Privacy Policy

This Privacy Policy describes how Buzz ("Buzz", "we", "us" or "our") handles personal data when you use our mobile app, desktop app and website (collectively, the "Service"). By using the Service you agree to the practices described here. If you do not agree, please don't use the Service.

We collect only what we need to run Buzz:

• Account information — the email address you use to sign in (we use one-time codes rather than passwords), your display name and profile photo, and the personal and team avatars you create on your account.
• Messages and content — the messages, media and other content you send and receive. We store these so we can deliver them and so your conversations and personal cloud persist across your devices.
• Files and storage — files you upload are stored as part of your personal cloud, along with metadata such as file name, size, type and which conversation they belong to.
• Usage and device data — device type, operating system, app version, IP address and basic interaction logs, used for reliability, security and abuse prevention.
• AI interactions — when you use the Buzz AI assistant, the relevant conversation context is processed to generate a response (see "Buzz AI and your data" below).
• Push tokens — if you enable notifications, we store the device token needed to deliver them.

• Operating the messaging, storage and AI features of the Service.
• Delivering messages, media and notifications to the right people.
• Storing your files and conversation history so they're there when you come back.
• Keeping the Service secure — detecting, preventing and investigating fraud, abuse and technical issues.
• Sending you essential service communications (for example, sign-in codes and important account notices).
• Complying with our legal obligations.

We do not sell your personal data, and we do not use the content of your private messages to serve advertising.

Buzz includes an AI assistant that can summarise threads, draft replies, translate tone and answer questions about your conversations and files. When you invoke the assistant, the relevant context is sent to our AI provider (Anthropic, the maker of Claude) to generate a response.

• The AI only has access to content within the scope you ask it about — for example a specific hub or conversation.
• Muting Buzz in a conversation removes the assistant from that thread.
• We do not use your private content to train third-party AI models.

We rely on a small number of trusted infrastructure providers to run Buzz. They process data on our behalf under appropriate agreements:

• Supabase — authentication and database (hosted in the EU).
• Google Cloud Platform — application hosting (europe-west1).
• Backblaze B2 — object storage for your files and media.
• Redis Cloud — caching and real-time message delivery.
• Anthropic (Claude) — powering the Buzz AI assistant.
• Expo, Apple and Google — delivery of push notifications.

We do not sell your personal information to any third party.

Buzz is built and hosted in Europe. Our application runs on Google Cloud in europe-west1 and our database is hosted with Supabase in eu-west-1. Some providers (for example our AI provider) may process data outside the EU; where they do, we rely on appropriate safeguards such as standard contractual clauses.

We keep your account data for as long as your account is active. When you delete your account, we remove your personal data from our systems within 30 days, except where we are required to retain certain records to comply with legal obligations. Backups are purged on a rolling basis.

Under the UK GDPR and EU GDPR you have the right to access, correct, delete, restrict or object to the processing of your personal data, and the right to data portability. You can:

• Request deletion of your entire account at any time via buzzmessaging.ai/delete-account.
• Exercise any other right, or ask a question, by emailing us at support@buzzitapp.com.

You also have the right to lodge a complaint with your local data protection authority.

Buzz is not intended for anyone under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have, we will delete it promptly.

We protect your data with encryption in transit (TLS) and at rest, along with access controls and the per-avatar isolation that keeps your personal and work identities separate. No method of transmission or storage is completely secure, so we cannot guarantee absolute security, but we work hard to protect your information.

We may update this policy from time to time. When we make material changes we will update the "Last updated" date above and, where appropriate, notify you in the app. Continued use of the Service after changes take effect means you accept the updated policy.

For any privacy questions or to exercise your rights, contact us at support@buzzitapp.com.