Effective Date: 04/08/2026
This Privacy Policy describes how Signull Labs Inc. ("Company," "we," "us," or "our") collects, uses, retains, and shares personal data in connection with the Skye mobile application (the "App" or "Services").
BY USING THE APP, YOU CONSENT TO THE PRACTICES DESCRIBED HEREIN. You represent that you are at least 13 (16 in the EEA/UK/Switzerland).
We update this Policy with at least 30 days' notice for material changes.
Signull Labs Inc., 12 E 14th St. 3F, New York, NY 10003, USA. Web: signulllabs.com
We act as data controller for personal data described here, except where processing strictly on your behalf.
The following third-party service providers process data on our behalf:
| Provider | Purpose | Data Processed | Retention / Notes |
|---|---|---|---|
| Google Cloud Platform | Cloud infrastructure & hosting | All data categories | Controlled by us per Section 5 |
| Anthropic | AI model processing (text generation) | Connected service data, user context | Zero data retention. No model training. |
| ElevenLabs | AI voice generation (audio briefings) | Briefing text content | Zero data retention. No model training. |
| Plaid Inc. | Financial account connectivity | Financial account & transaction data | Independent retention per Plaid privacy policy. See Section 4.2. |
| Mixpanel | Product analytics | Anonymized usage data only | No PII transmitted |
| Sentry | Error tracking & monitoring | Crash logs, error reports, device info | Technical data only; no content data |
| Apple (App Store) | App distribution & payments | Account, download & payment info | Per Apple's privacy policy |
We will notify users via email or in-App notification at least 30 days before adding a new sub-processor that processes personal data in a materially different way. This table reflects all sub-processors as of the Effective Date.
When you connect services, we sync and temporarily store data per our retention schedule:
Calendar/email addresses, Apple location services (with permission), IP geolocation. Used for commute estimates, weather, nearby recs. Controllable via settings.
Processing data for personalized feed, briefings, automated actions, location features, notifications.
Anonymized analytics, debugging, performance monitoring.
Fraud prevention, legal compliance, Terms enforcement.
AI generates content and may auto-execute actions per your preferences. Not automated decision-making under GDPR Art. 22. All configurable.
We share data only as described in Table 1 (Section 1) and as follows:
All sub-processors in Table 1 are contractually bound to process data only as directed.
Special Disclosure: Plaid acts as both our processor and an independent service provider. Plaid retains data per its own privacy policy (https://plaid.com/legal/), governed by the Gramm-Leach-Bliley Act. Review before connecting financial accounts.
Gmail, Calendar, Spotify, etc. process data per their own policies.
We may disclose data for legal process, safety, and compliance. Where permitted, we'll notify you.
In mergers/acquisitions, data may transfer. This Policy continues unless you're notified otherwise.
We may create and share anonymized, aggregated data not subject to this Policy.
Skye's use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google Workspace data to develop, improve, or train generalized AI or ML models.
Data is retained per the schedule below. At expiration, PII is permanently deleted or irreversibly scrubbed.
| Data Category | Retention Period | Action |
|---|---|---|
| Calendar events | ~7 days after event end | Deleted |
| Messages (Slack) | ~7 days | Deleted |
| Location data | ~7 days | Deleted |
| Emails | ~14 days | Deleted |
| Financial transactions | ~30 days | Deleted |
| Financial accounts | ~30 days | Deleted |
| Account & profile | Duration of account | Deleted on closure |
The retention periods above may be extended where reasonably necessary for backups, disaster recovery, security logging, fraud prevention, dispute resolution, tax/accounting compliance, or legal holds. Where feasible, retained data will be isolated & access-restricted.
Account deletion within 48 hours. Legal holds may extend retention.
6.1 Connected Services: Disconnect, selectively connect, review permissions anytime.
6.2 Automated Actions: Configure confirmation requirements; disable entirely.
6.3 Location: Revoke permission; disable features in settings.
6.4 Communications: Opt-out of non-essential. Service-critical alerts remain active.
6.5 Analytics: Opt-out at privacy@signulllabs.com.
6.6 Account Deletion: Via settings. Export data first. Completes within 48 hours.
Industry-standard measures: encryption at rest and in transit, access controls, monitoring, contractual provider requirements. No system is perfectly secure.
Access (15), Rectification (16), Erasure (17), Restriction (18), Portability (20), Object (21), Withdraw Consent.
No Art. 22 decisions. All automated features configurable.
US processing via SCCs. Pursuing DPF certification.
EU: local DPA | UK: ICO | Swiss: FDPIC
[TO BE APPOINTED — GDPR Art. 27]
Know, Delete, Correct, Opt-Out, Limit Sensitive Use, Non-Discrimination.
We do not sell or share data. Contact: privacy@signulllabs.com. Response within 45 days.
Collected per Section 2. Disclosed to providers per Section 4 / Table 1. No sales.
We do not offer financial incentives for personal data.
Similar rights for VA, CO, CT, UT, TX, OR, MT, and others. Appeal: privacy@signulllabs.com ("Privacy Appeal").
Not directed to children under 13 (16 EEA/UK/CH). No knowing collection. Promptly deleted if discovered. Contact: privacy@signulllabs.com.
US processing. SCCs for EEA/UK/CH transfers. Pursuing DPF certification.
Native mobile app. No cookies, web beacons, browser tracking, cross-app tracking, or ad networks. DNT signals don't apply but we respect the principle.
Signull Labs Inc.
12 E 14th St. 3F, New York, NY 10003
Privacy: privacy@signulllabs.com
Legal: legal@signulllabs.com
EU/UK Representative: [TO BE APPOINTED]
Data Protection Officer: [TO BE APPOINTED IF REQUIRED]
Material changes: 30 days' notice. Continued use = acceptance.