Privacy Foundations

At Tim Agent ("Tim", "we", "us"), we treat your professional data with the same gravitas and discretion as an executive Chief of Staff. Our governance model is built on the principle of Transparency by Default.

This Privacy Policy details how we handle information in our AI-integrated ecosystem, encompassing Microsoft 365, Slack, and our underlying intelligence engine. By engaging with Tim, you entrust us with the data required to architect your digital autonomy.

To provide a high-fidelity intelligence experience, we collect information across three primary categories:

• Account Metadata: Name, professional email, organizational role, and authentication tokens provided via Microsoft Graph or Slack OAuth.
• Operational Content: High-bandwidth data ingested from your emails, calendars, and documents to generate briefings and execute tasks.
• Interaction Intelligence: Intent patterns, query history, and feedback loops used to refine your personal AI model's accuracy.

We process your data exclusively for operational excellence:

• To synthesize meeting summaries and executive briefings.
• To automate administrative tasks (scheduling, triaging, drafting).
• To maintain security and prevent unauthorized access to your workspace.
• Critically: We do not use your private organizational data to train shared foundation models. Your intelligence remains yours.

Transparency is absolute: Tim does not sell, rent, or trade your personal or organizational intelligence. Disclosure only occurs in these limited scenarios:

• Functional Vendors: Essential infrastructure partners (e.g., Microsoft Azure, OpenAI API) strictly bound by data processing agreements.
• Organizational Control: If you are under an Enterprise license, your designated administrator may have oversight capabilities as configured in your policy settings.
• Legal Obligation: Only when compelled by valid legal process in accordance with Delaware law.

Security is the bedrock of our service. We utilize industry-leading AES-256 encryption at rest and TLS 1.3 for data in transit. Our infrastructure is compartmentalized to ensure zero-leakage between client swarms.

Depending on your jurisdiction, you maintain robust rights over your identity:

• Access & Portability: Request a full audit of the data we hold on your profile.
• Erasure (The Right to be Forgotten): Permanently purge your account and all associated intelligence markers.
• Correction: Update inaccurate professional identifiers.
• Objection: Restrict certain processing maneuvers within the dashboard settings.

We retain data only as long as necessary to serve your executive needs. Inactive trial accounts are automatically purged after 180 days. Upon subscription termination, all organizational data is wiped from primary storage within 30 days.

For inquiries regarding data sovereignty or to exercise your privacy rights, please connect with our Data Protection Officer: