← Back to home

Privacy Policy

Last updated: May 6, 2026

Epik Brain ("we", "our", "the app") is a business management application operated by Real Paid LLC. This policy explains what data we collect, how we use it, and how you can control it.

1. Information We Collect

When you use Epik Brain, we collect and store:

• Account information — Your name, email address, and business name provided during setup.
• Business data — Contacts, messages, calendar events, jobs, estimates, payments, and other data you enter or import into the app.
• Google Calendar data — If you connect your Google account, we access your calendar events to display and manage them within the app. We store OAuth tokens to maintain this connection.
• Google Gmail data — If you connect your Google account, we read your email messages to display them in a unified inbox and to detect payment confirmations and scheduling conflicts. We also send emails on your behalf when you compose replies within the app.
• Google Contacts data — If you connect your Google account, we import your contacts into the app's CRM so you don't have to re-enter your client list manually. This access is read-only.
• Communication data — If you connect a phone number (via Twilio), we process SMS messages and call data to provide messaging and call tracking features.

2. How We Use Your Data

• Display your calendar events, contacts, and email messages within the app
• Send email replies on your behalf when you compose them in the app
• Detect payment notifications and scheduling conflicts from your email
• Import your Google Contacts into the app's CRM
• Send notifications and reminders you configure
• Provide AI-assisted features (scheduling, summaries, follow-ups)
• We do not sell your data to third parties
• We do not use your data for advertising

3. Google API Services

Epik Brain's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• We only access Google Calendar, Gmail, and Contacts data necessary to provide the features you request
• We do not transfer Google data to third parties except as necessary to provide the app's features
• We do not use Google data for serving advertisements
• We do not allow humans to read your Google data unless you provide affirmative consent, it is necessary for security purposes, or it is required by law

4. Data Storage & Security

• Your business data is stored in a dedicated database (Supabase) provisioned for your account. Your data is isolated from other users.
• OAuth tokens are stored securely on our server and used only to maintain your Google Calendar connection.
• All connections use HTTPS encryption.
• Access to your app instance is protected by a PIN code.

5. Data Sharing

We do not share your data with third parties except:

• Service providers — Supabase (database hosting), Twilio (phone/SMS if connected), Google (calendar API), Cloudflare (hosting/security). These providers only process data as necessary to provide their services.
• Legal requirements — If required by law or legal process.

6. Your Rights

• Access & export — You can request a copy of all your data at any time.
• Deletion — You can request deletion of your account and all associated data.
• Revoke Google access — You can disconnect Google Calendar at any time through your Google Account permissions.

7. Contact

For privacy questions or data requests, contact us at:
[email protected]

8. Changes

We may update this policy as the app evolves. Material changes will be communicated through the app.