Skip to content

Privacy Policy

Last updated: March 12, 2026

1. Who We Are

Chief of Staff is operated by HKO Engineering OÜ, a company registered in Estonia (registry code 16587065). We are the data controller for the personal data processed through this Service.

Contact: hello@getcos.ai

2. Data We Collect

Waitlist and signup data

When you join the waitlist or sign up, we collect your email address. If you later create an account with Google, we receive your name and email from Google's OAuth flow. Waitlist email addresses are stored with our email provider (Resend) to send you confirmations and product updates.

Account data

When you create an account, we collect your name, email address, and timezone.

Channel data

When you connect communication channels (Gmail, Slack, Calendar), we access:

  • Email: sender, recipient, subject, body text, timestamps
  • Calendar: event titles, times, attendees, descriptions
  • Slack: messages in channels you authorize, sender names, timestamps

We process this data to classify items, generate summaries, and draft responses. We store AI-generated summaries and metadata. We do not store full email bodies or message content longer than necessary for processing (typically deleted within 24 hours of classification).

Usage data

We collect anonymized usage analytics via PostHog (hosted in the EU): pages visited, features used, actions taken (approve/reject/rewrite counts). Analytics run in cookieless mode — no cookies are stored on your device. We do not track you across other websites.

Payment data

Payments are processed by Stripe. We do not store your credit card number. Stripe's privacy policy governs payment data handling.

3. How We Use Your Data

  • Provide the Service: classify messages, generate briefs, draft responses, manage your inbox
  • Improve AI quality for your account: when you rewrite an AI draft, we store the before/after pair to improve future drafts for your account. These pairs are tied to your account and used solely for your personalization
  • Improve overall product quality: we may use anonymized and aggregated samples derived from usage patterns (such as classification accuracy rates, draft approval rates, and error patterns) to evaluate and improve the Service for all users. These samples are stripped of all personally identifiable information, message content, and any data that could be linked back to you or your communications. We never use your raw email content, draft text, or rewrite pairs for general product improvement — only statistical, de-identified patterns. You may opt out of this anonymized analysis at any time (see Section 8)
  • Send transactional emails: account confirmations, billing receipts, security alerts
  • Product updates: occasional emails about new features (you can unsubscribe at any time)

Legal basis (GDPR Art. 6)

  • Contract performance (Art. 6(1)(b)): providing the Service, processing your messages, generating briefs and drafts
  • Legitimate interest (Art. 6(1)(f)): improving AI quality for your account, anonymized product quality analysis, usage analytics, security measures. Our legitimate interest in using anonymized data for product improvement is balanced against your rights by ensuring the data is fully de-identified and cannot be re-linked to you. You may object to this processing at any time (see Section 8)
  • Legal obligation (Art. 6(1)(c)): retaining billing records as required by Estonian tax law
  • Consent (Art. 6(1)(a)): product update emails (you can withdraw consent at any time)

4. AI Processing

We use Anthropic's Claude AI models to process your messages. Anthropic is our sole AI sub-processor. When we send data to Anthropic for processing:

  • Data is transmitted over encrypted connections (TLS)
  • Anthropic does not use your data to train their models (per their commercial API terms)
  • We send only the minimum context needed for each classification or draft
  • No personally identifiable information is included in AI prompts when it is not necessary for the task
  • A Data Processing Agreement (DPA) is in place with Anthropic

If we add or change AI providers in the future, we will update this policy and notify you at least 14 days in advance (see Section 12).

5. Data Storage and Security

  • Data is stored on AWS infrastructure in the EU (Frankfurt, eu-central-1)
  • Database is encrypted at rest (AES-256) and in transit (TLS)
  • OAuth tokens for your connected channels are encrypted at rest using AES-256 with a per-deployment encryption key
  • Access to production systems is restricted to authorized personnel only
  • We do not sell your data to third parties

6. Data Sharing and Sub-processors

We share your data only with the following sub-processors:

  • Anthropic (San Francisco, USA): AI processing — message classification and draft generation (see Section 4)
  • Stripe (San Francisco, USA): payment processing and billing
  • Clerk (San Francisco, USA): authentication and account management
  • AWS (Frankfurt, Germany): infrastructure, database, and file storage
  • Resend (San Francisco, USA): transactional and marketing email delivery (waitlist confirmations, product updates)
  • PostHog (Frankfurt, Germany — EU hosting): anonymized website analytics (page views, scroll depth, signup funnels). No cookies are stored. No cross-site tracking

We do not sell, rent, or trade your personal data. We may disclose data if required by law or to protect our legal rights.

7. International Data Transfers

Your data is stored in the EU (AWS Frankfurt). However, some sub-processors (Anthropic, Stripe, Clerk, Resend) are based in the United States. These transfers are protected by:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • The EU-U.S. Data Privacy Framework (DPF) where applicable
  • Data Processing Agreements (DPAs) included in each sub-processor's commercial terms (Anthropic, AWS, Clerk, Stripe)

8. Your Rights (GDPR)

As we are based in the EU (Estonia), the General Data Protection Regulation (GDPR) applies. You have the right to:

  • Access: request a copy of all personal data we hold about you
  • Rectification: correct inaccurate personal data
  • Erasure: request deletion of your data ("right to be forgotten")
  • Portability: receive your data in a machine-readable format
  • Restriction: limit how we process your data
  • Objection: object to data processing based on legitimate interest
  • Withdraw consent: revoke consent at any time where processing is based on consent
  • Opt out of anonymized analysis: request that your usage data is excluded from anonymized product quality analysis. This does not affect your personalization (voice model training) or the core functionality of the Service

To exercise any of these rights, email us at hello@getcos.ai. We will respond within 30 days.

You also have the right to lodge a complaint with a supervisory authority. As we are based in Estonia, the competent authority is the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).

9. Data Retention

  • Waitlist data: email address retained until you unsubscribe or request deletion
  • Account data: retained while your account is active, deleted within 30 days of account closure
  • Channel data: AI summaries retained while your account is active. Raw message content deleted within 24 hours of processing
  • Voice examples: draft before/after pairs retained while your account is active for personalization
  • Billing records: retained for 7 years as required by Estonian tax law
  • Anonymized quality data: de-identified, aggregated metrics (classification accuracy, draft approval rates, error patterns) may be retained indefinitely as they contain no personal data and cannot be re-linked to any individual
  • Audit logs: retained for 90 days

10. Cookies

The marketing website (getcos.ai) uses PostHog for anonymized analytics in cookieless mode — no cookies are stored and no consent banner is required under the ePrivacy Directive. The web application (app.getcos.ai) uses strictly necessary session cookies for authentication. We do not use advertising cookies, third-party tracking pixels, or analytics cookies that require consent.

11. Children

The Service is not intended for users under 18 years of age. We do not knowingly collect data from minors.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email at least 14 days before they take effect. The "last updated" date at the top of this page indicates the most recent revision.

13. Contact

For privacy-related questions or to exercise your data rights, contact us at:

HKO Engineering OÜ
Tallinn, Estonia
Registry code: 16587065
Email: hello@getcos.ai