Theos Platform Privacy Policy

Effective Date: October 7, 2025

This Privacy Policy explains how Theos Artificial Intelligence, Inc. ("Theos AI," "we," "us," or "our") collects, uses, stores, and shares your information when you use Theos (the "Service"). We are committed to protecting your privacy and ensuring you understand how your data is handled. By using Theos, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Information We Collect

We collect several types of information in order to operate the Service and provide a personalized, efficient experience. This includes:

Account Information: When you register, we collect personal information such as your name, email address, username, password (for your Theos account), and any organization or team details you provide. This information is necessary to create and secure your account.

Profile Data from Integrations: If you connect third-party accounts (like LinkedIn or Instagram) to Theos, we may collect profile metadata from those accounts with your permission. This can include your profile name, username, public profile URL, profile photo, and other basic profile details that the third-party service provides to us via its API. It may also include your availability or settings from integrated calendars (e.g., Calendly) if relevant.

Campaign and Contact Data: Theos allows you to create outreach campaigns and manage contacts. We store the campaign data you input or generate, such as campaign names, schedules, messages/templates you compose, and any AI-generated content for your campaigns. We also store contact information you add or import into Theos for outreach purposes. This contact information may include names, email addresses, phone numbers, job titles, company names, LinkedIn profile URLs, Instagram handles, or other details about the individuals you are reaching out to. If you import a list of leads or sync contacts from LinkedIn/Instagram, we collect and store those contacts' information as provided by you or by the integration.

Conversation History: Theos keeps track of interactions and communications as part of your outreach campaigns. For example, we store the messages you send to contacts and the responses you receive, including message content and timestamps, so that you can manage and review your conversation history in one place. This may include messages sent via LinkedIn, Instagram, email, or other channels supported by Theos. Conversation history helps you and the platform track progress (e.g., whether a lead responded or booked a meeting).

Third-Party Account Tokens: When you connect an external account (LinkedIn, Instagram, Calendly, etc.), we obtain and store the access tokens or authentication credentials provided by those services to Theos. These tokens allow Theos to perform authorized actions (like sending messages or retrieving data) on your behalf. We do not receive or store your actual third-party passwords. For instance, if you connect LinkedIn, we'll store the OAuth token issued by LinkedIn's API – not your LinkedIn password. These tokens are treated securely and are encrypted at rest.

Usage Data: We collect information about how you use Theos. This includes technical information such as your IP address, browser type, device information, and operating system, as well as usage statistics like feature usage, pages or screens visited, time spent, and other activity logs. We may use cookies or similar tracking technologies to collect some of this data (see "Cookies and Tracking" below). Usage Data helps us improve the Service and troubleshoot issues.

Communication Data: If you contact us for support or feedback (for example, via email to contact@theos.ai or through a support chat), we will collect the information you provide in those communications, such as your contact information and the content of your message.

We collect the above information either directly from you (when you provide it) or automatically through your interaction with Theos and integrated services. In all cases, we seek to collect only the information that is necessary to provide and improve our Service.

2. How We Use Your Information

We use the collected information for the following purposes:

Providing and Maintaining the Service: We use your information to operate Theos and deliver core functionality. For example, we use your Account Information to identify you and allow access to your account, Campaign and Contact Data to run your outreach campaigns (e.g., sending messages at scheduled times), and Conversation History to display past interactions. Theos' features, such as automated message sending or contact management, rely on this data to function.

Integration Functionality: Your information is used to facilitate integrations with third-party platforms. For instance, we use your LinkedIn access token to send a connection request or message through your LinkedIn account when you trigger such an action from Theos. Similarly, we might use a Calendly token to create or retrieve meeting invites on your behalf. Any data retrieved from integrated platforms (like contact lists or messages) is used to provide you with a unified experience within Theos.

AI-Powered Features: Theos utilizes artificial intelligence (AI) to assist with content generation and analysis in campaigns. This means that some of your data may be processed by AI/LLM (Large Language Model) providers to enable features like message drafting, lead conversation analysis, or recommendations. For example, if Theos offers an AI writing suggestion for a LinkedIn message, the content you've written or certain contact details might be sent securely to an AI service (e.g., an LLM API) to generate a suggested continuation or reply. We use such providers strictly to serve your requests and enhance the Service, and we ensure appropriate agreements are in place to protect your data (see Section 4, "Third-Party Service Providers").

Service Improvement and Research: We analyze Usage Data and feedback to understand how Theos is used and to improve the platform. This includes troubleshooting technical issues, monitoring performance, and refining AI models. For instance, we might look at aggregated statistics on which features are most used or analyze the effectiveness of AI-generated content (in an anonymized way) to improve our algorithms.

Communications: We may use your contact information (email address, etc.) to send you Service-related communications. This includes confirmations, technical or security notices, updates about new features, or customer support responses. We may also send you promotional communications about product announcements, offers, or events, but you will have the option to opt-out of marketing emails if you prefer. (Transactional emails related to your account or service usage, such as important security alerts or password resets, cannot typically be opted out of.)

Team and Collaboration Features: If you are part of a team account, some of your information (e.g., your name, email, campaigns you create) may be shared with other authorized users in your organization's workspace for collaboration purposes. We use your data to enable features like shared campaign visibility, team performance metrics, or transferring campaign ownership within a team.

Security and Fraud Prevention: Information (especially Usage Data like IP addresses and logs) may be used to monitor, prevent, and detect fraud, abuse, or unauthorized access to Theos. We use this data to keep the platform secure, e.g., by detecting suspicious login attempts or enforcing access limits.

Legal Compliance: We may use your data as necessary to comply with applicable laws and regulations, or to respond to lawful requests or orders from law enforcement or other government authorities.

We will not use personal information for purposes other than those described above without your consent, except as required or permitted by law.

3. How We Share or Disclose Information

We understand that your information is important, and we only share it in limited situations, such as:

With Your Team or Organization: If you are using Theos as part of a team or organization account, certain data will be shared with other members of your team. For example, your campaigns, contacts, and conversation outcomes may be visible to your team's administrators or colleagues within the same workspace. Team administrators can typically view and manage all data within their organization's account, including data associated with your use.

Service Providers and Processors: We use third-party service providers to help us operate and improve Theos. These providers perform services on our behalf and may handle or store your data under our instructions. Key examples include:

Cloud Hosting and Storage: We host Theos on Google Cloud Platform (GCP) infrastructure. Your data (including personal information and stored content) resides on secure servers provided by cloud platforms like GCP. We rely on their robust physical and digital security measures to protect your data.
Database and Backend Services: We utilize managed databases (such as Supabase, which is built on PostgreSQL) to store information like account details, campaign data, and conversation logs. These databases are cloud-based and encrypted. We may also use services like Firebase for specific functionalities (for instance, to store certain tokens or provide real-time features).
AI and Machine Learning Providers: As noted, if our platform uses external AI models (from providers such as OpenAI, Anthropic, Google, etc.), certain text or data may be sent to those third-party AI services to generate responses or analyze content. We share only the data necessary for these providers to perform the requested task, and we do not allow them to use your data for any purpose other than providing us the AI service.
Analytics Services: We use third-party analytics tools (for example, Google Analytics or Segment) to gather Usage Data and understand how users interact with Theos. These services may set cookies or use similar identifiers to collect usage information. This helps us analyze user behavior and improve the user experience. The information shared with analytics providers typically does not include personally identifying details like your name or email, but it may include IP address and activity information.
Communication Tools: We may use email delivery services or customer support platforms (such as SendGrid for emails, or Intercom/Zendesk for support tickets) to communicate with you. These providers would have access to your contact info and the content of communication as needed to perform their functions.

Each service provider is vetted for security and privacy practices, and they are contractually obligated to protect your data and use it only for the purposes we specify. We do not sell your personal information to third parties.

Third-Party Integrations (Data Sharing): When you connect third-party accounts to Theos, there is a two-way flow of information by design. We receive data from those platforms as permitted (e.g., retrieving your contacts from LinkedIn, or upcoming meetings from Calendly), and in turn we may send data to those platforms (e.g., sending a message to a LinkedIn connection on your behalf). You acknowledge that by using these integrations, your data will be shared with the respective third-party platforms in accordance with your settings. For example, if you schedule a message to be sent on Instagram via Theos, the content of that message and the recipient info will be transmitted to Instagram's systems. Similarly, booking a meeting through a Calendly integration will share details with Calendly's system. These third-party services handle your data under their own privacy policies. We recommend reviewing the privacy policies of any third-party services you connect to Theos.

Business Transfers: If Theos AI is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your information may be transferred as part of that transaction, as permitted by law and/or contract. In such cases, we will ensure the successor entity honors the commitments we have made in this Privacy Policy regarding your personal data (unless you consent otherwise).

Legal Compliance and Protection: We may disclose your information if required to do so by law or in the good-faith belief that such action is necessary to: (a) comply with a legal obligation, legal process, or governmental request (such as a court order or subpoena); (b) enforce our Terms of Service or other agreements; (c) protect and defend the rights, property, or safety of Theos AI, our users, or the public; or (d) investigate or assist in preventing any violation of law or these Terms (e.g., fraud prevention).

With Your Consent: Apart from the cases above, we will share your personal information with third parties only with your explicit consent. For instance, if we ever want to use your name or logo publicly as a testimonial or case study, we would seek your permission.

When we share data with third parties, we strive to anonymize or aggregate it when possible. For example, we may publish aggregated statistics or insights (like "X% of Theos users connect both LinkedIn and Instagram") that do not identify any individual.

4. Data Storage and Security

Storage Location: Your data is stored on secure servers provided by our cloud infrastructure partners (primarily Google Cloud in the United States). We may also utilize other geographic regions for redundancy and performance. If you are located outside the United States, be aware that your personal information will be transferred to and stored in the U.S. (or other jurisdictions where our service providers operate). We rely on approved legal mechanisms for any cross-border data transfers, as applicable.

Security Measures: We take security seriously and implement industry-standard measures to protect your information. This includes encryption of data in transit (using TLS/HTTPS for all communication between your browser/app and our servers) and at rest (encrypting our databases and storage). We restrict access to personal data to authorized personnel who need it to operate or support the Service, and these personnel are bound by confidentiality obligations. We also regularly monitor our systems for vulnerabilities and attacks.

However, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee its absolute security. You can help by using a strong, unique password for your Theos account and by keeping your account credentials confidential.

Data Retention: We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. For example, as long as you have an active account, we will retain the data associated with your account. If you delete your account or if it becomes inactive, we will initiate the process of deleting or anonymizing your personal data. Some information may be retained in backups or archives for a certain period (in compliance with our data retention policies and legal requirements), but will be isolated from active use. We may retain certain information even after account deletion if necessary for legal compliance (e.g., financial records for accounting, records of consent for legal defense, etc.) or legitimate business interests (e.g., detecting fraud, resolving disputes) – in such cases, the data will be handled in accordance with this Policy and applicable laws.

5. Your Rights and Choices

Access and Correction: You have the right to access the personal information we hold about you. In most cases, you can review and update your account information directly by logging into Theos and visiting your account/profile settings. If you need assistance or access to other data (such as campaign content or contact lists in a portable format), you can contact us at contact@theos.ai. We will provide you with a copy of your information or make corrections upon verification of your identity (as required). If any personal data we have is inaccurate or incomplete, you have the right to request corrections or updates, and we encourage you to do so to help us keep information current.

Deletion (Right to Erasure): You have the right to request deletion of your personal data. You may delete your account via the Theos interface (if that feature is provided) or by contacting us. Upon your request, we will delete or anonymize your personal information so that it no longer identifies you, except for information that we are required to retain by law or for legitimate business purposes. Note that content you have created (such as messages sent to third parties through integrations) may remain on those third-party services or in the inbox of your recipients – deleting your data from Theos does not remove data held by external platforms that were recipients of your communications.

Objection and Restriction: If you object to any specific processing of your data (for example, if you don't want us to use your data for analytics purposes), or if you want to restrict processing, please let us know. In certain cases, you may have the right to object to processing based on our legitimate interests or for direct marketing. We will evaluate requests and comply where required by applicable law.

Portability: To the extent required by applicable law, you may have the right to receive some of your information in a structured, commonly used, and machine-readable format, and to have that information transmitted to another service provider where technically feasible. Typically, this would apply to data you provided directly (e.g., your account details and contacts list). We can assist in exporting your data upon request.

Consent Withdrawal: If we are processing your personal information based on your consent, you have the right to withdraw that consent at any time. For instance, if you have given consent to receive marketing emails, you can opt out via the unsubscribe link in those emails or by adjusting your preferences in your account settings. Withdrawal of consent will not affect the lawfulness of processing conducted prior to withdrawal.

California Privacy Rights: Residents of California have specific rights under the California Consumer Privacy Act (CCPA) and the "Shine the Light" law. This may include the right to know what personal information is collected, used, shared, or sold, the right to request deletion of personal information, and the right to opt-out of the sale of personal information. As noted, Theos AI does not sell personal information. California users can exercise their rights by contacting us with your request and specifying that you are making a "CCPA request." We will verify your identity and respond in accordance with California law.

GDPR (EEA, UK, Switzerland) Rights: If you are in the European Economic Area, United Kingdom, or Switzerland, you are entitled to rights under the General Data Protection Regulation or equivalent laws. These include the rights mentioned above (access, rectification, erasure, restriction, objection, portability, and the right not to be subject to automated decision-making that produces legal effects). Theos AI acts as a data controller for your personal data. Our legal bases for processing your information include: your consent; the necessity to fulfill our contract with you (Terms of Service); our legitimate interests (such as improving our service, securing the platform, and providing integrations you choose); and compliance with legal obligations. To exercise GDPR rights, please contact us. You also have the right to lodge a complaint with your local data protection authority if you believe we have not addressed your concerns.

We will not discriminate against you for exercising any of these rights. Note that for certain data, we may ask you to verify your identity or provide additional information to ensure that the person requesting access or deletion is actually the data subject or an authorized representative.

6. Cookies and Tracking Technologies

Cookies: Theos uses cookies and similar tracking technologies to provide and improve our Service. A cookie is a small data file stored on your device. We use cookies for several reasons:

Authentication: To keep you logged in as you navigate through the platform. This avoids the need to log in repeatedly during a session.
Preferences: To remember your settings and preferences (for example, language selection or UI theme).
Analytics: To help us understand user activity on our website and app. We, or our analytics providers like Google Analytics or Segment, may set cookies that collect information about your interactions (such as pages viewed, links clicked, and other usage information as described in "Usage Data"). This data helps us analyze and improve Theos.
Security: To enable security features and detect malicious activity. For instance, we might use cookies to throttle login attempts or to detect if a request is coming from a trusted session.
Advertising (if applicable): Currently, Theos does not host third-party ads. If this ever changes, we would update this policy to reflect any cookies used for advertising purposes.

You have choices regarding cookies. Most web browsers allow you to refuse cookies or alert you before accepting them. However, if you disable cookies, some parts of Theos may not function properly (for example, you might not be able to log in or maintain a session).

Other Tracking Technologies: We may use web beacons (pixel tags), local storage, or SDKs (in mobile applications) that function similar to cookies. These help with measuring response rates to communications (like knowing if an email was opened) or understanding feature usage in our mobile app.

Do-Not-Track Signals: Some browsers have a "Do Not Track" (DNT) feature that sends a signal to websites indicating a preference not to be tracked. There is no universal standard for how to respond to DNT signals. At this time, Theos does not respond differently to DNT signals. We continue to monitor developments around DNT and may update our practices if a standard emerges.

7. Children's Privacy

Theos is not intended for use by children under the age of 16 (or the relevant age of consent for data processing in your jurisdiction). We do not knowingly collect personal information from children. If you are under 16, you should not use Theos or provide any personal information. If we become aware that we have inadvertently collected personal data from a child under 16, we will take steps to delete such information promptly. Parents or guardians who believe that we might have information about a child under 16 can contact us at contact@theos.ai to request deletion.

8. International Users

While Theos AI is a U.S.-based company (incorporated in Delaware) and primarily operates in the United States, we welcome users from around the world. By using Theos, you acknowledge that your personal information will likely be processed in the United States and other jurisdictions where our infrastructure or service providers are located. Data protection laws in these jurisdictions may be different or less stringent than those in your home country. We take measures to ensure that adequate safeguards are in place to protect your data as described in this Policy. If required by local law, we will ask for your consent to the transfer of your data across borders.

9. Updates to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. If we make material changes, we will notify you by posting the updated policy on our website and/or through in-app notifications or email, and we will indicate the "Effective Date" of the update. It's important that you review any changes. If you continue to use Theos after a revised Privacy Policy has become effective, it means you accept the revised terms. If you do not agree with any updates to the Policy, you should stop using the Service and may request that we delete your data.

We encourage you to periodically review this page for the latest information on our privacy practices. Older versions of the Privacy Policy may be archived by us and available upon request for your reference.

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, please contact us at:

Theos Artificial Intelligence, Inc.

Email: contact@theos.ai
Phone: +17372046474

We will address your inquiry as promptly as possible. Your privacy is important to us, and we are committed to resolving any issues to your satisfaction.