Privacy Policy

Welcome to Magical, first GPT-3.5 and GPT-4-powered calendar that automates meeting notes, scheduling, and tasks (the “Service”). The Service is owned and operated by Supertools Inc. (“we”, “us”).

We respect your privacy. This Privacy Notice (the “Notice”) explains our privacy practices for the Service. The Notice also describes the rights and options available to you with respect to your personal information. This Privacy Notice is meant to be read together with our Terms of Service ("Terms"). In general, we recommend that you routinely review this Privacy Notice and your preferences on your Account. Any capitalized terms that are not defined herein shall have the meanings set forth in the Terms.

When we refer to "Personal Data", we mean information that is defined as personal data under law. This includes information that identifies you directly or indirectly, including unique identifiers like IP addresses or cookie IDs.

Supertools, Inc. is the data controller of the personal data we collect and process through the Service.

If you have any questions or requests concerning your personal data or about our privacy practices and policies, you may contact us, at: hey@magical.team.

Our European Representative, for the purposes of this Notice is Reut Shechter. If you are within the European Economic Area, you may contact our European representative at the following address: hey@magical.team.

Website Visitors

When you visit our Site, we collect the following Personal Data about you:

Contact Information – When you send us a message through the contact form on our Site, we collect any data you provide, such as your email, and the content of your message. We use this data to respond to your message. We process this Personal Data based on the performance of a contract with you.

Activity and System Data (Cookies) – When you visit our Site, we automatically collect data about your computer or mobile device, including Personal Data such as your IP address, device ID, browsing history (e.g. the other sites you've visited before ours), and your activity on our site (e.g. what pages you visited, for how long, and what links you clicked on). For more information about the cookies we use and how to adjust your preferences, see the Cookies and Similar Technologies section below. We mainly use this data to generate aggregated analytics data about the use of our Site so we can maintain and improve the Site and develop new products or services. We also use statistical data to prevent fraud and protect the security of our Site. We process this Personal Data based our legitimate interests to develop and improve our products and services, and to prevent fraud.

Users

When you use our Service, we collect the following information about you:

Registration Information. In order to use the Service, you must register with your Google account. When you register with your Google account, you allow us access to your account information. This information will be referred to as Registration Information and will include your name, your email address, and your Google account username and other information Google provides us about you. We use your Registration Information to allow you access to our Service, save your preferences, contact you regarding the Service, protect the security of our Service, prevent fraud, and address any issues that arise. We may use your Registration Information to send you marketing communications about our Service, including newsletters and updates about new services that we believe may be suitable to you. If you are not a registered user, you can register for our newsletter. You may opt-out of marketing communications and/or our newsletter at any time, see the relevant section below for more details.

When we process your Registration Information to provide you with our Service, we do so to perform a contract with you, in this case our Terms of Service. When we process your Registration Information to maintain our Service, including to prevent fraud, protect the security of and/or address issues with our Service, we do so on the basis of our legitimate interest to achieve those goals. The legal basis under EU law for processing your information for marketing communication purposes is our legitimate interest to market our products and services.

Calendar Information. When you use the Service, we collect the information that you include in your Google calendar. This information may include meeting titles, contacts, locations, and any other information you choose to include in your calendar. We use this information to provide you with our Service, including to provide you with support where applicable, as well as to improve our Service. When we process this Personal Data to provide you with our Service, we do so on the basis of performance of a contract with you. When we use this information to improve our Service, we do so based on our legitimate interest to develop our business.

Meeting Content. When you use the Service to produce a summary of your Meetings, we record and transcribe the Meeting. We use this Personal Data to provide you with the Service, specifically to produce the summary and follow ups, and to provide you with support where applicable. We use this Personal Data on the basis of performance of a contract with you. We also use this information to improve our Service and we do so based on our legitimate interest to develop our business.

Payment Information. If you subscribe to our Service for a fee, we receive information related to such purchase, such as the last four (4) digits of your credit card number. We use this Personal Data to process your payment and to prevent fraud. When we process your payment data to process your payment, we do so to perform a contract with you. When we process your payment data to prevent fraud, we do so based on our legitimate interest to protect ourselves and our customers.

Analytics. Magical strives to continually improve our service for our users. To that end, we learn information about you when you access or use the Service, we use third-party analytics tools, such as Fullstory, Google Analytics and Mixpanel to automatically record and collect certain information about your interaction with the Service, including the IP address from which you access the Service, your estimated location based on your IP, time and date of access, type of browser used, language used, links clicked and actions taken while using the Service. The legal basis under EU law for this processing is our legitimate interest in monitoring and securing our Service.

For more information about how Google collects information and how you can control such use, see: www.google.com/policies/privacy/partners/.

Members of the Supertools Facebook Group

If you are a member of our Supertools Facebook Group, we process any Personal Data you provide, including your name, profile, posts, responses, reactions, and private messages to our page and/or account. We use the feedback (including any Personal Data) we receive from the Supertools Group to fix specific bugs, generally improve our Service, and develop new products and services. If you would like us to cease collecting your feedback, you may exit the Supertools Group.

You are not legally required to provide us with your information.

You do not have a legal duty to provide us with any Personal Data. However, you will not be able to sign up to the Service and use it properly without providing us with certain Personal Data, such as your Registration Information or your Calendar Information.

You may opt-out from our marketing communications.

You may ‘opt-out’ of using your information for marketing communications by sending an email to: hey@magical.team, or as otherwise provided in our marketing communications. By doing so, we will only delete the Personal Data which is required to contact you for marketing communications, while the rest of the Personal Data you submitted to us which is necessary to provide you with the Service will continue to be processed and used.

We do not sell your personal information to third parties.

We will not share your information with third parties, except in the events listed below or when you provide us with your explicit and informed consent.

We will share your information with our affiliate companies.

We share your Personal Data with our affiliated company, Superpower, Ltd., where this is necessary to provide you with our products and services and so that we can manage our business, such as to keep updated records of our users. The legal basis under EU law for such processing is our legitimate interest to maintain and grow our business.

We will share your information with our service providers helping us to operate the Service.

We will share your personal information with service providers, who assist us with the internal operations of the Service. These services include cloud hosting services, user authentication, application monitoring and logging, AI generation, storage of Meeting Content, application tracing, source code hosting, and analytics. Please click here for a full list of our service providers. These companies are authorized to use your Personal Data only as necessary to provide these services to us and not for their own purposes. The legal basis under EU law for such processing is the performance of our contract with you.

If you violate the law, we will share your information with competent authorities.

If you violate any applicable law, your information will be shared with competent authorities and with third parties (such as legal counsels and advisors), for the purpose of handling the violation. The legal basis under EU law for such processing is our legitimate interest in enforcing our legal rights.

We will share your information if we are legally required.

We will disclose your Personal Data if we are required to do so by a judicial, governmental or regulatory authority. The legal basis under EU law for this processing is our compliance with the legal obligations to which we are subject.

We will share your information if the operation of the Service is organized within a different framework.

If the operation of the Service is organized within a different framework, or through another legal structure or entity (such as due to a merger or acquisition) or if we are looking to sell our company, liquidate assets, or merge with another, we will share your information with other interested parties as part of negotiations toward that transaction, or as a result of that transaction, as applicable, provided that those entities agree to be bound by the provisions of this Notice, with reasonably necessary changes taken into consideration. The legal basis under EU law for this processing is our legitimate interest in business continuity, following a structural change.

We retain your Personal Data until you request its deletion and thereafter for compliance and legal purposes.

We retain your Personal Data until you request that we delete it. You can contact us at hey@magical.team at any time to request that we delete the personal data we process about you and we will honor your request within 30 days.  Thereafter, we will continue to retain your Personal Data only as necessary to comply with our legal obligations, resolve disputes, establish and defend legal claims.

We implement measures to secure your Information.

We implement measures to reduce the risks of damage, loss of information and unauthorized access or use of information. However, these measures do not provide absolute security. Therefore, although efforts are made to secure your personal information, it is not guaranteed, and you cannot expect, that the Service will be immune from information security risks. The measures we take include:

Technical Measures. The electronic safeguards we employ to protect your personal data include secure servers and firewalls. We encrypt data in transit [and at rest] using secure TLS/SSL protocols.

Access Control. We limit access to your personal data only to authorized personnel who have a need to know, including account managers, customer support staff, and software developers. We review these permissions regularly and revoke an employee's access immediately after his/her termination.

Internal Policies. We maintain and regularly review and update our privacy related and information security policies.

Personnel. We require employees to sign non-disclosure agreements according to applicable law and industry customary practice.

Database Backup. Our databases are backed up and verified regularly. Backups are encrypted and stored within the production environment to preserve their confidentiality and integrity.

We will transfer your Information internationally only in accordance with applicable data protection laws.

The Service, by its nature as an online service, may store and process Information in various locations throughout the globe, including through cloud services.

If we transfer your personal data for processing at locations outside your jurisdiction, we will abide by data transfer rules applicable to these situations.

Transfer of Information outside the EU. Information we collect from you in the EU will be processed in Israel, which is recognized by the European Commission as having adequate protection for personal data.

When we transfer your information from within the EU to the United States or other countries, which are not recognized by the European commission as having adequate protection for Personal Data, we will endeavor to do so while using adequate safeguards determined by the European Commission.

You have the right to access, update or delete your Information and obtain a copy of your Information.

If you are an individual in the EU, you have the following rights:

Right to Access your Personal Data that we process and receive a copy of it.

Right to Rectify inaccurate Personal Data we have concerning you and to have incomplete Personal Data completed.

Right to Data Portability, that is, to receive the Personal Data that you provided to us, in a structured, commonly used and machine-readable format. You have the right to transmit this data to another service provider. Where technically feasible, you have the right that your Personal Data be transmitted directly from us to the service provider you designate.

If the legal basis for processing your personal information is your consent, you may Withdraw Your Consent at any time. If you do that, we will still process certain information on legal basis other than consent, as described in this Notice. Withdrawing your consent will not affect the lawfulness of data processing we carried out based on your consent before such withdrawal.

Right to Object based on your particular situation, to using your Personal Data on the basis of our legitimate interest. However, we may override the objection if we demonstrate compelling legitimate grounds, or for the establishment, exercise of defense of legal claims. You may also object at any time to the use of your Personal Data for direct marketing purposes.

Right to Restrict processing your Personal Data (except for storing it) if you contest the accuracy of your Personal Data, for a period enabling us to verify its accuracy; if you believe that the processing is unlawful and you oppose the erasure of the Personal Data and request instead to restrict its use; if we no longer need the Personal Data for the purposes outlined in this Notice, but you require them to establish, exercise or defend against legal claims, or if you object to processing, pending the verification whether our legitimate grounds for processing override yours.

Right to be Forgotten. Under certain circumstances, such as when you withdraw your consent, you have the right to ask us to erase your Personal Data. However, we may still process your Personal Data if it is necessary to comply with a legal obligation we are subject to under applicable laws or for the establishment, exercise of or defense against legal claims.

If you wish to exercise any of these rights, contact us at hey@magical.team.

We reserve the right to ask for reasonable evidence to verify your identity before we provide you with information. Where we are not able to provide you with information that you have asked for, we will explain the reason for this.

You have a right to submit a complaint to the relevant supervisory data protection authority.

Subject to applicable law, you have the right to lodge a complaint with your local data protection authority. If you are in the EU, you can lodge a complaint to the supervisory authority, in particular in the Member State of your residence, place of work or of an alleged infringement of the GDPR. For a list of supervisory authorities in the EU, click here.

What are Cookies?

A cookie is a small piece of text that is sent to your browser by a website you visit. This piece of text acts as a sort of tag, letting the website know that it's you (really, your device) that's visiting. There are other technologies that act similarly, like web beacons, pixel tags, and Device IDs for apps, but for simplicity's sake we'll refer to them all as "Cookies".

Websites can place their own cookies (called "first-party cookies") but can also place cookies from other sites (called "third-party cookies"). If your browser holds both first and third-party cookies for a given website, both the website and the third party are notified when you visit the site. We may place both first and third-party cookies on our Site and Service.

How We Use Cookies

While the specific names and types of cookies we use may change from time to time, they generally fall into one of the categories listed below.

Third Party Cookies

In addition to our first-party cookies, we place cookies from the following third parties:

How to Adjust Your Preferences

Most web browsers are initially configured to accept cookies, but you can change the settings so your browser refuses all cookies or certain types of cookies. In addition, you are free to delete any existing cookies at any time. Please note that some features of the services may not function properly when cookies are disabled or removed. For example, if you delete cookies that store your account information or preferences, you will be required to input these each time you visit.

You may have access to third-party services through our Service. Please note that all use of third-party services is at your own risk and subject to such third party's terms and privacy policies. We do not take any responsibility for the performance of other services.

We do not knowingly collect information from minors under the age of 18.

The Service is not intended for minors under the age of 18. We do not knowingly collect information from minors under the age of 18.

If we change this Notice, we will provide notice of such change.

From time to time, we may change this Notice, in which case we will post a notice of such change on the Site and endeavor to send you an email notification. The latest version of the Notice will always be accessible on the Site.