Skip to main

Privacy Policy

This Privacy Policy (“Policy”) explains what information Retain AI, Inc. (“Retain”, “”, “we”, “our”, or “us”) collects from our users (“users” or “you”) and how we use and share this information. This Policy applies to your use of any services, products, content or software made available by Retain, including but not limited to Retain’s website (the “Site”) currently located at (collectively, the “Retain Platform”). It also describes the choices available to you regarding our use of your Personal Information and how you can access and update this information.

Retain complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S.Privacy Shield  Framework(s) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Retain has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit​

Retain may change this Policy from time to time.  If we make changes, we will notify you by revising the date at the top of the policy and posting the new policy on the Site.  We encourage you to review the Privacy Policy whenever you access the Site or use the Retain Platform in any way to stay informed about our information practices.  Your continued use of the Retain Platform constitutes your agreement to be bound by such changes to this Policy.

Users Outside the United States

The Site is hosted in the United States and is governed by United States law. If you are outside the United States when you visit the Site or engage in communications with a Retain agent via mail, e-mail or telephone, please be aware that your information may be transferred to, stored and processed in the United States where our servers are located and our central database is operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. By using the Site and/or communicating with a Retain agent via mail, email or telephone, you consent to your information being transferred to our facilities in the United States and to the facilities of those third parties with whom we share it as described in this Privacy Policy.

Information We Collect

Visitors:  We collect information if you visit our Site or use the Retain Platform, even if you do not establish an account with Retain.  This information includes:  IP address, geographic location (country based on IP address), browser type, version and language setting and operating system type, version and language setting.

Account Creation and Use of Retain Platform:  In addition to the information above, we collect your email address when you create an account with Retain.

Cookies and Web Beacons:  We use “cookies” and “web beacons” to collect information for various purposes.  A cookie is a small data file that we transfer to your computer or mobile device’s hard disk.  We use cookies, for example, to save your login information in order to authenticate you as a customer.  A web beacon is an electronic image that may be used on the Site or in email to deliver cookies, count visits and to tell if an email has been opened and actioned.  We also use both cookies and web beacons for the purpose of collecting information about your browsing activities over time and across different websites following your use of the Retain Platform.

User Data: We collect information you voluntarily provide to us in the process of using the Retain Platform.  This includes data provided to us through third party integrations.  We process such data on your behalf in accordance with the instructions received from you for as long as needed to provide our services, subject to this Policy.

Google APIs: We collect only the information that you authorize us to collect when you authenticate into using Google’s OAuth API. requires the following permissions to offer a base level of functionality:

  • Access to your calendar, in order to understand which external interactions you participate in
  • Read-only access to your coworkers’ calendar, if shared with you, in order to understand which external interactions they participate in
  • Access the names, emails and avatars of contacts in your organization in order to identify the co-workers whose calendars we should include in our analysis

Beyond the base functionality, you may also grant the following permissions to extend the coverage provided by Retain:

  • Read-only access to Gmail metadata, which will be used exclusively in order to estimate and report time spent on email activities with external parties
  • Read-only access to Drive, which will be used exclusively in order to estimate and report time spent on documents related to external parties

In both cases, the information collected may include personal information identifiers, typically in the form of email addresses and first and last names retrieved via an API. This information is used exclusively for the purposes of the service, such as attributing activity to the appropriate account based on an email sender’s domain.

Other Integrations: In using the Retain service you may elect to transfer data, programmatically or otherwise, from other applications to Retain; in that case, personal information residing in those platform, such as email or first and last name, may be collected by Retain if it is deemed necessary for the purpose of delivering the service to you. 

Chrome Browser Extension: If you choose to install the Retain Chrome Browser Extension, you will be asked to grant access to information that will be used to associate time spent on specific websites, such as Facebook Ads Manager, with external parties. The extension requires access to your tabs in order to understand how much time is spent on each page. In a limited number of cases, we may request access to the contents of webpages on specific domains, exclusively in order to attribute time spent on a site to a specific external party, based on the content of the page.

​Google API Services Usage Disclosure

​Retain’s use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

How We Use Information

Unless otherwise specified, we may use information about you and your end-users for various purposes, including to:

  • Provide you with information about the time spent with various customers, vendors and counterparties to your business;
  • Provide, operate, maintain, analyze, improve and promote the Retain Platform and tailor our services to our users’ needs;
  • Create aggregate, anonymized benchmarks;
  • Respond to your comments, questions and requests and provide customer service;
  • Send you technical notices, updates, security alerts and support and administrative messages;
  • Communicate with you about products, services, offers, promotions, rewards, and events, and provide news and information we think will be of interest to you;
  • Monitor and analyze trends, usage and activities in connection with the Retain Platform;
  • Link or combine with information we get from others to help provide you with better service;
  • Detect, investigate and/or prevent fraudulent, unauthorized or illegal activity; and
  • Carry out any other purpose for which the information was collected.

The information we collect may be “personally identifiable” (meaning it can be used to specifically identify you as a unique person) or “non-personally identifiable” (meaning it can’t be used to specifically identify you). We use both types of information, and combinations of both types, as described above.

You may choose to limit the information that is shared about you by contacting Retain at and requesting that your information be modified or deleted.

Sharing Your Information

We may share personally identifiable information as follows, unless otherwise specified:

  • With your consent;
  • With our affiliates;
  • With third party vendors, consultants and other service providers who need access to such information to perform work on our behalf consistent with our privacy policy; Examples include customer support specialists, web hosting companies, data analysis firms, and email service providers;
  • With analytics providers for the purpose of analyzing user data;
  • When we believe that we are lawfully authorized or required to do so or that doing so is reasonably necessary or appropriate to comply with the law or legal processes or respond to lawful requests or legal authorities, including responding to lawful subpoenas, warrants or court orders;
  • To enforce or apply our privacy policy, our terms of use or our other policies or agreements;
  • To protect the rights, property, or safety of Retain, our users, or others; and
  • In connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition, or in any other situation where personal information may be disclosed or transferred as one of our business assets.

We may also share aggregated or non-personally identifiable information with third parties.

Retain complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.

You may choose to limit the information that is shared about you by contacting Retain at and requesting that your information be modified or deleted.

Third Parties

We may let other companies use cookies, web beacons, and other technologies in the Retain Platform. These companies may collect information such as IP address, browser type, domain name, access time, URL and page views.  This information may be used to analyze your use of the Retain Platform and to assist us with product and business process improvements.

For example, we use Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help us analyze how users use the Site and enhance your experience when you use the Service.  For more information on how Google uses this data, go to

Your Choices Regarding Information and User Generated Content

Cookies and Web Beacons: You can usually instruct your browser, by changing its settings, to stop accepting cookies or web beacons or to prompt you before accepting a cookie or web beacon from the websites you visit.  If you do not accept cookies or web beacons, however, you may not be able to use all portions of the Retain Platform or all functionality of the Retain Platform.

Changing or Deleting Your Information: You may review, update, correct or delete the personally identifiable information in your account by sending a request to do so to  If you completely delete all of your information, then your account may become deactivated.  Please note that Retain may retain certain information as required by law, for legitimate business purposes, or as part of our regular retention practices.  We may also retain cached or archived copies of information about you.


We use commercially reasonable safeguards to preserve the integrity and security of information collected and maintained through the Retain Platform.  However, we cannot ensure or warrant the security of any information you provide to us or guarantee that information on the Retain Platform may not be accessed, disclosed, altered, or destroyed by unauthorized persons.

International Transfer

Your information may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide information to us, Retain transfers personal information to the United States and processes it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Do Not Track

We currently do not participate in any “Do Not Track” frameworks that would allow us to respond to signals or other mechanisms from you regarding the collection of your information.  We may, or we may engage third parties, such as marketing or analytics partners, who may collect information about your online activities over time and across different websites when you use our website.


The Retain Platform is not directed to children under 13. We do not knowingly collect personally identifiable information from children under 13.  If a parent or guardian becomes aware that his or her child has provided us with personal information without their consent, he or she should contact us at

How to Contact Us

If you have any questions about this Policy or any of the practices described herein, please contact us at Retain AI, Inc., 415 Stockton Street Fourth Floor San Francisco CA 94108, or send us an email at

Vulnerability Disclosure Program

  • If you believe you’ve discovered a potential vulnerability, please let us know by emailing us at We will acknowledge your email within 24 hours.
  • Provide us with a reasonable amount of time to resolve the issue before disclosing it to the public or a third party. We aim to resolve critical issues within one week of disclosure.
  • Make a good faith effort to avoid violating privacy, destroying data, or interrupting or degrading the Retain service. Please only interact with accounts you own or for which you have explicit permission from the account holder

Exclusions: While researching, we’d like you to refrain from:

  • Distributed Denial of Service (DDoS)
  • Spamming
  • Social engineering or phishing of Retain employees or contractors
  • Any attacks against Retain’s physical property or data centers

Questions about our Privacy Policy

In compliance with the Privacy Shield Framework, Retain commits to resolve complaints about your privacy and our collection or use of your personal information. Inquiries or complaints regarding this privacy policy should first contact Retain by submitting a request

If an issue cannot be resolved our internal dispute resolution mechanism, individuals may contact or submit a complaint, at no cost, to the JAMS EU-U.S. Privacy Shield Program, which is based in the United States and which serves as our third-party alternative dispute resolution provider. We will cooperate with JAMS pursuant to the JAMS International Mediation Rules, which are accessible on the JAMS website at For residual complaints not fully or partially resolved by other means, you may be able to invoke binding arbitration as detailed in the Principles.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

With respect to our compliance with applicable privacy laws and regulations Retain may be subject to the investigatory and enforcement powers of the Federal Trade Commission.


Last modified January 18, 2022

Infrastructure Subprocessors​

  • Amazon Web Services, Inc – Cloud Service Provider – United States
  • Snowflake – Cloud Service Provider – United States

Other subprocessors

  • Google, Inc. – Cloud-based Analytics – United States