Privacy Policy
Begl – Operated by Petracore, LLC
Last Updated: January 21, 2026
1. Introduction
Petracore, LLC ("we," "us," "our," or "Company") operates the Services provided in the Begl Application (the "Service"). We are committed to protecting your privacy and ensuring you have a positive experience on our website and through our Service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you access and use our Service, including any related applications, features, and content (collectively, the "Platform").
This policy applies to users over the age of 18 located in the United States and Canada (excluding Quebec) where we provide services. By accessing and using the Service, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy.
2. Information We Collect
2.1 Information You Provide Directly
- Account Registration Data: When you create an account, we collect your name, email address, and authentication credentials. You may optionally provide a company name and job title.
- Email Account Credentials: When you authorize Begl to connect to your Gmail, Outlook, or other email account, our third party service provider may receive authentication tokens that allow us to access, read, analyze your emails, and send new emails.
- Email Content Data: Our Service analyzes emails you have granted us authorization and access to (through our third party service provider Nylas) for generating Service-related content. We extract and store information contained in these emails, which may include sender and recipient email addresses, email subject lines, message body content, attachments, attachment metadata, and any other information present in the email. This may incidentally include sensitive information such as financial data (e.g., payment information, contract terms, pricing), health-related references, location information (e.g., travel details, meeting locations), and other personally identifiable information that is contained within the emails. See Section 2.4: Sensitive Personal Information.
- Extracted Information: Our Service processes email content and any additional uploaded materials using AI and analysis tools to identify and extract Service-related information. This extracted information is stored in our database for further analysis, reporting, and service provision.
- Other Uploaded Materials: You may upload additional documents, files, or other materials to Begl for analysis and processing in connection with the Services. These uploads may include sponsorship proposals, partnership agreements, media kits, contracts, and/or other business documents.
- Communications: If you contact us with questions or requests, we collect the content of your messages, your email address, and any other information you provide.
2.2 Information Collected Automatically
- Device Information: We collect information about the devices you use to access the Service, including IP address, browser type, operating system, device identifiers, and mobile network information.
- Usage Information: We collect information about how you interact with the Service, including features accessed, actions performed, email folders analyzed, processing duration, and error logs.
- Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to recognize you, remember your preferences, understand your usage patterns, and improve the Service.
- Log Data: Our servers automatically record information created when you access the Service, including access times, pages viewed, IP addresses, and referring URLs.
2.3 Information from Third Parties
- Email Service Providers: When you authorize access to your Gmail or Outlook account (or other email providers), those services provide us with authentication tokens and basic account information necessary to access your emails. Note that email access is provided through our service provider (Nylas).
- Social Identity Providers: If you authenticate using Google, Microsoft, or iCloud accounts, those providers share basic profile information including your email address and name. Note that authentication is managed directly by our service provider (Supabase), and we do not receive or store your passwords.
- Service Providers: Our subprocessors (described in Section 8) may provide us with technical and analytical information necessary for platform operation.
2.4 Sensitive Personal Information
We do not intentionally or directly collect sensitive personal information such as biometric data, educational data, financial account numbers, or medical information. However, because email naturally contains sensitive information, our processing of email content may incidentally include sensitive personal information embedded in messages (financial data, health references, precise location information, etc.). By using the Service, you acknowledge this risk and release us from any liability related to any incidental processing of sensitive personal information incidentally included in email content.
3. How We Use Your Information
We use the information we collect for the following purposes:
- Service Provision: To provide, operate, improve, and maintain the Begl Service, including analyzing emails and uploaded materials, generating Service-related content, and enabling you to manage extracted information and corresponding generated outputs, including sending emails, facilitated through your email provider and our third-party service provider Nylas, within the Begl Service.
- Account Management: To create and manage your account, process authentication, verify your identity, and provide customer support.
- Communication: To respond to your inquiries, provide updates about the Service, send administrative notifications, and notify you of changes to our policies.
- Aggregated Analytics: To generate aggregated, de-identified analytics about Service usage patterns, feature adoption, and performance (this data cannot be associated with you individually).
- Legal Compliance: To comply with applicable laws, regulations, legal requests, law enforcement inquiries, and our legal obligations.
- Fraud Prevention: To detect, prevent, and address fraud, security incidents, unauthorized access, and other violations of our Terms of Service.
- Technical Optimization: To diagnose technical problems, monitor system performance, troubleshoot issues, and maintain service quality.
- Product Improvement: To understand how users interact with the Service and develop new features and improvements.
We do not use your personal information for automated decision-making that produces legal or similarly significant effects regarding your eligibility for services, pricing, or account status.
4. Data Retention
We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy, unless a longer retention period is required by law.
- Account Information: Retained while your account is active and for a reasonable period afterward for backup, archival, and legal compliance purposes.
- Email Content and Extracted Data: Retained for as long as you maintain your account and actively use the Service. You may request deletion of specific emails or extracted data at any time.
- Log and Usage Data: Typically retained for 90 days unless needed for longer periods for fraud detection, security, or legal purposes.
- Backup Data: We maintain encrypted backups of user data for disaster recovery purposes. Deleted data may persist in backups for a limited period before being permanently purged.
5. Data Sharing and Disclosure
5.1 What We Do NOT Do
We do not sell your personal information to third parties. We do not share your personal information with third parties for their marketing purposes. We do not broker or trade your personal information.
5.2 Service Providers and Subprocessors
We share necessary information with carefully selected service providers who process data on our behalf. These subprocessors are listed in Section 8. The processing of your information is governed by their terms of services and privacy policies, as outlined in Section 8.
5.3 Legal Requirements and Safety
We may disclose your information when required by law, court order, or legitimate legal process, or when we believe in good faith that such disclosure is necessary to: (a) comply with applicable laws, regulations, and legal obligations; (b) protect our rights, privacy, safety, or property; (c) protect the rights, privacy, safety, or property of you or others; or (d) prevent or investigate possible wrongdoing in connection with the Service.
5.4 Business Transfers
If we merge, acquire, or sell substantially all of our assets, your information would be transferred as part of that transaction. We will notify you of such an event and provide you with choices regarding your personal information to the extent required by applicable law. You will be able to opt out of certain transfers if legally required.
5.5 Aggregated and De-Identified Data
We may share aggregated, de-identified data that cannot reasonably be used to identify you with third parties for research, marketing, analytics, and other purposes without your consent.
6. Your Privacy Rights and Choices
6.1 US Consumer Rights
If you are a US resident, you may have the following rights under applicable state privacy laws:
- Right to Know: You have the right to request what personal information we collect, use, and share about you.
- Right to Access: You have the right to access your personal information in a portable, usable format.
- Right to Correct: You have the right to request correction of inaccurate personal information.
- Right to Delete: You have the right to request deletion of personal information we have collected from you, subject to certain legal exceptions (e.g., information needed for fraud detection, legal compliance).
- Right to Opt-Out: You have the right to opt out of targeted advertising and certain profiling activities. We do not engage in targeted advertising or data sales, so this right is of limited relevance to our Service.
- Right to Appeal: If we deny your request, you have the right to appeal our decision by contacting our privacy team at the address provided in Section 11.
6.2 Canadian Consumer Rights (PIPEDA and Provincial Laws)
If you are a Canadian resident (excluding Quebec), you have the following rights under PIPEDA and applicable provincial privacy laws:
- Right to Access: You have the right to request access to your personal information that we hold.
- Right to Correct: You have the right to request correction of any inaccurate, incomplete, or obsolete personal information.
- Right to Know Purpose: You have the right to know what purposes we collect, use, and disclose your personal information for.
- Right to Withdraw Consent: You have the right to withdraw consent to the collection, use, or disclosure of your personal information at any time, subject to legal or contractual restrictions.
- Right to Complain: You have the right to file a complaint with the Privacy Commissioner of Canada (federal) or your provincial privacy authority if you believe we have violated your privacy rights.
- Right to Opt-Out of Email Marketing: You have the right to unsubscribe from promotional emails at any time by clicking the unsubscribe link in the email or contacting us.
6.3 How to Exercise Your Rights
To exercise any of the rights described above, you may submit a request by emailing us at [email protected]. Please include enough information to identify you and describe your request clearly. You may also designate an authorized agent to submit requests on your behalf. We will respond to your request within the timeframes required by applicable law (typically within 30 days, with possible extensions as allowed by law). We may require verification of your identity before processing your request. We will not charge fees for reasonable requests unless permitted by law. You have the right to appeal our decisions through the procedures outlined in your state or province.
7. Data Security
We implement comprehensive technical, administrative, and physical security measures designed to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include:
- Encryption: All data in transit is encrypted using TLS/SSL protocols. Data at rest is encrypted using AES-256 or equivalent.
- Access Controls: We implement role-based access controls, multi-factor authentication, and principle-of-least-privilege access to limit who can access personal information.
- Monitoring: We continuously monitor systems for unauthorized access attempts, security threats, and anomalous behavior.
- Data Protection Impact Assessments: We conduct data protection impact assessments for high-risk processing activities to identify and mitigate privacy risks.
- Vendor Management: We require all service providers to implement appropriate security measures and comply with privacy laws.
- Data Minimization: We collect and retain only the minimum personal information necessary to provide the Service.
- Regular Audits: We conduct regular security audits and vulnerability assessments to identify and address potential weaknesses.
However, no security system is completely impenetrable. While we strive to protect your information, we cannot guarantee absolute security. You acknowledge that your use of the Service is at your own risk.
8. Subprocessors and Service Providers
We use the following service providers and subprocessors to operate the Service.
| Provider | Function | Privacy Terms |
|---|---|---|
| Nylas | Email Integration and Processing | https://www.nylas.com/privacy-policy/ |
| Supabase | Authentication, Database, and Object Storage | https://supabase.com/privacy |
| Amazon Web Services | Hosting | https://aws.amazon.com/privacy/ |
| Cloudflare | Caching, SSL Negotiation, DNS, WAF, DDoS Protection | https://www.cloudflare.com/privacypolicy/ |
| Resend | Email Sending | https://resend.com/legal/privacy-policy |
| Groq | AI Inference Provider | https://groq.com/privacy-policy |
| Perplexity | AI Research Provider | https://www.perplexity.ai/hub/legal/privacy-policy |
| Pydantic Logfire | Platform Logging | https://pydantic.dev/legal/privacy-policy |
Note: Email authentication (Google, Microsoft, iCloud) is handled directly by Supabase and our email service providers. We do not receive, store, or have access to your email account passwords. Third-party authentication is strictly for identity verification and email access authorization.
We may add or update our list of subprocessors. We encourage you to check this Privacy Policy periodically for updates. If you have concerns about any subprocessor, you may contact us at [email protected] to discuss alternatives or request deletion of your data.
9. International Data Transfers
Your personal information may be transferred to, stored in, and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from your home country. When we transfer information internationally, we implement appropriate safeguards, including:
- Standard Contractual Clauses (SCCs): We use SCCs or other approved transfer mechanisms where required by law.
- Data Processing Agreements: We maintain Data Processing Agreements with all processors handling international transfers.
- Encryption: All data in transit is encrypted, limiting exposure during transfer.
- Your Consent: By using the Service, you consent to the transfer of your information to countries outside your country of residence.
Important Note for Canadian Users: Canadian users should be aware that their personal information may be stored in and accessed by U.S. authorities under the U.S. CLOUD Act. While we implement safeguards, we cannot prevent U.S. government access to data stored on U.S.-based infrastructure. If you have concerns about U.S. data access, please contact us to discuss options.
10. Children's Privacy (COPPA)
The Begl Service is not directed to children under 18 years of age, and we do not knowingly collect personal information from children under 18. The Service is designed for professional business use by adults. If we discover that we have collected personal information from a child under 18 without verifiable parental consent, we will delete such information immediately. If you believe we have collected information from a child under 18, please contact us immediately at [email protected]. Parents or guardians concerned about their child's use of the Service should contact us.
11. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, and other factors. When we make material changes, we will notify you by updating the "Last Updated" date at the top of this policy, and we may provide additional notice (such as prominent notification on the Platform or email notification). Your continued use of the Service after such notification constitutes your acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy regularly to stay informed about how we protect your information.
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:
Petracore, LLC
Email: [email protected]
Response Time: We will respond to your inquiry within 10 business days.
13. Regulatory Authority Contact Information
If you are not satisfied with our response to your privacy concern, you may file a complaint with the appropriate regulatory authority:
United States:
- Federal Trade Commission (FTC): https://reportfraud.ftc.gov/
- Your State's Attorney General
Canada:
- Privacy Commissioner of Canada (Federal): https://www.priv.gc.ca/
- Office of the Privacy Commissioner of Alberta: https://www.oipc.ab.ca/
- Office of the Privacy Commissioner of British Columbia: https://www.oipc.bc.ca/
- Information and Privacy Commissioner of Ontario: https://www.ipc.on.ca/
- Office of the Integrity Commissioner, New Brunswick: https://www.nb.ca/
- Office of the Information and Privacy Commissioner, Newfoundland and Labrador: https://www.nfl-info-privacy.ca/
- Office of the Information and Privacy Commissioner of Nova Scotia: https://www.foipop.novascotia.ca/
- Office of the Information and Privacy Commissioner of Manitoba: https://www.gov.mb.ca/