Legal — Document 01

Privacy Policy

Effective 14 May 2026 Version 1.0 Jurisdiction Aruba

Ozi Agency builds tools that handle the work you'd rather not. Some of that work involves data — your data, your team's, sometimes your customers'. This document explains exactly what we collect, why, where it goes, and what you can do about it.

01. Who we are

"Ozi Agency" (referred to as "Ozi", "we", "us", or "our") is an efficiency company based in Aruba that designs and operates AI-powered systems for business clients. Our principal place of operation is Aruba, Caribbean Netherlands. You can reach us at dennis@oziagency.com for any matter relating to this Policy.

02. What this Policy covers

This Policy applies to two distinct contexts:

Where a section applies to only one of these contexts, we'll say so. Where a section applies to both, it does.

03. Information we collect

From the website

From the Services

04. How we use it

We use the information described above only for the following purposes:

We do not sell your data. We do not share it with advertisers. We do not train general-purpose AI models on your data. We do not use one client's data to improve a Service we deliver to another client.

05. Where it goes — third-party processors

To deliver our Services we rely on a small number of trusted third-party providers, each of which operates under their own enterprise privacy and security terms. As of the effective date of this Policy these are:

We update this list as our stack evolves. If we add a sub-processor that handles client data, we update this Policy.

06. Google APIs — application-specific notice

Some of our Services integrate with Google Workspace through Google's official APIs. When you authorize such a Service to access your Google account, we request only the minimum scopes required for the function you have asked us to perform. The current list of scopes we may request, and the use we make of each, is:

Sheets
Reading from and writing to specific spreadsheets the user has identified, in order to produce, update, or summarise structured data the user has asked us to handle.
Drive
Reading specific files the user has identified, and writing generated outputs (reports, documents) back to a user-designated folder.
Gmail
Reading messages the user has explicitly directed us to process (for example, leads from a specific inbox label) and sending messages on the user's behalf when the user has configured a workflow to do so.
Ozi's use of Google user data

Ozi's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, this means we:

07. How long we keep it

We keep data only as long as it remains useful for the purpose we collected it for, or as long as a contract, tax requirement, or other legal obligation requires us to.

When data is no longer needed, we delete it or anonymize it beyond practical recovery.

08. Security

We apply commercially reasonable safeguards to protect the data we hold: encryption in transit (TLS), encryption at rest where supported by the underlying provider, access controls limited to authorized members of our team, and ongoing monitoring of our infrastructure. No system is perfectly secure. If we ever experience a breach affecting your data, we will notify affected clients without undue delay and explain what happened and what we are doing about it.

09. Your rights

You have the right to:

To exercise any of these rights, email dennis@oziagency.com. We will respond within thirty days. If we cannot fulfil a request for legal reasons, we will tell you why.

10. Children

Our Services are not directed to children under sixteen. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

11. International data transfers

Because our infrastructure providers and AI providers may be based outside Aruba (including in the United States and the European Union), your data may be transferred to and processed in those jurisdictions. Where such transfers occur, we rely on the contractual safeguards offered by the relevant providers and on applicable adequacy decisions where they exist.

12. Changes to this Policy

We may update this Policy from time to time. The "effective" date at the top of this page will reflect the most recent revision. Material changes will be communicated to active clients directly.

13. Contact

Questions, requests, or concerns about privacy can be sent to dennis@oziagency.com. We treat every message as a person writing — not a ticket — and reply accordingly.