Harmony Lab Privacy Policy
Last Updated: July 26, 2024
Welcome to Harmony Lab (“Harmony Lab,” “we,” “us,” or “our”). This Privacy Policy explains how we collect, use, store, and protect your information when you access or use Harmony Lab’s platforms, applications, and connected services, including integrations with Google Drive, Google Calendar, Notion, Slack, LinkedIn, and other OAuth-based tools (collectively, the “Platform”).
By using Harmony Lab or connecting any third-party integration, you consent to this Privacy Policy and authorize Harmony Lab to process your data as described below.
1. Who We Are
Harmony Lab, Inc. is a California-based technology company developing Harmony OS and the Signal Platform—AI-powered systems designed to help individuals and organizations achieve coherence, clarity, and alignment in work and life. We operate with a “privacy-by-design” philosophy grounded in consent, transparency, and user control.
2. Information We Collect
A. Information You Provide Directly
- Account Data: Name, email address, password (hash-secured), and workspace details.
- Assessment Data: Responses and results from the Signal Map and Harmony Assessments.
- Workspace Content: Plans, AI notes, knowledge documents, and uploads you create on the Platform.
- Communication Data: Messages or feedback you submit to our team.
- Integration Preferences: Your choices to connect or disconnect third-party accounts.
B. Information from Connected Services (OAuth Integrations)
When you connect an external service, Harmony Lab securely stores encrypted authorization tokens and accesses only the minimal data required for the intended feature.
| Integration | Access Scope | Usage |
|---|---|---|
| Google Drive | Metadata (name, ID, modified time) and optionally file content (if authorized) | Display and synchronize workspace files |
| Google Calendar | Event titles, times, participants (read-only unless authorized) | Create focus sessions and coherence rhythms |
| Notion | Page metadata and content | Mirror knowledge bases and plans |
| Slack | Channel and thread data (if authorized) | Summarization and Harmony Score metrics |
| Profile ID, headline, photo, email (optional), post permissions (if granted) | Sync professional profile and share milestones | |
| Other Integrations | Limited OAuth scopes as explicitly consented by you | Future services with identical principles |
You may disconnect any integration at any time in your account settings.
C. Automatically Collected Data
We may collect:
- Device and browser type, IP address, region, and usage logs.
- Cookies and analytics data to optimize performance. We do not use advertising cookies or sell tracking data.
3. How We Use Your Information
We process data to:
- Provide and improve the Platform’s core functionality.
- Authenticate and secure your account.
- Deliver personalized AI recommendations and Signal/Harmony insights.
- Maintain integration connections you authorize.
- Communicate updates, security alerts, and support responses.
- Fulfill legal obligations and prevent fraud.
We never sell personal data or use integration data for third-party advertising.
4. Data Sharing and Disclosure
Your information may be shared only:
- With trusted service providers (e.g., Firebase, Google Cloud, OpenAI, Vercel) under strict data-processing agreements.
- With integration partners solely via authorized OAuth APIs.
- When required by law or legal process.
- In connection with a merger or business transfer (with prior notice).
5. Data Security and Storage
All data is encrypted in transit (HTTPS/TLS) and at rest in Firebase databases. We use role-based access controls, token rotation, and auditing to protect your information.
6. Data Retention and Your Right to Delete All Information
We retain data only as long as necessary to provide the Platform or comply with law.
Delete All Information Button
Within your Settings → Privacy Controls, Harmony Lab offers a “Delete All Information” feature that immediately:
- Deletes your account and all associated personal data from Firebase and linked storage.
- Revokes all OAuth tokens for integrations (e.g., Google, Slack, LinkedIn).
- Erases workspace files, assessments, and logs.
- Flags any AI-derived records for secure purge within 24 hours.
After confirmation, this process is irreversible. Aggregated or anonymized analytics may be retained for service improvement but cannot be traced back to you.
You may also request manual verification of data erasure by emailing privacy@harmonylab.ai.
7. Your Rights
You have the right to:
- Access, correct, or export your data.
- Withdraw integration consent at any time.
- Delete your account via the “Delete All Information” button.
- Object to certain processing activities.
We will respond within legal timeframes (GDPR and CCPA compliant).
8. International Transfers
Data may be processed on servers in the United States and other jurisdictions. We use Standard Contractual Clauses (SCCs) and secure transfer mechanisms for cross-border data protection.
9. Children’s Privacy
Harmony Lab does not target or collect data from children under 16. If such data is identified, we will delete it promptly.
10. Updates to This Policy
We may update this Privacy Policy as our Platform evolves. Changes will be posted on harmonylab.ai/privacy with the “Last Updated” date. If changes materially affect your rights, you will receive notice via email or in-app notification.
11. Contact Us
Harmony Lab, Inc.
Attn: Data Protection Officer
📧 privacy@harmonylab.ai
🌐 https://harmonylab.ai
📍 [Insert Mailing Address]
12. Core Privacy Principles
| Principle | Our Commitment |
|---|---|
| Consent-First | No data is accessed without explicit OAuth authorization. |
| Least Access | Only minimum required permissions are requested. |
| User Control | You can disconnect integrations or delete everything at any time. |
| Transparency | View, export, or erase all stored data through your settings. |
| No Selling | We never sell user data to any third party. |
| Security | Encryption, role-based access, and routine audits protect your data. |