Home A
Homepage #1
Home B
Homepage #2
Home C
Homepage #3
Product A
Product #1
Product B
Product #2
Product C
Product #3
Contact A
Contact #1
Contact B
Contact #2
Contact C
Contact #3
About
About
Case Study
Case Studies
Single Case Study
Case Study
Integrations
Integrations
Single Integration
Single Integration
Pricing
Pricing
FAQ
FAQ
Sign In
Sign In
Create account
Create Account
Reset password
Reset Password
Legal
Legal
Book a demo
Book a demo
Blog
Blog
Article
Article
404
404
Password
Password
Legal

Privacy Policy


OPTIVO PRIVACY POLICY Effective: July 14, 2025

Sherbrooke Holding LLC d/b/a Optivo ("Optivo," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you use the Optivo scheduling and communications platform, our website at https://www.joinoptivo.com (the "Site"), and related services (collectively, the "Services").

If you connect a Google account, please see Section 12 (Google User Data) for disclosures required by the Google API Services User Data Policy (including Limited Use).

1) Information We Collect

We collect Account Data, which includes your name, work email, company name, password, and role, provided by you or your employer. We collect Calendar and Event Data, which includes event titles, participants, attachments, and meeting links, sourced from Microsoft 365, Google Workspace, Zoom, or manual entry. We collect Usage Data, which includes log files, device identifiers, IP address, browser type, pages visited, and time spent, gathered automatically through cookies, logs, and analytics. We collect Payment Data, which includes billing contact, the last four digits of your card, and transaction IDs (processed by Stripe), provided by you and Stripe. We collect Support Data, which includes chat transcripts, screenshots, and error reports, provided by you when you contact support.

We do not intentionally collect sensitive personal information (e.g., health or biometric data). Please do not store such data in the Services.

2) How We Use Information

We use personal information to provide and maintain the Services (e.g., scheduling, notifications, integrations); process payments and manage subscriptions; monitor performance, debug, and improve the Services; communicate about updates, security alerts, and administrative matters; send marketing emails (with your consent or where permitted; you can opt out anytime); and comply with legal obligations and enforce our Terms of Service.

EEA/UK legal bases: contract performance; legitimate interests (service improvement, security); consent (marketing cookies/emails); and legal compliance.

3) Sharing & Disclosure

We do not sell personal information. We disclose it only to service providers and sub-processors strictly to operate the Services (see list below); to integration partners when you connect third-party accounts (e.g., Microsoft 365, Google, Zoom) to sync or perform actions you request, in which case we share the minimum necessary; for legal and safety reasons, to comply with law or protect you, us, or the public; and in connection with corporate transactions (e.g., merger or acquisition), subject to confidentiality.

Sub-Processor List (last updated July 14, 2025): Amazon Web Services (AWS) for hosting and databases, located in the USA; Microsoft Azure for optional hosting and AI workloads, located in the USA; Stripe for payment processing, located in the USA; Microsoft Graph for calendar and email integration, located in USA and EU datacenters; Google Workspace APIs for calendar and email integration, located in the USA; Zoom Video Communications for meeting link creation, located in the USA; Postmark and Twilio SendGrid for transactional email, located in the USA; Sentry for error monitoring, located in the USA; and Datadog for logs and performance metrics, located in the USA.

4) Cookies & Tracking

We use first-party cookies for login sessions and CSRF protection, and third-party cookies for anonymous analytics (e.g., Google Analytics). You can control cookies via your browser settings; disabling some may affect functionality.

5) Data Retention

Active account data is retained for the life of the subscription. Backups are retained for 30 days after deletion, then purged. Audit logs are retained for 90 days. Payment and tax records are retained for 7 years for compliance.

Upon written request or within 30 days after account closure, we delete personal data from production systems, except where retention is required by law or legitimate business needs (e.g., billing records).

6) Security

We employ safeguards including TLS 1.2+ encryption in transit and AES-256 encryption at rest, network firewalls and access controls, annual penetration testing, and SOC 2 Type 2 compliant data centers (AWS and Azure). No system is 100% secure, and we cannot guarantee absolute security.

7) Your Rights

Depending on your jurisdiction, you may have rights to access or obtain a copy of your data, correct inaccurate data, delete your data, port your data, object to or restrict processing, and withdraw consent (for marketing).

California residents may request the categories of personal information disclosed for business purposes in the past 12 months.

8) International Transfers

We store data in the United States. For EU/UK personal data transferred outside those regions, we rely on Standard Contractual Clauses or other lawful mechanisms.

9) Children

The Services are not directed to children under 16, and we do not knowingly collect their data.

10) Changes to This Policy

We may update this Policy from time to time. Material changes will be notified by email or in-app at least 30 days before taking effect.

11) Contact Us

Sherbrooke Holding LLC d/b/a Optivo, Burlington, VT 05401, USA. Email: support@joinoptivo.com.

If you have unresolved privacy concerns, you may contact your local data-protection authority.

12) Google User Data (Google API Services)

This section applies only if you connect your Google account to Optivo.

12.1 Data We Access (Scopes)

Depending on the features you enable, Optivo may request the following Google scopes. For Gmail (Restricted): gmail.readonly to read message metadata and content; gmail.modify to apply or remove labels and mark messages read or unread; and gmail.send (or gmail.compose) to send messages you author in Optivo. We request only the scopes necessary for the features you use.

For Google Calendar (Sensitive): calendar.readonly and/or calendar.events to read or create events to support scheduling.

Specific data elements (as applicable) include message and thread IDs, headers (to, from, subject), label IDs and names, message bodies, attachments (only when you initiate related actions), draft content, and calendar event fields (title, time, attendees, conference link).

12.2 How We Use Google User Data

We display relevant messages and threads to assist with scheduling and client work you initiate. We create or send emails only when you request it in Optivo. We apply labels you choose (e.g., to categorize client mail). We read or create calendar events you request to keep schedules in sync. We diagnose sync errors and improve reliability (e.g., deduplicating threads).

We do not use Google user data for advertising or to build advertising profiles.

12.3 Sharing of Google User Data

We do not share Google user data with third parties except with the subprocessors listed in Section 3 to provide the Services (under data-processing agreements), and when required by law. We never sell Google user data.

12.4 Storage & Protection of Google User Data

OAuth tokens are stored encrypted. To render inbox and labels efficiently, Optivo may store limited metadata (e.g., message ID, thread ID, label IDs). Message bodies and attachments are either (a) streamed on demand without persistent storage, or (b) temporarily cached, encrypted at rest, for up to 7 days strictly to power features you enable (e.g., search and summaries). Access to Google user data is role-based, logged, and audited.

If your organization prefers no server-side caching of Gmail content beyond transient processing, you can disable caching in tenant settings.

12.5 Retention & Deletion (Google)

Revoking Google access from Optivo or disconnecting within the app immediately invalidates OAuth tokens. Cached content (if enabled) is purged within 7 days; metadata is retained only as needed to provide your account's functionality or until you delete it. You can request deletion at https://www.joinoptivo.com/support or by emailing support@joinoptivo.com, and we will fulfill the request within 30 days.

12.6 User Choices & Revocation

You grant access via Google OAuth and can view or revoke Optivo's access anytime in your Google Account (Security → Third-party access). You can also disconnect Google inside Optivo at Settings → Integrations → Google.

12.7 Limited Use, Human Access, and Prohibited Practices

Optivo's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data for ads or personalized advertising; we do not sell Google user data; and we do not permit human access to the content of your Google data, except (i) with your explicit consent, (ii) to comply with applicable law, or (iii) for security or abuse prevention, in which case access is limited to the necessary scope and is logged.

13) Data Subject Requests & Contact

To exercise your rights (access, correction, deletion, portability, objection, or restriction) or to request Google-data deletion, contact support@joinoptivo.com or visit https://www.joinoptivo.com/support. We will respond within the timeframes required by applicable law.

Ready to schedule faster?

Get Started
Book a demo
OPTIVO
Company
Home
Case Studies
Contact
Product
Integrations
New
Pricing
More
FAQ
Privacy Policy
Terms of Service
Create Account
Sign In
Reset Password
Book a demo
© 2025 OPTIVO. All rights reserved.
“My favorite subscription by far. Fresh supply of templates and ready-to-use sections that save us hours on every project. Absolute no-brainer.”
Jeremy Olley
Small Agency
best deal
Save with BYQ Supply Ultra
BYQ Supply Ultra is our premium subscription that gives you access to our templates and 1800+ copy/paste sections library for half the price.
Webflow Marketplace
1 template for $129
With byq ultra
3 templates for $46 each + 1800 sections
3 template credits every quarter
Full access to 1800+ copy paste sections library
All new templates added during your subscription
With code CRAFTED20 only $46/month for the first quarter.
Cancel anytime.
Get Nerdstack with ULTRA