Privacy Policy

Effective Date: July 12, 2025
Last Updated: June 12, 2024

Privacy Policy

Humalytix, Inc. ("Ninety", "us", "we" or "our") is committed to respecting your privacy and complying with applicable data protection and privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). This Privacy Policy describes how we collect, use, disclose, and protect your information and your rights under applicable law.

You should read this Privacy Policy in conjunction with our Terms and Conditions. By using our services, you consent to the practices described below.

1. Information We Collect

We collect information in the following ways:

Information You Provide

When you sign up, create an account, are invited to join Ninety, or interact with our services, we collect personal and company information, including:

  • Name

  • Email address

  • Phone number

  • Organization affiliation

  • Billing address (via third-party processor)

Users may also input personal information for other team members. Consent should be obtained before entering information for others.

Billing Information

Billing and credit card details are collected and stored by our third-party payment processors (Stripe). We do not store any payment information. Refer to their respective privacy policies:

Information Collected Automatically

We collect certain data automatically, including:

  • IP address

  • Cookies and similar tracking technologies

  • Browser type and device information

  • Pages visited and referring URL

  • Usage data within our platform

We use tools like Google Analytics, FullStory, and Intercom to analyze how users interact with the platform.

Categories of Personal Information Collected (CCPA/CPRA)

  • Identifiers (e.g., name, email, IP address)

  • Internet or network activity

  • Geolocation data (limited to city/region)

  • Professional or employment-related info

  • Inferences from usage

We do not knowingly collect sensitive personal information such as health data, biometric data, or precise geolocation.

2. Legal Bases for Processing (GDPR)

We rely on the following legal bases for processing your personal data:

  • Consent: For email marketing and cookies.

  • Contractual necessity: To provide access to our services.

  • Legitimate interests: For analytics, support, product development.

  • Legal obligation: When required to comply with laws.

3. How We Use Your Information

We use your information to:

  • Provide and improve our services

  • Manage your account and billing

  • Send administrative and support communications

  • Send promotional messages (with opt-out option)

  • Comply with legal obligations

  • Analyze usage and enhance our software

4. Sharing Your Information

We do not sell personal information. We only share your information with third-party Service Providers who assist us in delivering the services, including, but not limited to:

  • AWS

  • Stripe 

  • HubSpot

  • Intercom

  • Google (subject to Google API Services User Data Policy)

  • Atlassian – Jira

  • Gainsight

  • PartnerStack

  • FullStory

  • Microsoft

  • OKTA

  • Netlify

  • PubNub

  • MongoDB

  • Twilio/Segment

  • OneSchema

  • Typeform

  • Zapier

We use a variety of trusted third-party providers for services such as hosting, analytics and customer support. You may request a current list at security@ninety.io.

Service Providers are contractually bound to keep your information secure and use it only to provide services on our behalf.

We may also use or disclose anonymized or aggregated data for internal use or industry research.

Third Party Integrations

Our platform may allow you to voluntarily connect or integrate with third-party services, such as [e.g., Asana, ClickUp]. These integrations are provided for your convenience and may involve the sharing of certain personal data with such third parties.

Please note that when you enable such integrations, your data will be governed by the terms and privacy policies of the respective third-party provider. We do not control and are not responsible for the privacy practices of these third parties. We recommend reviewing their privacy policies before enabling any integration.

5. Your Rights and Choices

Under GDPR (EU Residents)

You have the following rights:

  • Right of access

  • Right to rectification

  • Right to erasure ("right to be forgotten")

  • Right to restrict processing

  • Right to object

  • Right to data portability

  • Right not to be subject to automated decision-making

To exercise these rights, contact: security@ninety.io

Under CCPA/CPRA (California Residents)

You have the right to:

  • Know what personal information we collect and why

  • Access and request a copy of your data

  • Request deletion of your personal information

  • Opt out of sale or sharing of personal data (we do not sell or share)

  • Correct inaccurate personal data

  • Limit use of sensitive personal information (not applicable to us)

To exercise these rights, email: helpful@ninety.io. We will verify your identity before responding to requests.

Email Preferences

You can opt out of promotional emails at any time via the unsubscribe link. Transactional emails (e.g., billing, security alerts) cannot be opted out of.

Cookies

You may manage cookie settings through your browser or by disabling them in our cookie banner.

6. International Data Transfers

If you are located outside of the United States, your information may be transferred to and processed in the U.S. We rely on Standard Contractual Clauses (SCCs) to provide adequate safeguards for international transfers.

For questions, contact: security@ninety.io

7. Data Retention

We retain your personal data as long as necessary to provide services and comply with legal obligations. When no longer needed, data is securely deleted or anonymized.

8. Minors

Our services are not intended for children under 18. We do not knowingly collect personal data from minors. If we discover that a minor has submitted data, we will promptly delete it.

9. Use of Artificial Intelligence (AI)

Ninety may use artificial intelligence (AI) and machine learning technologies to enhance certain features of our platform. These AI-enabled features may include, but are not limited to, generating insights, assisting with meeting summaries, surfacing recommendations, and providing productivity suggestions.

We do not use your personal data to train our internal AI models. Where we use third-party AI services (e.g., OpenAI, Google Cloud AI), we only transmit data necessary to provide the feature and rely on providers that contractually restrict the use of such data for service provision only. For more information on our service providers, see Section 4 above.

Ninety does not engage in fully automated decision-making that produces legal or similarly significant effects as defined under GDPR. AI-driven outputs are always intended to support—not replace—human decision-making within your organization.

If you wish to opt out of specific AI-powered features, or have questions about how AI is used within the platform, please contact us at helpful@ninety.io or security@ninety.io.

10. Changes to this Privacy Policy

We may update this policy from time to time. Material changes will be emailed to you and posted on our website. Continued use of our services indicates acceptance of any updates.

11. Contact Us

If you have questions about this Privacy Policy or your data rights, please contact us at:

Humalytix Inc.
Email: helpful@ninety.io
GDPR/Data Protection: security@ninety.io