Privacy Policy
Last updated: May 2026
1. What We Collect
MyCoordinated AI collects your email address and basic profile information (name) for authentication and account management. We do not access your calendar, email inbox, or directory data.
2. Uploaded Documents
Documents you upload are stored securely in your private account folder. Files are isolated per user — no other user can access your documents. As the service operator, we may access stored files where required for technical support, security investigation, or legal compliance. Uploaded content is never used to train AI models.
3. How Your Data Is Processed
When you send a message or upload a document, the content is processed by third-party AI providers to generate responses. Our current sub-processors include:
- Supabase / AWS — secure file storage and database (AES-256 encryption at rest, TLS in transit)
- Vercel — application hosting and content delivery
- OpenAI — AI language model processing
- Anthropic — AI language model processing
- Cohere — AI language model processing
- Stripe — billing and payment processing (processes name, email, and payment data)
- Resend — transactional email delivery (processes name and email)
These providers process data solely to deliver the service and are bound by their own data protection policies.
4. Cookies
We use a small number of cookies on the marketing site (mycoordinated.com):
- Essential — a single local-storage entry that remembers your cookie consent choice. No analytics or tracking cookies are set without your explicit consent.
- Analytics (optional) — when you accept, we use Google Analytics to measure aggregate site performance (page views, referrers, broad device categories). No analytics cookies are set if you decline or have not responded to the consent banner.
You can change your choice at any time by clearing this site's data in your browser and re-loading the page; the consent banner will re-appear. The application itself (the authenticated product) uses only the session cookies required to keep you signed in.
5. Data Retention
Your files and chat history are retained for as long as your account is active. You may request deletion of your data at any time by contacting support@mycoordinated.com. Account closure results in deletion of all associated data within 30 days.
6. No Third-Party Sharing
We do not sell, rent, or share your data with any third parties beyond the sub-processors listed above. We may disclose data if required by law or to protect the rights and safety of our users.
7. Your Rights
You have the right to access, correct, or delete your personal data at any time. To make a request, contact support@mycoordinated.com.
8. Contact
GDPR Addendum
Applicable to users in the European Economic Area
9. Data Controller
MyCoordinated AI is the data controller for personal data processed through this service. Registered in the Republic of Latvia.
Contact: support@mycoordinated.com
10. Legal Basis for Processing
We process your personal data on the following legal grounds under GDPR Article 6:
- Contract performance — processing your email and account data is necessary to provide the service you signed up for
- Legitimate interests — processing uploaded documents to deliver AI responses, maintaining security, and preventing abuse
- Consent — optional analytics cookies on the marketing site are set only after you give explicit consent via the cookie banner
- Legal obligation — where required by Latvian or EU law
11. Children's Privacy
MyCoordinated AI is not intended for use by persons under the age of 16. We do not knowingly collect personal data from children under 16. If you believe that a child under 16 has provided us with personal data, please contact support@mycoordinated.com and we will delete the information promptly.
12. International Data Transfers
Some of our sub-processors (OpenAI, Anthropic, Cohere, Vercel) are based in the United States. Data transferred outside the European Economic Area (EEA) is protected under Standard Contractual Clauses (SCCs) approved by the European Commission, as required by GDPR Chapter V.
13. Your Rights Under GDPR
As an EU resident you have the following rights:
- Access — request a copy of the personal data we hold about you
- Rectification — request correction of inaccurate data
- Erasure — request deletion of your data ("right to be forgotten")
- Portability — receive your data in a machine-readable format
- Restriction — request that we limit how we process your data
- Objection — object to processing based on legitimate interests
- Withdraw consent — where processing is based on consent, withdraw it at any time
To exercise any of these rights, contact support@mycoordinated.com. We will respond within 30 days.
14. Data Breach Notification
In the event of a personal data breach, we will notify the Latvian Data State Inspectorate (Datu valsts inspekcija) within 72 hours as required by GDPR Article 33. Affected users will be notified without undue delay where the breach is likely to result in high risk to their rights.
15. Supervisory Authority
You have the right to lodge a complaint with the Latvian supervisory authority:
Datu valsts inspekcija (Data State Inspectorate)
Address: Blaumaņa iela 11/13-15, Riga, LV-1011, Latvia
Website: www.dvi.gov.lv
Email: info@dvi.gov.lv