Privacy Policy

Thanks for using Curiosity! Protecting your data and privacy is important to us. This privacy policy describes how we collect, use, and handle your data when you use our websites, software, and services (“Services”).

For more information and details, please see our Security and Privacy FAQ. For additional details on data processing for EU data subjects, please see our Data Processing Addendum.

Your Connected Data and Personal Information

At Curiosity, we distinguish between two types of data:

• (A) Your Connected Data. This is the data you connect to Curiosity to make it searchable. It may include Personal Information. We do not see or have access to your data, and we use it only to provide our Services to you.

• (B) Personal Information: This is information connected to you as a person, specifically as defined as in the GDPR regulations. It includes things like your user name and email address. This Privacy Policy describes how we collect, store and process Personal Information and use it to provide, secure, improve, and market our Services.

Your Connected Data stays private to you

Our Services are designed as a simple and fast way for you to search your files, documents, messages, and so on. Your “Connected Data” refers to the data you connect Curiosity to make it searchable, including:

• Files and folders on your computer

• Files, emails, messages, and other data from cloud apps

• Data from custom data sources connected to Curiosity (e.g. CRMs)

• Information you use when interacting with the Services like search terms, Spaces, and others

We only use Your Connected Data to provide you the Service.

Your Connected Data stays private to you. You determine where your Connected Data is stored and you control access to it. Nobody at Curiosity and no third party can access your personal data unless you explicitly give us access (e.g. for troubleshooting). We do not serve ads based on Your Connected Data and we do not sell data.

Additional information about how we handle Your Connected Data is available in our  Security and Privacy FAQ.

What Personal Information we collect

We collect other Personal Information about you when you consent, or provide it to us (e.g. data you entered in a contact form or when registering an account). We also collect information automatically when you visit our website or use our Services. We collect the following types of data:

Account Information. We collect, and associate with your account, the information you provide to us when you do things like sign up for your account or upgrade to a paid plan. Account information includes things like your name and email address, payment information (via Stripe), and newsletter preferences. We this information to provide and protect our Services.

Device information. We collect information from and about the devices you use to access the Services. Device information includes: IP addresses, which browser and device you used, which of our web pages you visited, and identifiers associated with your devices. Your devices (depending on their settings) may also transmit location information to the Services. We use device information to detect abuse, and identify and troubleshoot bugs.

Cookies. We use cookies and similar technologies to analyze trends, administer the website, track users’ movements around the website, and to gather demographic information about our user base as a whole. Cookies are text files that websites store and access on a visitor's device to uniquely identify the visitor's browser or to store information or settings in the browser to allow us to distinguish you from other Users of our Service. We only use cookies which are strictly necessary to provide you with the Site and to use some of its features, such as the ability to log-in and access to secure areas. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.

Telemetry data. We collect information related to how you use our Services, including actions you take like “opening the app” or “clicking on search”. Telemetry includes only logs of standardized actions and never Connected Data, search terms, or other content. We use this information improve the Services and to protect your data. Please refer to our Security and Privacy FAQ for more information about how we use this usage information.

Troubleshooting logs. Sometimes we may ask you to share app logs with us to help troubleshoot a problem you’re experiencing. These logs may include information on what the app is doing and how you are interacting with it, including file names and search terms. We use this information only to troubleshoot the issue you are experiencing at your explicit request.

How we use your information

We use your Personal Information only as permitted by law, for the purposes described below. If you have questions about the legal bases under which we process your personal information, please contact us at hello@curiosity.ai.

To provide our Service. We use your Personal Information to (a) enable you to access and use the Service, (b) provide and deliver products and services that you request, and (c) to send you information related to the Service, including confirmations, technical notes, updates, security alerts, support and administrative messages.

To improve and support our Service. To improve your experience, we use your Personal Information to operate, maintain, and improve our Services. We may also use your information to respond to your comments and questions regarding the Services, and to provide you with customer service.

*To promote our Services. *****We use your Personal Information to communicate with you about updates, promotions, events, and other news connected to our Services.

To comply with law. We may use your Personal Information as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.

For compliance and safety. We may use your Personal Information to protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.

With your consent. We may use or share your Personal Information with your consent, such as when you instruct us to take a specific action with respect to your Personal Information, or if you opt into marketing communications.

How we share your information

We may share information as discussed below. We have never and will never sell it to advertisers or other third parties.

Team Admins. If you are a user of a Curiosity Team Workspace, your administrator may have the ability to access and control your Curiosity account. This may also include access to your Connected Information. Please refer to your organization’s internal policies if you have questions about this.

Other applications you connect. You can choose to connect Curiosity with third-party services like email or cloud storage services. By doing so, you’re enabling Curiosity and those third parties to exchange information about you and data in your account so that Curiosity and those third parties can provide, improve, protect, and promote their services. Please remember that third parties’ use of your information will be governed by their own privacy policies and terms of service.

Law & Order and the Public Interest. We may disclose your Personal Information to third parties if we determine that such disclosure is reasonably necessary to: (a) comply with any applicable law, regulation, legal process, or appropriate government request; (b) protect any person from death or serious bodily injury; (c) prevent fraud or abuse of Curiosity or our users; (d) protect Curiosity’s rights, property, safety, or interest; or (e) perform a task carried out in the public interest.

Others working for Curiosity. We use trusted third parties (for example, providers of IT services) to help us provide, improve, protect, and promote our Services. These third parties may access your Personal Information to perform tasks on our behalf, and we’ll remain responsible for their handling of your Personal Information per our instructions. For a list of trusted third parties that we use to process your personal data and more details on the categories of Personal Information that we disclose, please see our list of Subprocessors. Additional third parties may include lawyers, bankers, auditors, and insurers (not listed with subprocessors).

Others with your permission. ****You may permit us to share your Personal Information with other companies or entities of your choosing. Those uses will be subject to the privacy policies of the recipient entity or entities.

We may also share aggregated and/or anonymized data.

Were we store your information

You control where your Connected data is stored. You always control where your Connected Data is stored. Additional information about how we handle Your Connected Data is available in our  Security and Privacy FAQ.

Storage of Personal Information outside the EU. We work with third-parties outside the EU, including the United States and in other countries. Your Personal Information may be transferred to or from the United States or other locations outside of your state, province, country or other governmental jurisdiction where privacy laws may not be as protective as those in your jurisdiction. Additional information about the transfer and storage of Personal Information outside of the European Economic Area (EEA) is available in our Data Processing Addendum.

Your consent. By visiting our websites or using our Service, you consent to the transfer of your information, including Personal Information, to the US or such other country as set forth in this Privacy Policy.

How we secure your information

Security. Keeping your data safe is critical to us. We use industry standard security measures to protect the security of your information, and continue to work on features to keep your information safe in addition to things like two-factor authentication and encryption.

Retention of Connected Information. You control how long we retain your Connected Information. You can delete it at any time using the tools available in the Service. Please note the provisions on suspension or termination of accounts in our Terms of Service.

Retention of Personal Information. When you sign up for an account with us, we’ll retain your Personal Information for as long as your account exists or as long as we need it to provide you the Services. If you delete your account, we’ll initiate deletion of your Personal Information. Please note: (1) there might be some latency in deleting this information from our servers and back-up storage; and (2) we may retain this information if necessary to comply with our legal obligations, resolve disputes, or enforce our agreements.

Use of Data from Google APIs. Our’s use and transfer to any other app of Personal Information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Your control over your information

Your data rights. In compliance with the GDPR, you have control over your personal data and how it’s collected, used, and shared. You can ask us to take the following actions related to your Personal Information that we have stored:

• Opt-out. Stop sending you direct marketing communications which you have previously consented to receive. We may continue to send you Service-related and other non-marketing communications.

• Access. Provide you with information about our processing of your Personal Information and give you access to your personal information.

• Correct. Update or correct inaccuracies in your Personal Information.

• Delete. Delete your Personal Information.

• *Transfer. *****Transfer a machine-readable copy of your Personal Information to you or a third party of your choice.

• Object. Depending on the processing activity, you can request that we stop or limit processing of your personal data.

You can submit these requests by email to hello@curiosity.ai. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.

Curiosity as controller or processor. For Connected Information, you are controller of your personal data and Curiosity is the data processor. For other Personal Information, Curiosity is the data controller and processor.

Tracking technologies. Cookies can be disabled, removed, and blocked by tools and settings available in most browsers. For more information, please see our section on Cookies.

Notices to special data subjects

Eligibility. If you are under the age of majority in your jurisdiction of residence, you may use the Services only with the consent of or under the supervision of your parent or legal guardian. Consistent with the requirements of the Children’s Online Privacy Protection Act (COPPA), if we learn that we have received any information directly from a child under age 13 without first receiving his or her parent’s verified consent, we will use that information only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use the Sites and subsequently we will delete that information.

Notice to California Residents. Under California Civil Code Section 1789.3, California users are entitled to the following consumer rights notice: California residents may reach the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs by mail at 1625 North Market Blvd., Sacramento, CA 95834, or by telephone at (916) 445-1254 or (800) 952-5210.

Notice to EU data subjects. For additional information on how we process data, please refer to our Data Processing Addendum.

Changes

Data transfer as part of a company deal. If we’re involved in a reorganization, merger, acquisition, or sale of our assets, your data may be transferred as part of that deal. We’ll notify you (for example, via a message to the email address associated with your account) of any such deal and outline your choices in that event.

Revisions. We may revise this Privacy Policy from time to time, and will post the most current version on our website. If a revision meaningfully reduces your rights, we will notify you.

Contact

If you have questions or concerns about Curiosity, our Services, or privacy, please contact us.

Email: hello@curiosity.ai Phone: +49 89 90421303 Postal address: Curiosity GmbH, Kaufingerstraße 15, 80331 Munich, Germany

Registration: HRB 239658 at the District Court of Munich. Officers: Dr. Leon Zucchini and Rafael Oliveira