1. AI model providers
AI requests are routed through a managed inference layer (Emergent) under equivalent contractual restrictions.
- OpenAI (US) — generates copilot responses, briefings and drafts. Receives prompts and permission-filtered context; not permitted to train on your content.
- Anthropic (US) — same role and restrictions as above for Claude-powered responses.
- Google (US) — same role and restrictions for Gemini-powered responses.
2. Connected platforms (only if you connect them)
- Google LLC — Gmail, Calendar, Drive, Contacts, Tasks and Meet APIs. Panzoe reads the data you authorise and writes only what you explicitly approve (e.g. saving a draft). Use of Google user data complies with the Google API Services User Data Policy, including the Limited Use requirements.
- Microsoft Corporation — Microsoft Graph for Outlook Mail & Calendar, OneDrive, To Do, Teams metadata and Contacts, under the same read/approve-to-write model.
3. Payments & communications
- Stripe (US/global) — subscription payments. Processes card details entirely on Stripe infrastructure; Panzoe never stores card numbers.
- Resend (US) — transactional email delivery (verification, receipts, briefing emails). Processes recipient address and message content.
4. Infrastructure
- Managed cloud hosting and MongoDB database infrastructure — stores platform data with TLS in transit; OAuth tokens are additionally application-layer encrypted.
- Web push delivery (your browser's push service — e.g. Google, Apple or Mozilla) — receives only the notification title and body you opted into.
5. Changes
We update this list before adding processors that handle personal data. Questions: privacy@panzoe.ai.
Questions about this policy? Contact us at legal@panzoe.ai or visit the Contact page.