Privacy Policy

Last updated: June 19, 2026

1. Information We Collect

When you use Sistemas10x, we collect information you provide directly, including your name, email address, business name, and account credentials. We also collect data from third-party integrations you connect, such as WhatsApp messages, Instagram messages and comments, and Google Calendar appointment data.

2. How We Use Your Information

We use collected information to provide and improve our AI appointment-setting service, process conversations through our AI engine, schedule appointments on your behalf, send automated responses to your leads, and manage your account and billing.

3. Third-Party Services

Sistemas10x integrates with the following third-party services:

  • Meta (WhatsApp & Instagram) — for receiving and sending messages
  • Vercel — for application hosting and infrastructure
  • Supabase — for secure data storage and authentication
  • Anthropic (Claude AI) — for AI-powered conversation processing
  • Google Calendar — for appointment scheduling and calendar event creation
  • Zoom — for creating and managing video meetings on behalf of connected users. We only access meeting creation/update/delete APIs and the user's email address to display which Zoom account is linked. We do not access recordings, participant lists, or meeting content
  • Stripe — for payment processing

Each service has its own privacy policy governing their handling of data.

4. Google Calendar Data & Limited Use

When you connect your Google Calendar, we request only the OAuth scopes required to operate the booking and scheduling features you enable, and we use that data solely for those features:

  • .../auth/calendar.events — create a calendar event when a lead books a meeting on your booking page, update it when the meeting is rescheduled, delete it when it is cancelled, and read your upcoming events to display your agenda inside the app and keep it in sync with our CRM. We only access events our application creates or manages on your behalf.
  • .../auth/calendar.freebusy — read your busy/free time blocks so your public booking page only offers time slots when you are actually available.
  • .../auth/userinfo.email — identify and display which Google account you connected.

We store only your Google email address and the OAuth access and refresh tokens, under row-level security scoped to your workspace. We do not read, store, or share the contents of calendar events our application did not create. Disconnecting the integration immediately revokes and deletes the stored tokens.

Limited Use. Sistemas10x's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data for advertising, do not sell it, and do not use it to train generalized AI or machine-learning models.

5. Data Storage & Security

Your data is stored securely using Supabase with row-level security policies ensuring workspace isolation. We use encryption in transit (TLS) and implement access controls to protect your information.

6. Data Retention

We retain your data for as long as your account is active. You may request deletion of your account and associated data at any time by contacting us. Upon account deletion, your data will be removed within 30 days.

7. Your Rights

You have the right to access, update, or delete your personal data. You may also request a copy of the data we hold about you. To exercise these rights, contact us at privacy@sistemas10x.com.

8. Contact

For privacy-related inquiries, contact us at privacy@sistemas10x.com.