EOS One Privacy Policy

1. Who We Are

EOS One, Inc. is a Delaware corporation providing AI-powered business performance solutions for organizations running the Entrepreneurial Operating System (EOS). Our platform supports tools like the Vision/Traction Organizer (V/TO), Scorecards, Rocks, Issues lists, and Level 10 Meetings (L10s) to help teams gain clarity, alignment, and accountability. In doing so, we collect and process certain information. We value your trust and pledge to protect your data.

2. How to Contact Us

If you have questions about this Privacy Policy or wish to exercise any privacy rights, reach out to us. We’ll respond within 30 days:

3. Information We Collect

3.1 Information You or Your Organization Provide

• Account & Business Info: Name of your business, division using our Products, business address, and relevant financial or tax details needed for consulting and HR services.
• Contact Details: Name, work email, phone number, job title/position.
• Payment Information: If you pay for our services, we or our payment processor (e.g., Stripe) collect credit card or bank info.
• Employee Data (HR Services): If your employer uses our HR AI features, we may process employee details like name, work contact info, job function, salary range, demographic info (e.g., age group, gender, ethnicity), and any other data your employer submits. We handle this under instructions from your employer.
• EOS Operational Data: If you use EOS-specific features (e.g., Vision/Traction Organizer, Scorecards, Rocks, Issues lists, or L10 Meetings), we may process business strategy information, goals, KPIs, internal meeting notes, and assigned responsibilities. This information is considered organizationally confidential and is accessible only to authorized users within your team unless you choose to share it externally.

3.2 Information from Website Visitors

If you visit our marketing pages or fill out a “learn more” form, we might collect your name, email, phone number, organization, and reasons you’re interested in EOS One. We use this to respond to your inquiry and share more information about our Products.

3.3 Automatically Collected Information

When you interact with our Sites or Products, we collect:

• Device & Browsing Data: IP address, browser type, operating system, device identifiers, pages visited, and usage times.
• Cookies & Similar Technologies: We use cookies, web beacons, pixels, and similar tools to remember your preferences, analyze site traffic, and help with marketing (see Cookies and Advertising for more details).

3.4 Third-Party Sources

We may receive information about you from single sign-on providers or social media platforms if you choose to connect them with your EOS One account. We handle such data according to this Privacy Policy.

4. How We Use Your Information

• Providing Our Services: Setting up and maintaining your account, delivering EOS-based business performance tools, enabling collaboration across users, and processing payments.
• Improving Our Products: Analyzing usage patterns and feedback to enhance features, fix bugs, and inform product development.
• Communication: Sending service updates, transactional emails, security alerts, and—if you opt in—marketing messages about new features or special offers.
• Fraud Prevention & Security: Verifying accounts, investigating suspicious activities, and enforcing our Terms of Service.
• Legal & Compliance: Meeting obligations under applicable laws (e.g., tax rules) or responding to lawful requests from authorities.
• Analytics & Research: Aggregating and de-identifying usage data to understand user behavior, shape future product direction, and produce benchmarks.
• Marketing: Displaying relevant ads or sending promotional materials, subject to your preferences (see Your Choices).
• Team Collaboration & Role-Based Access: EOS One allows role-based collaboration and visibility. Depending on your permissions, some data (e.g., Rocks, Issues, Scorecard metrics) may be visible to other authorized users within your organization. You can adjust access settings via your account administrator.

5. AI Data Usage & Model Training

• Limited AI Sharing: When you query our AI with your organizational data, we may route pseudonymized or aggregate information to third-party AI services (including OpenAI, Anthropic, and Google) under strict contractual terms. These providers cannot use your data to train their public models or retain it for their own use.
• AI in EOS Contexts: EOS One may use AI to assist with meeting summaries, prioritizing Issues, generating Rocks, or drafting updates during Level 10 meetings. These features use your team’s private workspace data and follow all AI safeguards described here.
• Internal AI Improvements: We may refine our AI by analyzing anonymized usage data. We do not use raw or identifiable data to train public-facing AI models.

6. How We Share Your Information

We do not sell your personal information. We only share your data under these circumstances:

• Service Providers (Agents): Hosting providers (e.g., AWS), payment processors (e.g., Stripe), analytics tools, and AI API vendors. Each is contractually bound to data-use limitations and security practices.
• With Your Organization: If your employer set up your EOS One account, they can access relevant data and usage reports (e.g., team performance metrics, Issues lists, Rocks progress).
• As You Permit: If you request an integration or authorize data sharing with another system (e.g., CRM, calendar), we will do so with your consent.
• Third-Party Integrations: If you connect EOS One to tools like Google Calendar, Slack, or your CRM, we access only the necessary data to power those features. You can revoke access at any time.
• Legal Compliance: Disclosure as required by law or to protect our rights, users, or property.
• Corporate Transactions: If EOS One is involved in a merger or acquisition, your data may be transferred to the successor, but the same data protection standards will apply.
• Aggregated/Anonymized: We may share insights that do not identify any individual (e.g., “50% of teams resolve Issues weekly”).

7. Cookies and Advertising

• Cookies & Tracking: Used for session management, analytics, and marketing.
• Analytics: Tools like Google Analytics help us understand usage behavior.
• Advertising: We may advertise EOS One on other sites. Some third-party cookies may track browsing behavior for targeted ads.
• Your Cookie Choices: Manage cookies in browser settings. We do not respond to “Do Not Track” signals but honor valid opt-out requests under applicable laws.

8. Your Privacy Rights

8.1 Access, Correction, and Deletion

• Access/Portability: Request a copy of the data we hold.
• Correction: Fix inaccurate information via settings or request.
• Deletion: Request deletion, subject to legal or contractual requirements.

8.2 Marketing & Communication Preferences

• Opt-Out: Unsubscribe via links or by contacting us.
• Do Not Sell/Share: If you believe a practice qualifies as “sharing” under privacy law, contact us to opt out.

8.3 Non-Discrimination

We won’t alter your experience or pricing for exercising your rights.

How to Exercise Rights: Email: support@eosone.com. We may verify your identity before acting on requests. If your account is employer-managed, coordination may be needed.

9. Security and Breach Notification

• Secure Hosting: Encrypted, SOC 2-compliant infrastructure.
• Encryption: At rest and in transit.
• Access Controls: Staff access is limited and secured.
• Monitoring: Vulnerability scans, intrusion detection, and incident response protocols are in place.
• Employee Training: All team members receive training on data privacy and security.
• Audit Trails: EOS One maintains logs of user actions (e.g., editing Rocks or closing Issues) for transparency and organizational oversight.
• Breach Notification: If your data is compromised, we’ll notify you or your organization in compliance with law.

10. Forums, Testimonials, and Social Media

• Forums & Events: Public posts may be visible to others. Share cautiously.
• Testimonials: We get your permission before sharing identifiable testimonials.
• Social Media: Widgets follow the respective platform’s privacy rules.

11. Special Considerations (HIPAA & State Laws)

• HIPAA: If we sign a Business Associate Agreement, we comply with HIPAA for PHI.
• State Laws: We honor privacy rights under laws such as California’s CCPA/CPRA and Virginia’s CDPA. Contact us for specific state-related requests.

12. Children’s Privacy

EOS One is not for children under 13 (or the age of majority in your area). If we find we’ve collected data from a minor, we will delete it. Parents can email support@eosone.com with concerns.

13. Changes to This Privacy Policy

We may update this Privacy Policy to reflect legal, operational, or feature-related changes. When we do, we’ll:

• Update the “Last Updated” date.
• Post a notice on our website if the changes are material.
• Offer opt-in or opt-out choices where legally required.

By continuing to use EOS One after updates, you accept the revised Policy unless law requires explicit consent.

14. Questions or Concerns?

If you have questions about this Privacy Policy or concerns about how your data is handled, email  support@eosone.com. We’re committed to your trust and data security.