This Privacy Policy explains how Perfect Orange Lda (“Perfect Orange”, “we”, “us”) collects, uses, shares, and protects personal data in connection with the Terminus AI platform and its modules (MailSense, DocCheck, and the AI Assistant) and this website. It is intended to comply with the EU General Data Protection Regulation (GDPR) and Portuguese data-protection law.
1. Who we are (Data Controller)
Perfect Orange Lda
Almaceda, Castelo Branco, Portugal
Privacy contact: hello@perfectorange.pt
We have not appointed a Data Protection Officer; privacy enquiries should be sent to the contact above.
2. Controller and processor roles
Our role depends on the data involved:
- We act as the data controller for account, authentication, billing, and platform-usage data described in Section 3.1, and for personal data collected through this website.
- We act as a data processor for the customer content you connect or upload to the platform — email data processed by MailSense, and documents processed by DocCheck (Section 3.2). For that content, the customer organization is the controller and is solely responsible for determining a lawful basis, providing required information to data subjects, and obtaining any necessary consent. This processing is carried out only on the customer’s documented instructions and is governed by our Terms of Service and, where applicable, a Data Processing Agreement (DPA).
Third-party and special-category data. Customer content may contain personal data of individuals who are not our users (for example, the senders and recipients of emails), and could contain special categories of data (Article 9 GDPR). The platform is not designed or intended to process special-category data, and the customer organization, as controller, is responsible for ensuring it has a lawful basis and, where the data was not obtained directly from the individual, for meeting the information obligations under Article 14 GDPR.
3. Data we collect
3.1 Account, billing & usage data (we are controller)
- Account data: name, business email address, profile photo, and a Firebase authentication identifier. Authentication is handled via Firebase; we do not receive or store your password.
- Organization data: organization name, membership, roles and permissions, terms-acceptance and last-login timestamps.
- Billing data: billing email, subscription tier and status, and Stripe customer/subscription identifiers. Card details are entered directly with Stripe and are not stored on our systems.
- Usage data: aggregate counters such as emails analysed, document extractions run, and AI tokens consumed, used for billing limits and to operate and improve the service.
- Technical data: server logs and security/audit logs (e.g. access times, connection/IP data) generated by our infrastructure for security and reliability.
3.2 Customer content (we are processor)
- MailSense: for mailboxes a customer connects for workflow analysis, we access email metadata (sender, recipient, subject, timestamp, reply status) and a short extract of the message body. This content is processed to generate workflow insights and is not used for any other purpose. We retain only what is necessary to provide the service: where message data is stored, it is kept transiently for processing, de-duplication, and report generation, and is minimised and deleted in line with Section 7. The resulting reports and analysis results are stored as described below.
- DocCheck: documents you upload (and the data extracted from them) are stored in Google Cloud Storage and our database to provide the extraction service.
- AI Assistant: the messages you send to the assistant and any system-prompt configuration set by the organization.
Provider credentials used to connect mailboxes (e.g. Microsoft/Google OAuth secrets) are encrypted at rest (AES-256-GCM). Connections to email providers use official OAuth; we do not receive or store mailbox passwords.
4. Purposes and legal bases (GDPR Art. 6)
- Providing the service (account management, MailSense, DocCheck, Assistant) — performance of a contract (Art. 6(1)(b)).
- Billing and subscription management — performance of a contract and legal obligation (Art. 6(1)(b), (c)).
- Security, fraud prevention, and improving and securing our services — legitimate interests (Art. 6(1)(f)). Our legitimate interest is to keep the platform secure, reliable, and functional; we balance this against your rights and you may object as described in Section 10.
- Processing of customer email and document content — carried out only on the documented instructions of the customer organization, which is responsible for the applicable legal basis (typically consent or its own legitimate interest, and consent of the relevant individuals where required).
5. AI processing and sub-processors
Some features send content to third-party AI models to generate summaries, insights, and extractions. We rely on the following sub-processors to operate the platform:
- Google Firebase Authentication — user authentication and identity.
- Google Cloud Platform — application hosting and, for DocCheck, document storage (Google Cloud Storage).
- MongoDB Atlas — primary database for platform and application data.
- Stripe — payment processing and subscription management.
- OpenRouter, OpenAI, and Anthropic — large language model providers used for email analysis, document extraction, and the AI Assistant.
- SendGrid — delivery of transactional and report emails.
- Microsoft (Microsoft Graph) and Google Workspace — accessed only to read mailbox data from accounts a customer has explicitly connected.
We engage these providers as sub-processors under data processing terms that, where required by the GDPR, restrict them to processing personal data on our instructions and prohibit using it for their own purposes. Where the option is available, we select AI providers and configurations intended not to use submitted content to train their models; however, we do not control and cannot guarantee the internal practices of every third-party provider. An up-to-date list of sub-processors is available on request.
6. Automated processing and decision-making
Terminus AI uses automated processing, including AI models, to generate summaries, insights, action items, and sentiment indications. These outputs are intended to support human decision-making. We do not use them to make decisions producing legal effects, or similarly significant effects, concerning individuals within the meaning of Article 22 GDPR. The customer organization remains responsible for any decisions it takes and must not use the outputs for individual performance evaluation, disciplinary action, or surveillance.
7. International data transfers
Our core infrastructure is hosted in the European Union (Belgium). Some sub-processors may process data outside the European Economic Area. Where this occurs, we rely on appropriate safeguards under the GDPR, such as the European Commission’s Standard Contractual Clauses or an adequacy decision. You may request information about these safeguards using the contact in Section 13.
8. Data retention
- Email content (MailSense): processed to generate insights and retained only as long as necessary for that processing and report generation; it is not kept for any other purpose.
- Analysis results and reports: retained for the duration of the service, and in any case no longer than 12 months or until the related account/mailbox is disconnected, whichever is earlier.
- DocCheck files and extractions: retained until you delete them or the related project, or until account closure.
- Account, organization, and billing data: retained for the duration of the service agreement and, where required, for legal, accounting, or tax obligations afterwards.
- Deletion on request: following account closure or a valid deletion request, personal data is deleted or anonymised within 30 days, unless a legal retention requirement applies or retention is necessary for the establishment, exercise, or defence of legal claims.
9. Security
We implement appropriate technical and organisational measures, including encryption in transit (TLS) and at rest, role-based access controls, encrypted storage of provider credentials, and logging. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. In the event of a personal data breach affecting your rights and freedoms, we will notify the competent supervisory authority and, where required, affected parties, in accordance with Articles 33–34 GDPR.
10. Your rights
Under the GDPR you have the right to:
- access your personal data (Art. 15);
- request rectification of inaccurate data (Art. 16);
- request erasure (Art. 17);
- restrict or object to processing (Art. 18, 21);
- data portability (Art. 20);
- withdraw consent at any time, without affecting prior lawful processing (Art. 7(3)).
To exercise these rights, contact us at hello@perfectorange.pt. We will respond without undue delay and within one month, which may be extended by up to two further months for complex or numerous requests, as permitted by Article 12(3) GDPR. Where your data was provided to us by your organization as part of customer content, we act as processor and will refer or forward your request to that organization as the controller.
11. Cookies and similar technologies
The platform uses authentication tokens and similar storage that are strictly necessary to keep you signed in and to maintain your session and organization context. This website may use strictly necessary cookies and, where applicable and with your consent, analytics cookies to understand usage. We do not use cookies for cross-site advertising or behavioural ad targeting.
12. Children
Terminus AI is a business product not directed at children and is not intended for use by anyone under 16 years of age. We do not knowingly collect personal data from children.
13. Changes to this policy
We may update this Privacy Policy from time to time. The current version is always available at this address, and the “Last updated” date will be revised. We will provide notice of material changes via the platform or by email where appropriate.
14. Contact and supervisory authority
For any privacy question or to exercise your rights, contact hello@perfectorange.pt. You also have the right to lodge a complaint with the Portuguese data protection authority, the Comissão Nacional de Proteção de Dados (CNPD), or with the supervisory authority of your habitual residence or place of work within the EU.
