Privacy Policy

Last updated: March 12, 2026

1. Introduction

At DOFORTECH INC, doing business as Everdesk ("Everdesk", "we", "our", or "us"), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-native customer communications platform and related services (collectively, the "Service"). By accessing or using the Service, you consent to the practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

2. Information We Collect

2.1 Information You Provide Directly

  • Account information: name, email address, phone number, company name, job title, and billing details (such as payment card information and billing address).
  • Profile information: profile picture, communication preferences, and timezone settings.
  • Communication data: messages, files, images, and other content you send, receive, or manage through the Service across connected channels (email, SMS, WhatsApp, live chat, social media).
  • Customer data: information about your customers that you upload, import, or create within the Service, including contact details, conversation history, tags, and notes.
  • Support inquiries: information you provide when contacting our support team, including screenshots, error logs, and descriptions of issues.
  • Survey and feedback responses: information you voluntarily provide through surveys, beta programs, or feedback forms.

2.2 Information Collected Automatically

  • Usage data: pages visited, features used, actions taken, time spent on pages, click patterns, search queries, and interaction with AI-powered features.
  • Device information: browser type and version, operating system, screen resolution, device identifiers, language preferences, and IP address.
  • Log data: server logs that record information such as access times, referring URLs, error logs, and diagnostic data.
  • Cookies and tracking technologies: we use cookies, web beacons, pixels, and similar technologies to maintain sessions, remember preferences, and analyze usage patterns. See Section 10 for more details.

2.3 Information from Third Parties

  • Integration data: when you connect third-party services (e.g., email providers, CRM systems, social media platforms), we may receive information from those services as necessary to provide the integration functionality.
  • Payment processors: our payment processor (Stripe) may provide us with limited transaction information such as payment status and the last four digits of your card.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service delivery: provide, operate, maintain, and improve the Service, including AI-powered features such as smart replies, message categorization, and sentiment analysis.
  • Personalization: customize your experience, including tailoring AI suggestions and interface preferences to your usage patterns.
  • Transaction processing: process payments, send invoices, and manage your subscription.
  • Communication: send service-related notifications, technical notices, updates, security alerts, and administrative messages.
  • Support: respond to your comments, questions, and support requests.
  • Analytics: monitor and analyze trends, usage, and activities to understand how users interact with the Service and to improve our products.
  • Safety and security: detect, investigate, and prevent fraudulent transactions, abuse, and other harmful activities; protect the rights and safety of our users and third parties.
  • Legal compliance: comply with applicable laws, regulations, and legal processes.
  • AI model improvement: use aggregated and anonymized data to improve the performance of our AI models. We never use your identifiable customer communication data to train models shared with other customers.

4. Legal Basis for Processing (EEA/UK Users)

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data based on the following legal grounds:

  • Contract performance: processing necessary to provide the Service you have requested.
  • Legitimate interests: processing necessary for our legitimate interests (e.g., improving the Service, preventing fraud), provided these interests are not overridden by your rights.
  • Consent: where you have given explicit consent for specific processing activities (e.g., marketing communications).
  • Legal obligation: processing necessary to comply with applicable laws and regulations.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

  • Service providers: we engage trusted third-party companies and individuals to perform services on our behalf (e.g., cloud hosting, payment processing, analytics, email delivery, customer support tools). These providers are contractually obligated to protect your data and may only use it for the purposes we specify.
  • AI sub-processors: we use third-party AI providers (e.g., for natural language processing) to power certain features. Data shared with these providers is subject to strict data processing agreements and is not used to train their general models.
  • Business transfers: in connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of the transaction. We will notify you before your data becomes subject to a different privacy policy.
  • Legal requirements: we may disclose your information if required to do so by law, or in response to valid requests by public authorities (e.g., a court order or government agency).
  • Protection of rights: we may disclose information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our Terms, suspected fraud, situations involving potential threats to the safety of any person, or as evidence in litigation.
  • With your consent: we may share your information with third parties when you have given us explicit consent to do so.

6. International Data Transfers

Your information may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country. We take appropriate safeguards to ensure that your personal information remains protected, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data Processing Agreements with all sub-processors
  • Encryption of data in transit and at rest

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. After account deletion, we will delete or anonymize your data within 90 days, except where we are required to retain it for legal, tax, or regulatory purposes. Specifically:

  • Account data: retained for the duration of your account, plus up to 90 days after deletion.
  • Communication data: retained for the duration of your account. You may delete individual conversations or customer data at any time.
  • Billing records: retained for up to 7 years after the end of the billing relationship, as required by tax and financial regulations.
  • Usage logs: retained for up to 24 months for analytics and security purposes, then aggregated or deleted.

8. Data Security

We implement industry-standard technical and organizational measures to protect your personal information, including:

  • Encryption: all data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
  • Access controls: strict role-based access controls and multi-factor authentication for internal systems.
  • Infrastructure: our Service is hosted on enterprise-grade cloud infrastructure with SOC 2 compliance.
  • Monitoring: continuous security monitoring, vulnerability scanning, and penetration testing.
  • Incident response: we maintain an incident response plan and will notify affected users and relevant authorities of any data breach in accordance with applicable laws.

No method of transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

9. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: request a copy of the personal information we hold about you.
  • Correction: request that we correct any inaccurate or incomplete personal information.
  • Deletion: request that we delete your personal information, subject to certain legal exceptions.
  • Restriction: request that we restrict the processing of your personal information under certain circumstances.
  • Portability: request a copy of your data in a structured, commonly used, machine-readable format.
  • Objection: object to the processing of your personal information for direct marketing or where processing is based on legitimate interests.
  • Withdraw consent: where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of prior processing.
  • Lodge a complaint: you have the right to lodge a complaint with a supervisory authority in your jurisdiction.

To exercise any of these rights, please contact us at legal@everdesk.ai. We will respond to your request within 30 days.

10. Cookies and Tracking Technologies

We use the following types of cookies:

  • Strictly necessary cookies: required for the operation of the Service (e.g., session management, authentication). These cannot be disabled.
  • Analytics cookies: help us understand how visitors interact with the Service by collecting information anonymously (e.g., Google Analytics).
  • Functional cookies: remember your preferences and settings to enhance your experience.

You can control cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Service.

11. Third-Party Links

The Service may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

12. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly. If you believe a child has provided us with personal data, please contact us at legal@everdesk.ai.

13. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know: you may request details about the categories and specific pieces of personal information we have collected about you.
  • Right to delete: you may request deletion of your personal information, subject to certain exceptions.
  • Right to opt out of sale: we do not sell personal information, so this right does not apply.
  • Non-discrimination: we will not discriminate against you for exercising your CCPA rights.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by posting a prominent notice on the Service or by sending you an email at least 30 days before the changes take effect. The "Last updated" date at the top of this page indicates when the policy was last revised. Your continued use of the Service after the effective date constitutes your acceptance of the revised policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

  • Email: legal@everdesk.ai
  • Address: 3400 Cottage Way, Ste G2 #34128, Sacramento, CA 95825

We aim to respond to all inquiries within 30 days.