Privacy
Privacy Policy
Shmuel is operated by PRYSM AI TECHNOLOGIES LTD. This policy explains how we collect, use, disclose, and retain personal data when someone requests access to the product or uses the operator workflows inside it.
What we collect
- Name and email address submitted during sign up, sign in, or recovery.
- One-time verification code records, delivery state, verification status, and related account timestamps.
- Session records and the cookie needed to keep an operator signed in.
- Workspace, message, attachment, task, and audit-trail data entered into Shmuel or processed through connected workflows.
- Limited service, troubleshooting, and security logs created while operating the product.
Why we process personal data
- To verify operator identity, send email codes, open sessions, and control access to the product.
- To onboard a workspace, connect the first workflow, run operational tasks, and surface exceptions for human review.
- To maintain records, prevent misuse, investigate incidents, and keep the service secure.
- To comply with legal obligations and respond to legitimate requests.
Where applicable, we rely on the steps you ask us to take in order to provide access to the service, our legitimate interests in operating and securing the product, and legal obligations that apply to us.
How data may be shared
- With email-delivery, hosting, infrastructure, and security providers used to operate Shmuel.
- With integrated messaging or workflow services where required to run the connected operator flow.
- With professional advisers, counterparties, or public authorities where disclosure is reasonably necessary or legally required.
Retention
- Email verification codes expire after ten minutes.
- Operator sessions currently expire after thirty days unless ended sooner.
- Account, workspace, and workflow records may be retained while the workspace is active and afterward as reasonably needed for security, audit, troubleshooting, dispute resolution, or legal compliance.
Your rights
Subject to Nigerian data protection law, you may request to be informed, access, correct, delete, restrict, port, or object in relation to personal data we hold about you. You may also complain to the Nigeria Data Protection Commission and ask not to be subject to a solely automated decision with significant effects.
International processing and contact
Some providers we rely on may process data outside Nigeria. Where that happens, we use contractual, technical, or operational safeguards that fit the service we are using.
For privacy requests or questions, email osasisorae@gmail.com.