Privacy Policy

Last updated: May 5, 2026

1. Scope

Ask Quickly, Inc. ("Quickly", "we", "our", or "us") provides an AI operations assistant available through askquickly.ai, app.askquickly.ai, Slack, Microsoft Teams, SMS, voice, APIs, and connected third-party tools (the "Service"). This Privacy Policy explains how we collect, use, disclose, retain, and protect information when you use the Service.

For business customers, your organization is generally the controller of Customer Data and Quickly acts as a service provider or processor that handles Customer Data on your organization's instructions. If a separate signed agreement applies, that agreement controls where it conflicts with this policy.

2. Information We Collect

Account and workspace information

  • Name, email address, company name, role, authentication provider, and workspace membership
  • Workspace settings, billing plan, admin settings, user invitations, and access roles
  • Support requests, security questionnaires, feedback, and communications with us

Customer content

  • Messages, prompts, commands, attachments, files, forms, workflow definitions, and AI outputs
  • Slack, Teams, SMS, voice, web chat, API, and Quickly app conversation content when you send it to Quickly or configure Quickly to process it
  • Knowledge base documents, extracted text, metadata, and vector embeddings used for retrieval
  • Voice call and SMS metadata, transcripts, message delivery data, opt-out events, and call handling results where enabled

Integration and OAuth data

When you authorize an integration, we collect and store the credentials needed to operate that integration, including OAuth tokens where applicable. Tokens and secrets are encrypted at rest. Depending on the integrations you connect, Quickly may access:

  • Email, calendar, contacts, files, and metadata from Google Workspace or Microsoft 365 when you ask Quickly to work with those services
  • Slack or Teams workspace, channel, user, message, thread, and file data needed to respond to requests and maintain context
  • CRM, project management, ticketing, accounting, repository, document, meeting, call, or sales intelligence records from tools you connect
  • Browser automation session data when you ask Quickly to operate a website that does not have a supported API integration

Usage, device, and security information

  • Commands issued, tools called, workflows executed, confirmations, approvals, errors, latency, and usage metrics
  • IP address, browser type, device type, operating system, request path, referring page, and access time
  • Authentication, OAuth grant, token revocation, webhook, administrative, billing, and security events
  • Cookies and similar technologies required for sign-in, session security, preferences, analytics, and abuse prevention

3. How We Use Information

We use information to:

  • Provide, secure, maintain, and improve the Service
  • Interpret requests, retrieve relevant context, generate AI responses, and execute approved workflows
  • Connect to third-party services you authorize and take actions you request within granted permissions
  • Deliver Slack, Teams, SMS, voice, email, and in-app communications related to the Service
  • Maintain audit trails, detect abuse, prevent fraud, troubleshoot failures, and investigate security incidents
  • Manage billing, subscriptions, credits, support, compliance, and legal obligations
  • Create aggregated or de-identified analytics that do not identify a person or customer workspace

4. AI Processing

Quickly is an AI-powered product. To generate responses and execute workflows, we may send prompts, relevant conversation history, retrieved knowledge, tool results, attachments, and integration data to AI infrastructure used to provide the Service. Our primary AI processing path uses Google Cloud Vertex AI, including Anthropic Claude and Google Gemini models where available.

  • We do not use Customer Data, Google API data, Slack data, Microsoft Graph data, voice transcripts, SMS content, or integration data to train foundation models.
  • We do not sell Customer Data or use it for advertising, retargeting, or cross-context behavioral advertising.
  • AI outputs can be inaccurate or incomplete. Your organization remains responsible for reviewing outputs and configuring approval rules for actions.
  • AI providers and infrastructure subprocessors may process prompts, outputs, and related metadata only to provide, secure, support, and monitor the Service, subject to their applicable data processing terms.

5. Google API Services User Data - Limited Use

Quickly's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. When you connect Google services:

  • We access only the Google user data needed to provide user-facing features you request or configure.
  • We disclose how Google user data is accessed, used, stored, deleted, and shared, and what actions Quickly may take on your behalf.
  • We do not use Google Workspace API data for ads or generalized AI/ML model training.
  • We do not allow humans to read Google Workspace API data unless you give specific consent, it is necessary for security or abuse investigation, it is required by law, or the data is aggregated and anonymized for internal operations consistent with Limited Use.

6. Microsoft, Slack, SMS, and Voice Data

When you connect Microsoft 365, Slack, Teams, SMS, or voice channels, we process that data only to provide the Service you configured:

  • Microsoft Graph data is used only to provide requested mail, calendar, file, identity, or Teams functionality and is not sold, used for advertising, or used to train foundation models.
  • Slack and Teams data is used to respond in the relevant workspace, channel, thread, direct message, or app surface and to maintain the context needed for those interactions.
  • SMS and voice data is used to route, respond to, transcribe, summarize, and follow up on communications you configure. We honor STOP and other opt-out signals where supported.
  • Mobile phone numbers, SMS opt-in data, and SMS consent records are not shared with third parties for their own marketing or promotional purposes.
  • SMS message frequency varies by the customer program and the workflow configured by your organization. Where supported, recipients may reply STOP to opt out and HELP for help. Message and data rates may apply.
  • Message and call consent obligations belong to the customer configuring those communications. We provide the technical Service but do not determine your outreach recipients or consent basis.

7. Sharing and Subprocessors

We do not sell personal information. We share information only as needed to operate the Service, comply with law, protect rights and safety, or complete a business transaction with appropriate notice. Current subprocessors and service providers may include:

  • Google Cloud Platform - hosting, Cloud Run, Cloud SQL, Cloud Storage, Secret Manager, Cloud Tasks, Cloud Scheduler, logging, and related infrastructure
  • Google Cloud Vertex AI - AI inference, embeddings, and model routing
  • Anthropic - Claude model provider through supported enterprise/API channels
  • Stripe - payment processing, subscriptions, invoices, and billing events
  • Twilio - SMS, phone number, telephony, and voice call functionality where enabled
  • Resend - transactional email delivery
  • Upstash - Redis-based rate limiting, queues, and short-lived cache where used
  • Sentry - error monitoring and diagnostic event tracking
  • Microsoft, Google, Slack, and other integrations you authorize - data exchanged with those services at your direction

We may update our subprocessor list as the Service evolves. Material changes will be reflected on this page or the Trust Center.

8. Security

We use technical and organizational safeguards designed to protect information, including encryption in transit, encryption of stored OAuth tokens and credentials, workspace-scoped access controls, role-based authorization, audit logging, production access restrictions, vulnerability scanning, and incident response procedures. No system is completely secure, but we design the Service to reduce risk and to detect and respond to issues quickly.

9. Retention and Deletion

We retain information for as long as needed to provide the Service, satisfy legal or security obligations, resolve disputes, enforce agreements, and support business operations. Typical retention practices include:

  • Account and workspace data: retained while the workspace is active, unless deletion is requested and no legal obligation requires retention.
  • Messages, tasks, transcripts, workflow runs, knowledge documents, and audit history: retained until deleted by your organization, deleted through product controls, or removed as part of workspace deletion.
  • OAuth tokens and integration credentials: retained until the integration is disconnected, the workspace is deleted, or the token is revoked or expired. We delete or revoke tokens where supported by the provider.
  • Security, diagnostic, and application logs: retained for a limited period based on operational and security needs.
  • Backups: retained for a limited period and deleted on a rolling schedule.

10. Privacy Rights and Choices

Depending on your location and the context in which we process your information, you may have rights to access, know, correct, delete, export, restrict, object to, or appeal certain processing decisions. You may also have rights to opt out of sale, sharing, targeted advertising, or certain profiling. Quickly does not sell personal information or use Customer Data for targeted advertising.

You may exercise rights by contacting us at support@askquickly.ai. Authorized agents may submit requests where applicable law permits. We will not discriminate against you for exercising privacy rights.

11. International Transfers

Quickly is operated from the United States and primarily hosted in Google Cloud regions in the United States. If you access the Service from outside the United States, your information may be transferred to, stored in, or processed in the United States and other countries where our providers operate. Where required, we use appropriate safeguards for international transfers.

12. Children and Regulated Data

The Service is intended for business use and is not directed to children under 13. Do not submit protected health information, payment card data, financial account data, or other regulated sensitive data unless your organization has a written agreement with Quickly that expressly permits that use and includes any required addendum, such as a Business Associate Agreement for HIPAA-regulated data.

13. Incident Notification

If we determine that a security incident affects personal information, we will notify affected customers and regulators where required by applicable law or contract and within the required timeframes.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with a new "Last updated" date and, where appropriate, communicated to account administrators by email or in-product notice before materially different data uses begin.

15. Contact Us

Questions or privacy requests can be sent to:
support@askquickly.ai