Overnight Success AI respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our products and services.

Overnight Success AI, Inc. — Privacy Notice (U.S. & Canada)

Last updated: September 30, 2025

Effective date: September 30, 2025

Overnight Success AI, Inc. (“Overnight Success AI,” “OSAI,” “we,” “us,” or “our”) respects your privacy. This Privacy Notice explains how we collect, use, disclose, and safeguard personal information when you visit [https://www.overnightsuccess.ai] (the “Website”), use our products and services (including AI agents, automations, integrations, and related applications) (collectively, the “Services”), or otherwise interact with us in the United States, Canada, and their territories and possessions.

By using the Website or Services, you agree to the practices described here. If you do not agree, please do not use the Website or Services.

Notice at Collection (Highlights)

What we collect. We collect:

Directly from you (e.g., account and profile details, contact info, content you submit, payment-related info through our processors).

Automatically (e.g., device and browser data, usage logs, cookies/pixels, session replay, analytics).

From third parties (e.g., business partners, integration providers like Google, Microsoft, Slack, GitHub, and calendar platforms; marketing and analytics providers; publicly available sources).

Categories of personal information may include: identifiers; contact details; commercial information; internet/network activity; device/technical data; audio/visual/sensory data from support calls or demo recordings; geolocation (approximate, via IP); professional/employment data; and inferences.

Why we use it. We use personal information to:

Provide, secure, personalize, and improve the Services

Authenticate users and enable integrations

Process transactions and support requests

Operate analytics and measure performance

Communicate about updates, security, and marketing (where permitted)

Comply with law and enforce terms

Disclosures. We disclose personal information to:

Service providers and processors (hosting, analytics, customer support, payments, email, marketing, fraud prevention)

Integration partners you choose to connect (e.g., Gmail/Outlook, Slack, GitHub, calendars)

Affiliates and entities under common control

Authorities where required by law or to protect rights and safety

Successors in a merger, acquisition, or similar event

Sale/Sharing. We do not sell personal information for money. We may engage in activities considered a “sale” or “sharing” under certain state laws (e.g., cross-context behavioral advertising via third-party cookies/pixels). See Your Privacy Choices for opt-out.

Retention. We retain personal information as needed for the purposes above, including security, analytics, legal compliance, dispute resolution, and business continuity. Where feasible, we minimize, de-identify, or aggregate data and apply retention schedules. See category-specific notes below.

Your choices & rights. Depending on your location, you may have rights to access, correct, delete, limit, or opt out of certain uses (e.g., targeted advertising/cross-context sharing). See Your Rights and How to Exercise Your Rights below.

1) Scope

This Notice covers personal information collected through the Website and our Services offered to users in the U.S. and Canada. Separate notices or contracts may apply to specific products, features, or business relationships; where those conflict, the more specific terms control.

2) Personal Information We Collect

A. Identifiers & Contact Details

Examples: name, alias, username, unique identifiers, email, phone, postal address, IP address, device identifiers.

Sources: you; your employer; integration partners (when connected by you); service providers.

Uses: account creation, authentication, security, communications, providing and improving Services.

Disclosures: service providers; integration partners you authorize; affiliates; legal/authority requests.

Retention: for the life of the account and as required for legal/operational purposes; inactive user accounts may be closed per policy after a defined period (e.g., 6–24 months) with prior notice where required.

B. Commercial & Transaction Information

Examples: subscription tier, purchase history, billing metadata (stored by our payment processor), support entitlements.

Sources: you; our payment provider; our internal systems.

Uses: order processing, provisioning, fraud prevention, support, accounting.

Disclosures: payment processors; service providers; auditors; authorities where required.

Retention: per tax, accounting, and regulatory obligations (often 7 years or as required by law).

C. Internet/Network Activity & Technical Data

Examples: pages viewed, links clicked, referral URLs, search terms, session duration, crash and performance logs, cookie IDs, approximate geolocation from IP. We may use session replay (mouse clicks/movements, scrolling, form interactions) to improve UX and debug issues.

Sources: automated collection via cookies, pixels, SDKs, and logs.

Uses: securing the Services, detecting abuse, analytics, UX optimization, personalization, marketing (where permitted).

Disclosures: analytics and diagnostic providers; advertising/retargeting partners (where enabled); security vendors.

Retention: logs typically 90–180 days; analytics per vendor settings and our internal schedules.

D. Sensory/Support Data

Examples: call recordings, voicemail, video demos, chat transcripts.

Sources: you; our support tools.

Uses: training, quality assurance, issue resolution, compliance.

Disclosures: customer support platforms; transcription providers.

Retention: limited to support needs, QA, and legal purposes, then deleted or anonymized.

E. Professional/Employment Information

Examples: role, department, employer domain, industry.

Sources: you; your admin; enrichment providers; public sources.

Uses: admin controls, enterprise features, usage insights, tailored onboarding.

Disclosures: service providers; affiliates.

Retention: while relevant to the account or contract, then per internal schedules.

F. Inferences

Examples: preferences, propensity models, feature recommendations.

Sources: derived from other data.

Uses: product improvement, personalization, security.

Disclosures: not sold; used internally and with processors.

Retention: as needed for stated purposes, then de-identified or deleted.

Sensitive information. We do not intentionally collect sensitive categories (e.g., precise geolocation, government IDs, health data) unless you explicitly provide them for a specific purpose (e.g., compliance screening). We do not use sensitive data for unrelated purposes without consent where required.

3) How We Use Personal Information (Business & Commercial Purposes)

Provide, operate, maintain, and improve the Website and Services

Enable AI agents, automations, and integrations you authorize (e.g., Gmail/Outlook, Slack, GitHub, calendars)

Authenticate users; prevent fraud and misuse; ensure security and integrity

Process payments and fulfill transactions

Provide customer success and technical support

Measure engagement and effectiveness; conduct analytics and research

Communicate about features, security, and (where permitted) marketing or events

Develop new features, agents, and workflows

Enforce terms, comply with laws, and protect our rights and users

We will not use personal information for materially different, unrelated, or incompatible purposes without notice (and consent where required).

4) Disclosures of Personal Information

We disclose personal information to:

Service providers/processors under contract (hosting, storage/CDN, analytics, session replay, support, email/SMS, payments, marketing ops, security, fraud prevention).

Integration partners that you connect or authorize (e.g., Google, Microsoft, Slack, GitHub, calendar providers). Data shared depends on your configuration and their policies.

Affiliates and entities under common control, subject to this Notice or similar safeguards.

Authorities, regulators, and legal recipients when required by law or to protect rights, safety, or the integrity of the Services.

Business transferees in mergers, acquisitions, or financing events, subject to appropriate safeguards.

We take steps to ensure processors handle personal information consistent with this Notice and applicable law.

5) “Sale” or “Sharing” for Targeted Advertising

We do not sell personal information for money. Some jurisdictions consider certain cookie-based advertising or analytics a “sale” or “sharing.” Where applicable, we honor opt-out choices for cross-context behavioral advertising. See Your Privacy Choices.

6) Cookies, Pixels, and Analytics

We use first- and third-party cookies, pixels, SDKs, and similar technologies for: authentication, security, preferences, analytics, performance, and (where permitted) advertising/retargeting.

Common partners may include (subject to change): Google Analytics/Tag Manager, LinkedIn Insight Tag, Meta Pixel, Mouseflow (or similar session replay), and email/performance analytics vendors. Use of third-party tools is governed by those providers’ privacy terms.

Your controls: Manage browser settings, use opt-out tools offered by partners, and adjust preferences via our [Privacy Settings / Cookie Preferences] link in the site footer.

7) International Transfers

We are U.S.-based and may process information in the United States and other countries where we or our providers operate. These locations may have data protection laws different from your jurisdiction. We implement appropriate safeguards for cross-border transfers as required by law.

8) Children’s Privacy

Our Services are not directed to children under 16, and we do not knowingly collect personal information from them. If you believe a child has provided personal information, contact us and we will take appropriate steps to delete it.

9) Links to Third-Party Sites and Services

The Website and Services may link to or integrate with third-party sites and tools. We are not responsible for those third parties. Review their privacy policies to understand their practices.

10) Security

We use administrative, technical, and organizational measures designed to protect personal information against unauthorized access, disclosure, alteration, or destruction. No system is perfectly secure. You are responsible for maintaining the confidentiality of your credentials and for all activity under your account.

11) Your Rights (U.S. State Laws & Canada)

Depending on your residence, you may have rights to:

Know/confirm whether we process your personal information

Access and data portability

Correct inaccuracies

Delete personal information

Opt out of (i) “sale,” (ii) “sharing” for cross-context behavioral advertising/targeted advertising, and/or (iii) certain profiling

Limit use/disclosure of sensitive information (where applicable)

Appeal a rights decision

Non-discrimination for exercising rights

We maintain de-identified data without attempting to re-identify it except as permitted by law.

12) Your Privacy Choices (Opt-Outs)

Cookies/Ads: Adjust browser settings and use our [Privacy Settings / Cookie Preferences] link.

Targeted Ads/“Sharing” Opt-Out: Use [Your Privacy Choices] in the footer or email us.

Marketing Emails: Use the Unsubscribe link in messages or contact us.

Analytics Opt-Outs: Use partner tools where available (e.g., Google’s opt-out add-on).

13) How to Exercise Your Rights

Submit a verifiable request by:

Email: [privacy@overnightsuccess.ai

14) Do Not Track

Browser DNT signals are not standardized. We do not currently respond to DNT. We honor applicable Global Privacy Control (GPC) signals where required by law.

15) Retention

We retain personal information as long as necessary for the purposes in this Notice, including security, fraud prevention, analytics, compliance, dispute resolution, and to enforce agreements. We apply category-specific schedules, and when data is no longer needed, we delete or de-identify it.

16) Changes to This Notice

We may update this Notice from time to time. The “Last updated” date reflects the most recent changes. Material changes will be posted on this page and, where required, we will provide additional notice or obtain consent.

17) Contact Us

Overnight Success AI, Inc.

Email: [privacy@overnightsuccess.ai]