JSTFYD

CORE FEATURES - INCLUDED

Data & Privacy

Customer Data

Your client, job, and company data is yours. Period. We take extensive measures to ensure your company's proprietary data—including job details, customer information, and internal notes—is treated with the highest level of confidentiality and security.

Our Promise to You:

  • Data Isolation: All customer data is logically separated and secured within our systems to prevent unauthorized access.
  • Confidentiality: We do not sell, rent, or share any of your specific job or client data with any third parties outside of providing the JSTFYD service (e.g., using a secure cloud service to host the data).
  • Security: We utilize industry-standard security protocols to protect your data from unauthorized access, alteration, or destruction.
  • Limited Access: Only authorized JSTFYD personnel, strictly on a need-to-know basis (for troubleshooting or support), have access to your data. All access is logged and monitored.
  • Control and Deletion: Should you choose to terminate your service with JSTFYD, we will securely delete your data upon your request, following a standard retention period designed to help with any potential account reactivation or legal requirements.

Website Usage

When you visit our marketing website, we collect standard information to help us improve the site experience and understand how people interact with our content.

What We Collect:

  • Analytics Data: We use tools (like Google Analytics) to collect non-personally identifiable information such as your IP address (which is anonymized), browser type, pages visited, time spent on our site, and referral sources.
  • Cookies: We use small text files called cookies to enhance your experience. These are used for necessary functions (like keeping you logged in) and for gathering the aforementioned analytics data. You can manage or disable cookies through your browser settings, though this may affect the functionality of some parts of our website.

Our Promise to You:

Improvement Only: This data is used exclusively to analyze trends, administer the site, track user movements, and gather broad demographic information for internal use. It is never linked back to you personally for the purpose of selling or sharing your information.

Newsletter and Communication

We use email to keep you informed about JSTFYD product updates, new features, and relevant industry news.

What We Collect:

Email Address: We collect the email address you explicitly provide when signing up for our newsletter or requesting a demo. We may also track open and click-through rates to help us send more relevant content.

Our Promise to You:

  • Clear Choice: We will only send you the newsletter if you have explicitly opted-in.
  • Easy Opt-Out: Every single marketing email we send includes a clear, one-click unsubscribe link at the bottom. You can opt-out of our marketing communications at any time. Unsubscribing from the newsletter will not affect crucial operational emails regarding your account or service.

Email Integration (Gmail & Outlook)

JSTFYD offers optional email integrations with Gmail and Microsoft Outlook to help you manage project-related communications directly within the platform. These integrations require your explicit authorization via OAuth and are entirely optional.

What We Access:

  • Email Messages: We access email messages and metadata (subject, sender, recipients, date) solely to display them within your JSTFYD inbox and associate them with your projects.
  • Send on Your Behalf: With your permission, we can send emails from your connected account so you can communicate with clients directly from JSTFYD.
  • Contacts (Limited): We may access basic contact information to auto-complete recipient fields when composing emails.

How We Use This Data:

  • Display Only: Email data is used exclusively to display your messages within the JSTFYD interface and to send emails you explicitly compose.
  • No Training: We do not use your email content to train AI models, build advertising profiles, or for any purpose other than providing the JSTFYD service.
  • No Sharing: Your email data is never sold, rented, or shared with third parties. It is only processed by the infrastructure services required to operate JSTFYD (see Third-Party Services below).
  • Mutual Exclusivity: You may connect either Gmail or Outlook, but not both simultaneously. Connecting a new provider will replace the previous integration.

Token Storage & Security:

  • Encrypted Storage: OAuth access tokens and refresh tokens are encrypted using AES-256 encryption before being stored in our database.
  • Minimal Scopes: We request only the minimum OAuth scopes necessary to provide the integration features.
  • Token Refresh: Access tokens are automatically refreshed as needed. If a refresh fails, you will be prompted to re-authorize.

Disconnecting:

You can disconnect your email integration at any time from your JSTFYD account settings. Upon disconnection, we immediately revoke the OAuth tokens and delete all stored tokens from our database. You can also revoke access directly from your Google Account permissions or Microsoft Account permissions page.

Third-Party Services

We use the following third-party services to operate JSTFYD. Each service only receives the minimum data necessary to fulfill its function:

  • Amazon Web Services (AWS): Cloud infrastructure, database hosting, file storage, and authentication. Your data is stored in AWS data centers in the United States.
  • Stripe: Payment processing and subscription management. Stripe receives your billing information (name, email, payment method) but JSTFYD never stores your full credit card number.
  • OpenAI: Powers our AI chat and regulatory document analysis features. Document queries and chat messages are sent to OpenAI for processing. OpenAI does not use data submitted via our API to train their models.
  • Pinecone: Vector database for storing document embeddings used in regulatory document search. Contains processed document chunks, not raw personal data.
  • Google (Gmail Integration): If you connect your Gmail account, Google processes OAuth authentication and provides email access. Governed by Google's Privacy Policy.
  • Microsoft (Outlook Integration): If you connect your Outlook account, Microsoft processes OAuth authentication and provides email access. Governed by Microsoft's Privacy Statement.

Data Storage & Security

We take the security of your data seriously and employ multiple layers of protection:

  • Encryption at Rest: All data stored in our database and file storage is encrypted at rest using AES-256 encryption.
  • Encryption in Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher.
  • Data Isolation: Each organization's data is logically isolated using row-level security policies, ensuring that users can only access data belonging to their own organization.
  • Invite-Only Access: JSTFYD is an invite-only platform. There is no public registration. Users can only access the platform after being invited by an organization administrator.
  • Secure Authentication: We use AWS Cognito for authentication, providing industry-standard security including secure password hashing and session management.

Your Rights

You have the following rights regarding your personal data:

  • Access: You may request a copy of the personal data we hold about you by contacting us at info@jstfyd.com.
  • Deletion: You may request deletion of your account and all associated data. We will process your request within 30 days, subject to any legal retention requirements.
  • Data Portability: You may request an export of your data in a machine-readable format.
  • Revoke Integrations: You can disconnect any email integration at any time from your account settings, immediately revoking our access to your email data.
  • Correction: You may request correction of any inaccurate personal data we hold about you.

To exercise any of these rights, please contact us at info@jstfyd.com.

Have Questions? We're Happy to Help!

We believe in transparency. If you have any questions about our data practices, the security of your information, or anything else related to this policy, please don't hesitate to reach out.

You can email our team directly at: info@jstfyd.com

Effective Date: February 23, 2026

Last Updated: February 23, 2026