ArcHivez

Privacy Policy

Last updated: 2026-05-06 · Effective: 2026-05-06

1. Who we are

Archivez is a tenant-scoped AI assistant operated by Open Kinetix d.o.o. ("Open Kinetix", "we", "us"), a company registered in the Republic of Serbia. Open Kinetix is the data controller for personal data processed through Archivez.

2. What this policy covers

This policy explains what personal data Archivez processes, why, where it is stored, how long it is kept, who it is shared with, and what rights you have as a data subject under the EU General Data Protection Regulation (GDPR) and comparable laws.

3. What data we collect

3.1 Account data

When your tenant organisation provisions an Archivez account for you, we process:

  • Your email address and name (from your organisation's single sign-on provider)
  • Role and permission metadata needed to enforce access control

3.2 Gmail data (only if you connect Gmail)

If you choose to connect your Gmail account through Google OAuth, Archivez will read and index messages from senders you explicitly authorise. We use the gmail.readonly OAuth scope, which means:

  • We can read the subject, body, and metadata (sender, recipients, timestamps, thread ID) of selected messages
  • We cannot send, modify, or delete any messages
  • You control which senders are indexed and can revoke access at any time via Archivez settings or your Google Account permissions

3.3 Uploaded documents

Files (PDF, DOCX, TXT, and similar) that you or a colleague upload into your Archivez tenant are indexed and stored in the tenant's private storage scope.

3.4 Usage data

To run the service we process:

  • Chat questions and answers (used to render source citations and maintain conversation history)
  • Service logs (request timestamps, error traces, rate-limit counters)
  • Aggregate usage metrics (chunk counts, token counts, cost attribution)
  • Crash diagnostics from the Archivez mobile and web applications: stack traces, breadcrumbs of preceding actions, and device or browser metadata. Email addresses, OAuth tokens, and JWT-shaped strings are stripped from messages and breadcrumbs before they leave your device or our servers.

4. How we use your data

  • To provide the core product: retrieving relevant passages from your own content library and generating cited answers
  • To enforce tenant isolation: every row of every database table is scoped by tenant_id, and access is filtered at both the application and query layers
  • To operate, maintain, and troubleshoot the service
  • To comply with legal obligations

We do not sell your data. We do not use your data to train third-party AI models. Prompts sent to AWS Bedrock are not retained by Anthropic or Cohere for model training.

5. How we store your data

  • Encryption at rest:
    • Document storage (uploaded files and indexed Gmail content) is held in private S3 buckets with AWS server-side encryption (SSE-S3, AES-256).
    • The application database (PostgreSQL on AWS RDS) is encrypted at rest with AES-256 using AWS RDS-managed encryption.
    • Gmail OAuth tokens receive an additional layer of protection: each connection's tokens are envelope-encrypted with AWS KMS, with a distinct Data Encryption Key (DEK) per connection wrapped by a KMS-managed master key.
  • Encryption in transit: TLS 1.2 or higher for all connections.
  • Tenant isolation: database rows are scoped to tenant_id; application-layer and query-layer checks both enforce the boundary.
  • Location: data is stored in the European Union. Primary region is eu-central-1 (Frankfurt, Germany). Large language model calls route through the AWS Bedrock EU cross-region inference profile, which is guaranteed by AWS to stay within EU data-residency boundaries (Frankfurt, Stockholm, Milan, Spain, Ireland, Paris).

6. How long we retain your data

CategoryRetention
Indexed Gmail contentUntil you disconnect Gmail, un-index the sender, or your tenant account is deleted
Uploaded documentsUntil deleted by you or your tenant admin
Chat history180 days by default; your tenant admin may change this
Service logs90 days rolling
Crash diagnostics90 days rolling (Sentry default retention)
Aggregate usage metrics24 months (cost attribution and capacity planning)
Account dataDuration of your tenant's contract with Open Kinetix

When you disconnect Gmail, embedded chunks derived from that mailbox are deleted within 24 hours. When your tenant account is closed, all tenant data is deleted within 30 days.

7. Who we share your data with

Archivez does not sell, rent, or share your personal data with third parties for their own purposes.

We use the following sub-processors to operate the service:

Sub-processorPurposeLocation / routing
Amazon Web Services, Inc.Primary cloud infrastructure (compute, storage, databases, AI inference via Bedrock)EU — eu-central-1 primary; EU CRI for Bedrock
Anthropic, via AWS BedrockLarge language model inference (Claude family)EU-only routing via Bedrock EU CRI
Cohere, via AWS BedrockMultilingual embedding modelEU region
Google LLCGmail API access (only if you connect Gmail)Data is pulled from your Google account under your OAuth consent
Functional Software, Inc. (Sentry)Application crash diagnostics and error trackingSentry EU region (Frankfurt, Germany) — de.sentry.io

All sub-processors are bound by contractual data protection obligations. A current sub-processor list can be requested at privacy@archivez.io.

8. Your rights under GDPR

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights:

  • Access — request a copy of personal data we process about you
  • Rectification — correct inaccurate personal data
  • Erasure ("right to be forgotten") — request deletion of your personal data
  • Portability — receive your personal data in a structured, machine-readable format
  • Restriction — request that we limit processing in specified circumstances
  • Objection — object to processing based on legitimate interests
  • Withdraw consent — for processing based on consent (e.g., the Gmail connection), you can withdraw at any time

To exercise any of these rights, email privacy@archivez.io. We respond within 30 days.

You also have the right to lodge a complaint with a data protection authority — for example the Commissioner for Information of Public Importance and Personal Data Protection (Poverenik) in Serbia, or your national supervisory authority in the EU.

9. Cookies and similar technologies

The Archivez brand website (archivez.io) uses only essential cookies required for the site to function. The Archivez application uses session cookies for authentication through the tenant's identity provider. We do not use third-party advertising or analytics trackers on the application.

10. International transfers

Archivez processes personal data in the European Union. We do not transfer personal data outside the EU in the course of normal operations. Gmail API calls to Google are subject to Google's own data transfer arrangements, which are covered by Google's Data Processing Amendment.

11. Google user data and Limited Use

Archivez uses Google OAuth to request read-only access to your Gmail account (scope: https://www.googleapis.com/auth/gmail.readonly). Archivez only reads messages received from senders you have explicitly designated as "monitored senders" inside Archivez; the rest of your inbox is never fetched, stored, or processed.

Archivez's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • Use limitation. Google user data obtained via Gmail APIs is used exclusively to provide and improve user-facing features of Archivez — namely, retrieving relevant passages from your monitored-sender emails and generating cited answers to your questions. We do not use this data for any unrelated purpose.
  • No advertising. We do not use Google user data for advertising, ad targeting, ad measurement, or any form of ad personalisation.
  • No transfer except as needed. We do not transfer Google user data to third parties except as necessary to provide or improve the user-facing features above, to comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to users.
  • No human access. We do not allow humans to read Google user data unless (a) we have your explicit consent for specific messages, (b) access is necessary for security purposes such as investigating abuse, (c) access is necessary to comply with applicable law, or (d) the data has been aggregated and anonymised and is used only for internal operations.

Archivez processes Google user data exclusively within the European Union (AWS eu-central-1, Frankfurt). Message content is stored encrypted at rest and is isolated per tenant. You can revoke Archivez's access at any time from your Google Account's third-party connections page, and you can request deletion of all indexed Gmail-derived data by emailing privacy@archivez.io; deletion completes within 30 days.

12. Security and breach notification

We maintain administrative, technical, and organisational measures appropriate to the nature of the data we process, including encryption, access controls, logging, and least-privilege IAM. If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the affected tenant admins without undue delay and, where required by law, the competent data protection authority within 72 hours.

13. Children

Archivez is a business product and is not intended for children under 16. We do not knowingly collect personal data from children.

14. Changes to this policy

We may update this policy to reflect changes to the service or to legal requirements. Material changes will be announced to tenant admins by email at least 30 days before they take effect. The "Last updated" date at the top of this page is always current.

15. Contact us