Back to app

Privacy Policy

Version 2.0 · Last updated April 14, 2026

Version History
VerDateChanges
1.0Dec 12, 2025Initial privacy policy for closed beta
1.1Dec 30, 2025License system, file access details
1.2Feb 4, 2026Public release, removed beta references
1.3Mar 6, 2026Added Ask AI feature, Anthropic as data processor
2.0Apr 14, 2026Expanded to cover web application, email integration, AI assistant, retention sequences, and universal user rights
I.Overview

Introduction

I.a

Jetti Sheets ("Jetti," "we," "us," "our") is a customer retention analytics platform available as a web application (jetti.sh) and a Google Sheets add-on. We help businesses understand customer behavior, identify retention risks, and take action.

This Privacy Policy explains how we collect, use, store, and protect your information.

II.Data Collection & Use

Information We Collect

II.a

Account information — When you sign in, we receive your email address, display name, and profile photo from Google. You may also provide a company name, role, business description, custom avatar, and preferences.

Data you upload — CSV files containing your business's customer and transaction data. This typically includes customer identifiers, transaction dates, revenue amounts, and business-specific fields. This is your data — we process it solely to provide the Service.

Data you create — Notes, email drafts, outreach records, contacts, data maps, AI assistant conversations, and activity history.

Connected services — If you connect your email, we access threads related to your retention outreach, calendar events, and open/reply tracking on emails you send through the Service. We do not scan your entire inbox.

Automatic data — Usage analytics (page views, feature usage), performance data (load times, API latency), error reports (stack traces, diagnostics), and device information (browser, OS, screen size).

How We Use Your Information

II.b

We use your information to:

  • Provide the Service — process uploads, generate analytics, power the action plan, enable email features
  • Authenticate you — verify your identity and subscription status
  • Power AI features — generate retention advice and email drafts using anonymized data
  • Track your outreach — show engagement status on emails you send
  • Improve the Service — analyze aggregate usage patterns, fix bugs, improve performance
  • Process payments — manage your subscription through our billing provider

We do not send marketing emails.

AI Features and Your Privacy

II.c

Your core analytics don't use AI. Retention scores, cohort tables, revenue waterfalls, and risk flags are all computed by deterministic statistical models running on your data. No customer data is sent to any third party for these features.

AI is used only for communication assistance — drafting emails, explaining data in plain language, and answering questions through the assistant. Here's how we protect your data when AI is involved:

What we send: Anonymized customer data — names are replaced with codes like "Member-A" and "Member-B" before anything leaves our servers. The AI also receives aggregate metrics (revenue patterns, risk scores) and your business context.

What we do NOT send: Raw customer records with real names or emails, your account credentials, or data from files you haven't analyzed.

What happens on the other end: Anthropic (our AI provider) does not use API data to train its models, does not sell or share it, and deletes it per their retention policy.

AI features only activate when you use them. All AI-drafted emails are presented for your review before sending — nothing is sent automatically.

III.Sharing & Storage

Who We Share Data With

III.a

We share data only with service providers necessary to operate the platform:

  • Cloud infrastructure — hosting, storage, compute, encryption (all data)
  • AI provider — anonymized customer context and conversations
  • Email provider — your email grant, messages you access, calendar events
  • Billing provider — email address and account identifier
  • Analytics — anonymized usage data
  • Error monitoring — error reports and session diagnostics

We do not sell your data, share it with advertisers or data brokers, use it for marketing, or allow third parties to use it for model training.

We may disclose data if required by a valid court order or government investigation. We will notify you if legally permitted.

Data Storage and Retention

III.b

All data is stored on cloud infrastructure in the United States. Data is encrypted at rest and in transit.

  • Account data — retained until you delete your account
  • Uploaded files — stored in your account until you delete them
  • Analysis cache — automatically deleted after 24 hours
  • Notes, drafts, outreach — retained until you delete them
  • Error logs — 90 days

Some operations process data in server memory only — no copy is written to disk.

Data Deletion

III.c

You can delete your data in several ways:

  • Within the app — delete individual items or reset all pipeline data
  • Disconnect email — revoke email access from account settings
  • Google Sheets add-on — revoke access at myaccount.google.com/permissions
  • Full account deletion — email support@jettisheets.com; we will delete all your data within 30 days
IV.Security & Compliance

Data Security

IV.a

We implement multiple layers of security:

  • Encryption — all data encrypted in transit (TLS/HTTPS) and at rest
  • Authentication — every API request is authenticated; no anonymous access
  • User isolation — your data is scoped to your account and inaccessible to other users
  • Input validation — all inputs are validated and sanitized
  • Secret management — credentials stored in dedicated secret management, not in code
  • Content security — strict browser security policies prevent cross-site attacks
  • Webhook verification — inbound webhooks are cryptographically verified

In the event of a data breach, we will investigate promptly and notify affected users.

Cookies and Local Storage

IV.b

Cookies: Authentication session (managed by Firebase — not a tracking cookie) and CSRF protection during email account connection (10-minute expiry, deleted after use).

Local storage: UI preferences only (sound, theme, display settings). No personal data.

We do not use advertising cookies, marketing trackers, or cross-site tracking.

V.Your Rights

Your Rights

V.a

Regardless of where you're located, we honor these rights for all users:

  • Access — see what data we have about you
  • Delete — remove your data (see Data Deletion section)
  • Correct — update inaccurate information in your profile
  • Export — request a copy of your data
  • Object — stop using the Service at any time
  • Withdraw consent — disconnect optional integrations like email and AI features

To exercise any of these, email support@jettisheets.com. We respond within 30 days.

We do not sell your personal information. We do not share it with advertisers. We do not use it for purposes beyond providing the Service. Your data is stored and processed in the United States.

Children's Privacy

V.b

The Service is not intended for users under 18 years old. We do not knowingly collect data from children. If you believe a child has used the Service, contact support@jettisheets.com and we will delete their data promptly.

Changes to This Policy

V.c

We may update this policy to reflect new features, legal requirements, or security improvements. For material changes, we will send email notification with at least 30 days notice. Continued use after changes take effect constitutes acceptance.

Contact

V.d

For privacy questions or data requests:

Email: support@jettisheets.com
Website: jettisheets.com
Response time: Within 7 business days

Jetti, LLC — Los Angeles, CA, United States