Privacy Policy

Effective Date: April 11, 2026

Simple4u ("we," "our," or "us"), a product of Very Simple Solutions, operates the AI platform available at simple4uhq.com. This Privacy Policy explains how we collect, use, store, and protect your information when you use our AI SaaS platform, which provides AI employees including marketing analysts, project managers, and executive assistants.

We are committed to transparency and to protecting your data. Please read this policy carefully. By using our services, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

Account and Contact Information

When you sign up for Simple4u, we collect information necessary to set up and manage your account:

Full name and business name
Email address
Telegram username or contact details (used for platform communication)
Billing and payment information (processed securely through Stripe)

Data from Connected Services

With your explicit authorization via OAuth2, our AI employees may access data from third-party services you choose to connect. These may include:

Google Analytics — website traffic and performance metrics
Google Search Console — search performance and indexing data
Google Ads — advertising campaign data
Gmail — email content for AI assistant tasks you authorize
Google Calendar — scheduling and event information
Google Drive — documents and files you grant access to
Jira — project management tasks and workflows
Slack — team messages and channels you designate
PageSpeed API — website performance data

You control which services are connected and can revoke access at any time through the respective service's account settings or by contacting us.

Usage Data

We collect basic usage data to operate and improve our platform, including:

AI employee interaction logs (prompts and responses)
Feature usage patterns
Error logs and system performance data

2. How We Use Your Information

We use the information we collect to:

Provide, operate, and maintain our AI employee services
Execute tasks you assign to your AI employees (marketing analysis, project management, executive assistance)
Process payments and manage your subscription
Communicate with you about your account and platform updates via Telegram or email
Diagnose technical issues and improve platform reliability
Ensure security and prevent unauthorized access to your data
Comply with legal obligations

We do not use your data to train AI models. Data processed through the Anthropic Claude API is subject to Anthropic's API data usage policies, which do not use API inputs or outputs for model training.

3. Data Storage and Security

Client data isolation is a core architectural principle at Simple4u. Each client's data is hosted on a dedicated virtual private server (VPS). Your data is never stored on shared infrastructure and is never commingled with any other client's data.

Dedicated, Isolated Infrastructure

Unlike many SaaS platforms that use shared databases, Simple4u provisions a dedicated server environment for each client. This means:

Your data resides on a VPS dedicated solely to your account
No other client can access or view your information under any circumstances
Your data environment is fully isolated at the infrastructure level

Security Measures

We implement industry-standard security practices, including:

Encryption in transit (TLS/SSL) for all data transfers
Encryption at rest for stored data
OAuth2 for secure authentication with third-party services — we never store your Google, Jira, or Slack passwords
Regular security updates and patching of server infrastructure
Access controls limiting personnel access to client environments

We maintain administrative, technical, and physical safeguards consistent with the NY SHIELD Act.

Data Retention

We retain your data for as long as your account is active and as needed to provide our services. Upon account termination, we will delete your data from our servers within 30 days unless retention is required by law. You may request earlier deletion by contacting us.

4. Third-Party Services

Our platform integrates with the following third-party services to deliver AI employee functionality. Each service has its own privacy policy governing its handling of your data:

Anthropic (Claude API)

We use the Anthropic Claude API to power the AI reasoning capabilities of our AI employees. Data sent to the API for processing is handled according to Anthropic's Privacy Policy. Under Anthropic's API terms, inputs and outputs are not used to train their models.

Google Services

We connect to Google APIs (Analytics, Search Console, Ads, Gmail, Calendar, Drive) via OAuth2. We request only the permissions necessary for the tasks you assign. You can review and revoke permissions at any time through your Google Account settings. Our use of Google user data complies with the Google API Services User Data Policy, including the Limited Use requirements.

Stripe

Payment processing is handled by Stripe. We do not store your full credit card number or payment credentials on our servers. Stripe's handling of your payment data is governed by the Stripe Privacy Policy.

We use Telegram as a primary communication channel with clients. Messages exchanged via Telegram are subject to Telegram's Privacy Policy.

We do not share, sell, rent, or trade your data with other clients or any third parties for marketing purposes.

Your data is strictly siloed. We may disclose information only in the following limited circumstances:

Service delivery — Data is sent to third-party APIs listed in Section 4 solely to perform the tasks you request of your AI employees.
Legal compliance — We may disclose information if required by law, subpoena, court order, or governmental regulation.
Safety and security — We may share information if we believe it is necessary to prevent fraud, protect the safety of any person, or address security vulnerabilities.
Business transfers — In the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify you before your data becomes subject to a different privacy policy.

Under no circumstances is data from one client's environment accessible to or shared with another client. Each client operates in a fully isolated infrastructure.

6. Your Rights

Under the General Data Protection Regulation (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the right to:

Access — Request a copy of the personal data we hold about you
Rectification — Request correction of inaccurate or incomplete personal data
Erasure — Request deletion of your personal data ("right to be forgotten")
Restriction — Request that we restrict processing of your personal data
Portability — Request a copy of your data in a structured, machine-readable format
Objection — Object to processing of your personal data
Withdraw consent — Withdraw consent at any time where processing is based on consent

If you are located in the EEA and believe we process your data, contact us to discuss EU representative designation.

Under the California Consumer Privacy Act (CCPA)

If you are a California resident, you have the right to:

Know — Request disclosure of the categories and specific pieces of personal information we have collected
Delete — Request deletion of your personal information
Correct — Request correction of inaccurate personal information
Opt-out — Opt out of the sale of personal information (we do not sell personal information)
Non-discrimination — Not be discriminated against for exercising your privacy rights

Categories of Personal Information Collected (CCPA Disclosure)

We collect the following categories of personal information for the purposes described: Identifiers (name, email, Telegram username) for account management and service delivery; Commercial information (subscription and payment records) for billing; Internet or electronic network activity (usage logs, interaction data) for platform operation and improvement; Professional or employment-related information (business name, role) for onboarding. We do not sell any category of personal information.

California Privacy Choices

If you are a California resident, you have the right to opt out of the sale or sharing of your personal information under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

Simple4u does not sell your personal information. We also do not share personal information for cross-context behavioral advertising. The website analytics data we collect through Google Analytics 4 is used solely to understand site traffic and improve our services, and is not combined with data from other sources to build profiles about you.

To exercise your California privacy rights — including requests to know, delete, correct, or opt out — contact us at nests@simple4uhq.com with the subject line “California Privacy Request”. We will verify your request and respond within 45 days.

You can also opt out of Google Analytics tracking site-wide using the official Google Analytics Opt-out Browser Add-on, or disable third-party cookies in your browser settings.

To exercise any of these rights, contact us at nests@simple4uhq.com. We will respond to verified requests within 30 days (GDPR) or 45 days (CCPA).

7. Cookie Policy

Our website uses two categories of cookies:

Essential cookies — required for core site and platform functionality (session management, authentication, security). These cannot be disabled.
Analytics and advertising cookies — we use Google Analytics 4 (GA4) and Google Ads conversion tracking to understand site traffic patterns, measure marketing campaign effectiveness, and improve user experience.

Specifically, we use Google Analytics 4 to measure visitor counts and referral sources, understand which content engages visitors, and improve site performance. We use Google Ads conversion tracking to measure the effectiveness of our paid search campaigns and optimize our advertising spend. Consistent with the California Consumer Privacy Act, we do not sell your personal information to third parties and we do not use cookies for cross-site behavioral advertising profiles beyond measuring ad effectiveness.

How to opt out: You can opt out of analytics tracking at any time by installing the official Google Analytics Opt-out Browser Add-on, disabling third-party cookies in your browser, or using a browser tracking-prevention feature (Safari ITP, Firefox ETP, Brave Shields, uBlock Origin). California residents should also see California Privacy Choices above for additional rights.

Our cookie notice on the homepage is informational and does not require your affirmative consent before cookies are set, consistent with applicable U.S. privacy laws including CCPA, CPRA, CalOPPA, VCDPA (Virginia), CPA (Colorado), CTDPA (Connecticut), and UCPA (Utah), which use an opt-out rather than opt-in framework. If you access our site from the European Economic Area or United Kingdom, please see Section 6 for your GDPR rights.

8. Google API Services User Data Policy — Limited Use

Simple4u's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

We use Google user data only to provide user-facing features within your Simple4u workspace (e.g., reading Gmail for your AI Executive Assistant, reading Google Analytics for your AI Marketing Analyst, reading Google Ads for campaign reporting).
We do not transfer Google user data to third parties except as necessary to provide or improve the specific features that you've requested, or to comply with applicable law.
We do not use Google user data for serving advertisements.
We do not allow humans to read Google user data unless (a) we have your affirmative agreement for specific data points, (b) it is necessary for security purposes (e.g., investigating abuse), or (c) we are required to do so by law.

OAuth scopes Simple4u requests (per product):

Personal Ops: gmail.readonly, gmail.send, calendar, drive.readonly
Marketing Ops: analytics.readonly, webmasters.readonly, adwords (Google Ads read-only), pagespeedonline
Team Ops: no Google user data scopes (integrates Jira, Slack, GitHub only)

All Google user data is stored exclusively on your dedicated workspace (per-client isolation). No cross-customer aggregation. No data sold or rented to third parties.

9. Data Processing Agreement

For clients who require a formal Data Processing Agreement (DPA) in accordance with GDPR Article 28 or other applicable regulations, we provide a DPA upon request.

Our DPA covers the nature and purpose of processing, the types of personal data processed, categories of data subjects, obligations and rights of the controller, and sub-processor arrangements.

To request a DPA, please contact us at nests@simple4uhq.com.

10. Children's Privacy

Our services are designed for businesses and are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal data from a child under 18, we will take steps to delete that information promptly.

If you believe a child has provided us with personal information, please contact us at nests@simple4uhq.com.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

Update the "Effective Date" at the top of this page
Notify you via Telegram or email before the changes take effect
Where required by law, obtain your consent to material changes

We encourage you to review this page periodically. Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

12. Contact Information

If you have any questions about this Privacy Policy, your data, or your rights, please contact us:

Company: Very Simple Solutions (Simple4u)
Email: nests@simple4uhq.com
Address: 1755 Ocean Parkway, Brooklyn, NY 11223
Website: simple4uhq.com