevant to team context.
We also access meeting room or location information and event status such as confirmed, tentative, or cancelled.
Google Meet Integration: Our Meet add-on accesses meeting metadata including meeting ID, start time, and participant count. We also access meeting links for easy joining and basic meeting information for context in standups.
Limited Use Commitment: One Horizon's use of information received from Google APIs adheres to Google's Limited Use requirements. We use Google user data only to provide and improve our core productivity features.
We do not transfer, sell, or use Google data for advertising purposes or any activities unrelated to One Horizon's stated functionality.
Other Service Integrations
GitHub Integration: From repositories you grant access to, we collect commits you authored including code changes for analysis, pull requests you created or commented on, repository information and branch details, and issue assignments and status updates.
We use this data to analyze code changes to generate summaries of your development work. We display assigned PRs in your daily recap and team standup boards, add comments to commits on your behalf when requested, and provide context for team productivity insights.
We do not store any code. We only store metadata such as commit hashes, repository names, and commit messages for work summaries.
JIRA and Linear Integration: We access projects, tickets, and issue metadata, sprint/cycle information and timelines, issue status, priority, and assignment data. We also collect tags, labels, and custom field information, and ticket descriptions and comments for context.
We use this data to show in-flight and blocked issues in your daily recap and provide context for work summaries and productivity insights. We display team blockers and progress on standup boards and generate AI-powered work summaries based on ticket activity.
Slack Integration: When added to your Slack workspace, we access messages and content in channels, private groups, and direct messages where One Horizon is present. We also access basic workspace information including name, domain, and user list, user profiles and email addresses to link with your One Horizon account, and emoji reactions on messages for confirmation workflows.
We use this data to send personalized daily work recaps and standup reminders, respond to bot mentions and slash commands, and create temporary channels or group messages for team discussions. We add confirmation reactions to acknowledge work summary updates and match Slack users with their other integrated accounts such as GitHub and JIRA.
Note: For Slack, permissions are managed at the workspace level by administrators.
Profile Enrichment
People Data Labs Integration
To enhance our sales and marketing capabilities, we use People Data Labs to enrich user profile information. When you provide your email address, we may collect job title and company information, professional social media profiles such as LinkedIn and X, industry and company size data, location information, and company revenue estimates.
Perplexity.ai Integration
We use Perplexity.ai to supplement company information by gathering company descriptions and founding information, industry vertical classifications, additional company social media profiles, and revenue and employee count estimates.
Purpose: This enriched data helps us provide personalized experiences and relevant business insights for sales and marketing purposes.
App Access
Within our app, you can access a management environment where you can set, specify, and change settings. For this purpose, we use your email address, IP address, profile picture, and name. We process this data based on our legitimate interest. This information is stored until our services to you have ended.
Subscription
Through One Horizon, you can take out a paid subscription. We use Stripe to process payments securely. We do not store any payment information - all payment data is handled directly by Stripe. We only receive confirmation of successful payments and subscription status updates.
Data Storage and Retention
How Long We Keep Your Data
We store personal account information until you delete your account or leave all workspaces, workspace data until the workspace is deleted by an administrator, integration data only while actively using our service, and subscription status until you cancel your subscription.
What We Store from Integrations
We store minimal metadata needed for our core features and AI-generated summaries that may include portions of your calendar events or other integrated content, but we do not store complete copies of external service data.
Data Processing Location
All data is processed and stored within the EU, primarily in Amsterdam through our Fly.io infrastructure.
Providing Data to Third Parties
Except for the subprocessors listed above, we do not provide your personal data to other companies or organizations unless required by law (for example, when the authorities demand access to personal data in the case of a suspected crime).
Analytics and Usage Statistics
We use PostHog for web and app analytics to understand how our service is used and to improve the user experience. This includes page views and user interactions, feature usage patterns, performance metrics, and user session data.
We keep statistics on the use of our online service. These statistics help us provide you with relevant information. We may combine personal data to better understand your preferences, while always respecting your privacy.
If you do not want us to process data for statistics, please let us know. For this purpose, we use your email address and name. We process this data with your consent and store it for six weeks.
Marketing Communications
We may inform you about new products or services through email and social media.
You can opt out of promotional communications at any time. Every email will include an unsubscribe link. On social media, you can block us or use the cancellation option.
Data Publication
We will not publish any of your data.
Cookies
Our website uses cookies that are essential for the functionality of our service.
Our app requires cookies for login authentication - the service will not work without them.
Cookies are small files that store information to improve your user experience and avoid repeatedly entering the same data. When you first visit our online service, we will display a notification explaining our use of cookies and ask for your permission. You can disable cookies through your browser settings, but doing so will prevent you from using our service.
We do not use tracking cookies.
Security
One Horizon takes the security of your information seriously and employs commercially reasonable physical, administrative, and technological safeguards to maintain the integrity and security of the data we collect and share with service providers. However, no security system is completely impenetrable. In the event of a security breach compromising your data, we will investigate the situation and notify affected individuals as required by applicable laws and regulations.
Your Data Rights
You have the following rights regarding your personal data:
Access and Portability
You can request a copy of all personal data we hold about you and export your data in a machine-readable format.
Correction and Deletion
You can correct any inaccuracies in your personal data, request deletion of your personal data, and delete your account and all associated data at any time.
Control and Consent
You can revoke consent for data processing where applicable, object to certain uses of your data, and control which integrations access your data.
For Any Connected Integration
You can disconnect any integrated service from your One Horizon account at any time. Deleting your One Horizon account will remove all data from connected integrations. You can request deletion of specific data from any connected service.
Please ensure that you provide sufficient identifying information when making requests so that we can verify your identity and prevent unauthorized modifications or deletions of data.
Legal Jurisdiction
This Privacy Policy is governed by Dutch law. In addition to the GDPR, Dutch data protection laws apply to the processing of your personal data.
Policy Updates
We reserve the right to modify this policy at any time. We recommend consulting this policy regularly to stay informed of any changes.
Complaints
If you believe we are not handling your data appropriately, please contact us: privacy@onehorizon.ai
Contact Us
For any questions about this Privacy Policy or your data rights, contact us at privacy@onehorizon.ai or by mail at De Keerploeg 3, 5056MM Berkel-Enschot, The Netherlands.
The Rest
This policy does not establish or imply any partnership, agency, or joint venture. Thank you for taking the time to review our Privacy Policy.