Privacy Policy

Retirement Rescue Hub ("the App", "we", "us", or "our") is an internal sales management tool operated by Paradigm Capital. This Privacy Policy explains how the App collects, uses, and protects information when authorized sales representatives connect their Google accounts to enable Gmail integration.

This policy applies solely to the App's use of Google OAuth and Gmail API access. It does not govern other data practices of Paradigm Capital.

When a sales representative authorizes the App via Google OAuth, we request the following Gmail API scopes:

We do not request access to Google Drive, Google Calendar, Google Contacts, or any other Google service beyond Gmail.

The Gmail access described above is used exclusively for the following purposes, all within the context of Paradigm Capital's internal sales operations:

• Email sync to CRM: Outbound emails sent by representatives to known prospects are detected and logged into the App's internal email log, giving sales management visibility into rep–prospect communications without requiring reps to forward or CC a separate address.
• Email composition: When a representative uses the App's email composer, the App sends the message via the Gmail API on their behalf using their connected Google account.
• Token refresh: OAuth refresh tokens are stored securely to maintain uninterrupted Gmail access without requiring re-authorization on every sync cycle.

Email content is stored only for emails that match known prospect email addresses in the CRM. Emails to personal contacts, unrelated third parties, or addresses not present in the CRM are not read, stored, or processed.

We do not sell, rent, license, or share any Gmail data, email content, or personal information obtained through Google OAuth with any third party for any purpose, including advertising, analytics, or data brokering.

Gmail data accessed through this App is used solely for the internal operational purposes described in Section 3 above and is accessible only to authorized Paradigm Capital management personnel within the App.

We do not use Gmail data to train machine learning models, build user profiles for advertising, or transfer data to any external service beyond the App's own database.

Synced email records are retained in the App's database for as long as the associated sales representative account remains active. Upon account deactivation or upon request, all stored email records associated with a representative's account will be permanently deleted within 30 days.

OAuth tokens are deleted immediately upon account disconnection or upon the representative's request to revoke access.

Authorized representatives may revoke the App's access to their Gmail account at any time through either of the following methods:

1. Via Google Account Settings: Go to myaccount.google.com/permissions, find "Retirement Rescue Hub" in the list of connected apps, and click "Remove Access". This immediately invalidates all OAuth tokens held by the App.
2. Via the App: Contact the App administrator at [email protected] to request account disconnection. The administrator will revoke your OAuth token and delete your stored email records within 5 business days.

Revoking access will not affect emails already sent or received — it only prevents the App from accessing your Gmail going forward.

OAuth tokens are stored in an encrypted database hosted on a managed cloud platform. Access to the database is restricted to the App's server processes and authorized administrators. We use HTTPS for all data transmission between the App and Google's APIs.

In the event of a security incident that affects Gmail data, affected representatives will be notified promptly and all compromised tokens will be revoked immediately.

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the App after a policy update constitutes acceptance of the revised terms. For material changes, we will notify authorized representatives directly via email.

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact: