Arali LogoArali

Privacy Policy

Last Updated: 08/May/2026

At Arali (along with its subsidiaries and affiliates, collectively referred to as “Arali,” “we,” “us,” or “our”), your privacy and data security are of the utmost importance. We understand the responsibility that comes with handling your personal information, and we are committed to protecting your privacy by adopting best practices in data protection and transparency in how we manage your information.

This Privacy Policy outlines our practices regarding the collection, use, disclosure, and protection of your personal information in connection with your use of our services. As our services evolve, we may need to update this policy from time to time. When changes occur, we will revise the "Last Updated" date at the top of this page. If the changes are material, we may notify you directly via email or through a notice on our platform, in compliance with applicable laws. We recommend periodically reviewing this Privacy Policy to stay informed about how your personal information is handled.

Topics Covered in this Privacy Policy

  • What This Privacy Policy Applies To
  • Information We Collect and How We Collect It
  • How We Use Your Personal Information
  • How We Share Personal Information
  • Your Choices Regarding Personal Information
  • How We Protect Personal Information
  • Retention of Your Data
  • Children’s Privacy Policy
  • International Transfers of Personal Information
  • Additional Notice to Residents of the EEA, UK, and Switzerland
  • Use of Google Workspace APIs and User Data
  • Use of Zoom SDK and Meeting Data
  • Contact Us

What This Privacy Policy Applies To

This Privacy Policy governs the collection, use, and sharing of personal information through:

1. The Arali Website

Includes https://arali.ai and any other websites owned or operated by Arali that are linked to this Privacy Policy (collectively, the “Site”).

2. Arali Services

Refers to Arali’s suite of services, software, and integrations used by customers in conjunction with our products and technology (collectively, the “Services”).

3. Other Digital and Physical Channels

Includes Arali’s social media platforms, newsletters, email communications, and in-person events where we collect and process personal data (together with the Site and the Services, the “Platform”).

Please note that this Privacy Policy does not apply to any third-party websites, applications, or services that may be linked to from the Arali platform but are not owned or controlled by Arali. For third-party sites or services, their respective privacy policies govern the collection and use of your data.

Information We Collect and How We Collect It

Arali collects personal information in various ways, depending on how you interact with our platform. We gather information directly from you, automatically as you use our services, and from third-party sources.

Personal Information You Provide

  • Account Registration and Profile Information: When you sign up for an account, we collect your name, email address, username, and password. You may also provide optional details such as a profile photo, job title, and social media links.
  • Billing Information: If you purchase Arali services, we collect billing details including name, address, and payment information.
  • Feedback and Support Requests: When you contact us for support or feedback, we may collect your name, email, and any other content you provide.
  • Other Information: You may voluntarily provide personal information through surveys, newsletters, contests, testimonials, or other interactions.

Automatically Collected Information

When you interact with the Arali platform, certain information is automatically collected:

  • Usage Data: Referring sources, visited pages, actions taken, IP address, browser type, and operating system.
  • Device Data: Device type, operating system, browser version, and approximate location.
  • Cookies and Tracking Technologies: Arali uses cookies and web beacons to enhance your experience and analyze engagement.

Information Collected from Third Parties

Arali may collect information from:

  • Third-Party Accounts: Such as Google or Microsoft for single sign-on.
  • Social Media: Profile details and interactions when you engage with our official pages.
  • Third-Party Data Providers: To enhance user understanding, marketing, and analytics.

How We Use Your Personal Information

Arali uses collected information for the following purposes:

  • Providing and improving services
  • Personalization and user experience
  • Communications (service updates, billing, and support)
  • Marketing and promotions (with your consent)
  • Legal compliance
  • Business operations (fraud detection, audits, and research)

How We Share Personal Information

Arali does not sell your personal information. We may share it with:

  • Affiliates and Subsidiaries
  • Service Providers (e.g., hosting, payment, marketing)
  • Legal Authorities (when required by law)
  • In Case of Business Transactions (merger, acquisition, or sale)
  • Advertising and Analytics Partners (for research and measurement)

Your Choices Regarding Personal Information

You can control your data through:

  • Account Settings: View, edit, or delete personal data.
  • Marketing Emails: Opt out anytime using unsubscribe links.
  • Cookies: Adjust browser settings to manage cookies.
  • Interest-Based Ads: Opt out via NAI or DAA tools.

How We Protect Personal Information

Arali uses encryption, firewalls, and secure data storage to protect your information. While we strive to safeguard your data, no system is 100% secure, and you acknowledge providing information at your own risk.

Retention of Your Data

We retain personal information only as long as needed for legitimate purposes or legal obligations. When no longer required, it is securely deleted or anonymized.

Children’s Privacy Policy

Arali does not knowingly collect personal information from individuals under 18. If such data is discovered, it will be deleted immediately. Please contact us if you believe a minor has provided personal data.

International Transfers of Personal Information

Arali may transfer your data internationally. By using our platform, you consent to these transfers, where we ensure appropriate safeguards.

Additional Notice to Residents of the EEA, UK, and Switzerland

Arali complies with GDPR and applicable data protection laws. Your rights include:

  • Access
  • Rectification
  • Erasure
  • Portability
  • Objection
  • Restriction

To exercise these rights, contact us using the details below.

Use of Google Workspace APIs and User Data

Our app’s use of information received from Google Workspace APIs strictly adheres to the Google API Services User Data Policy, including the Limited Use requirements.

1. Data Accessed

Arali accesses the following types of Google user data, only after you explicitly grant permission via OAuth consent:

  • Google Account Profile Information: Your name, email address, and profile picture (via the openid, userinfo.email, and userinfo.profile scopes) — used for account creation and authentication.
  • Google Calendar Data (read-only): Your calendar list, event details (title, time, attendees, meeting links, and free/busy status) — used to sync your meetings and schedule into the Arali platform. Arali requests only read-only calendar scopes and does not create, modify, or delete any calendar events.
  • Gmail Data (read-only): Email message metadata (sender, recipients, subject, date) and message body content for emails related to your CRM contacts and accounts — used to surface customer communication threads within the Arali platform. Arali requests only read-only Gmail scopes and does not send, modify, or delete any emails on your behalf.

2. Data Usage

Arali uses the Google user data it accesses for the following purposes:

  • Authentication: Google account profile information is used to verify your identity, create your Arali account, and manage login sessions.
  • Calendar Sync: Calendar events are synced into Arali so you can view your meeting schedule, track customer interactions, and receive meeting-related insights — all within the Arali platform.
  • Email Thread Tracking: Gmail messages are synced to associate email communications with the relevant CRM contacts and companies, providing a unified view of customer interactions.
  • AI-Powered Analysis: Meeting transcripts (from calendar-linked meetings) and email threads may be analyzed by AI models to generate summaries, action items, and customer insights for the authenticated user. This analysis is performed solely to deliver features to the individual user and their organization.

Arali does not:

  • Use Google Workspace data to develop, improve, or train generalized or third-party AI/ML models.
  • Transfer Google user data to third-party AI tools outside the scope of delivering features to the user.
  • Use Google user data for advertising, ad targeting, or selling to any third party.
  • Allow any human to read your Google user data except where (a) you provide explicit consent, (b) it is necessary for security purposes (e.g., investigating abuse), or (c) it is required by law.

3. Data Sharing

Arali does not sell, rent, or share Google user data with third parties for their own purposes. Google user data may be shared only in the following limited circumstances:

  • Within Your Organization: Google user data (such as meeting details and email threads) is visible to members of your Arali workspace/organization, subject to role-based access controls (RBAC) and org-unit scoping configured by your administrator.
  • Infrastructure Providers: Google user data is stored and processed using third-party cloud infrastructure services (e.g., cloud hosting, database providers) that act as data processors under contractual obligations to protect your data and use it solely to provide the service.
  • AI Processing Providers: Meeting transcripts and email content may be sent to AI model providers (e.g., Google Gemini, OpenAI) solely for generating summaries and insights. These providers process data only as instructed and are contractually prohibited from using it for model training or any other purpose.
  • Legal Requirements: We may disclose Google user data if required by law, legal process, or governmental request.

No other third parties receive access to your Google user data.

4. Data Storage & Protection

  • Encryption in Transit: All Google user data is transmitted over HTTPS/TLS encrypted connections.
  • Encryption at Rest: Data is stored in encrypted databases hosted on secure cloud infrastructure.
  • Access Controls: Access to Google user data is protected by role-based access controls (RBAC). Users only see data belonging to their assigned organizational units. Administrative access to production systems is restricted to authorized personnel.
  • OAuth Token Security: Google OAuth refresh tokens and access tokens are stored in encrypted database fields and are never exposed to client-side code or end users. Tokens are automatically refreshed server-side and are scoped to the minimum permissions required.
  • No Local Storage: Google user data is not stored on local devices or in browser local storage. All data processing occurs server-side.

5. Data Retention & Deletion

  • Active Accounts: Google user data is retained for as long as your Arali account is active and the Google integration is connected.
  • Disconnecting the Integration: You can disconnect Google Calendar or Gmail from Arali at any time via Settings → Integrations in the Arali platform. Upon disconnection, Arali revokes the OAuth token and stops syncing new data. Previously synced data associated with your CRM records will be retained unless you request deletion.
  • Account Deletion: When you delete your Arali account, all associated Google user data (synced calendar events, email threads, OAuth tokens, and profile information) is permanently deleted from our systems.
  • Requesting Deletion: You can request deletion of your Google user data at any time by contacting us at devesh@arali.ai. We will process deletion requests within 30 days.
  • No Indefinite Retention: Google user data is not retained beyond the period necessary to provide the service or as required by law.

Use of Zoom SDK and Meeting Data

Our application does not directly access, collect, store, or retain any personal data from Zoom users. The only information our application retrieves is the meeting URL provided explicitly through our website. Once provided, our application uses this URL solely to join Zoom meetings. Within the meeting, we utilize the Zoom SDK exclusively to initiate recording functionality. The SDK prompts all meeting participants explicitly for consent prior to starting the recording.

We do not access, collect, or store any other user data apart from the attendance information explicitly provided by the Zoom SDK during the meeting and the recording. The user can access the recording and also the attendance and the summary. No Zoom OAuth tokens or any additional user data are stored, logged, or retained at any point.

Contact Us

If you have questions or concerns about this Privacy Policy, or to exercise your privacy rights, please contact us at:

Email: devesh@arali.ai

Arali is committed to transparency and the responsible use of your personal information. We appreciate your trust and are here to address any concerns you may have regarding privacy and data security.