Privacy Policy
Last updated: April 2026
1. Introduction
Forum EO ("we", "our", "us") is a platform for managing EO (Entrepreneurs' Organization) Forum groups. This policy describes how we collect, use, and protect your information.
Forum EO is operated by Baytech Consulting. By using Forum EO, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
Account Information
When you register for Forum EO via Google SSO, we collect:
- Name and email address
- Profile photo (via Google SSO)
- Forum membership data: forum associations, roles, access policies
Google Calendar Data (Optional)
If you choose to connect your Google Calendar, Forum EO requests OAuth access to the Google Calendar API in order to help coordinate forum meetings. With your explicit consent, we access:
- Event times and free/busy information needed to determine your availability for proposed forum meetings
- Event creation and updates on your calendar for scheduled forum meetings (only when you initiate or accept them)
Calendar access is optional. You can revoke it at any time via your Forum EO account settings or your Google Account permissions page, and you can continue to use Forum EO without connecting your calendar.
Content You Create
We collect content you create within the platform, including:
- Reflections (Work, Family, Personal life domains)
- Discussion topics, comments, and votes
- Action items and meeting notes
- Constitution contributions and amendments
- Availability responses
Usage Data
We automatically collect usage information including:
- Activity logs tracking 20 types of meaningful actions across 10 categories (sessions, events, reflections, etc.)
- AI interaction data: chatbot conversations, AI analysis results
Technical Data
- IP addresses (recorded during constitution signing)
- Browser type and device information
3. How We Use Your Information
We use the information we collect to:
- Provide and operate the Forum EO platform
- Facilitate forum meetings, reflections, discussions, and action items
- Power AI features: reflection analysis, coaching, moderator assistance, topic management, and constitution tools
- Send email notifications based on your preferences (17 notification types, all configurable)
- Generate usage analytics for forum administrators
- Track engagement and provide disengagement alerts
- Improve our services
4. Google User Data & Limited Use
Forum EO uses Google OAuth to authenticate users and, optionally, to integrate with Google Calendar. Through these integrations, we may receive:
- Google Sign-In (always): your name, email address, profile photo, and Google account identifier.
- Google Calendar (only if you connect it): event times and free/busy information to determine availability, and the ability to create or update events on your calendar for forum meetings you initiate or accept.
Limited Use. The use of raw or derived user data received from Workspace APIs will adhere to the Google User Data Policy, including the Limited Use requirements. Forum EO's use and transfer of information received from Google APIs (including Google Sign-In and Google Calendar) to any other app adheres to this policy. We use Google user data solely to provide and improve user-facing features of Forum EO: authentication, account identification, displaying your profile within the platform, and — if you connect your calendar — scheduling and coordinating forum meetings.
We do NOT use Google user data for any of the following purposes:
- Targeted, personalized, retargeted, or interest-based advertising
- Serving advertisements of any kind to users
- Selling Google user data to data brokers or information resellers
- Transferring Google user data to determine credit-worthiness or for lending purposes
- Creating databases or building profiles for purposes unrelated to Forum EO's user-facing features
- Training, fine-tuning, or otherwise developing generalized or non-personalized AI/ML models
Humans do not read Google user data unless we have your affirmative agreement, it is necessary for security purposes (such as investigating abuse), to comply with applicable law, or the data has been aggregated and anonymized for internal operations consistent with the Google API Services User Data Policy.
5. AI Data Processing
Important: AI features process your content to provide analysis, suggestions, insights, and coaching.
- We use multiple AI providers: OpenAI, Anthropic, and Groq
- Your data is sent to these providers only for processing your specific requests
- AI providers do not retain your data for model training purposes
- Google user data obtained via Google Sign-In (name, email, profile photo) and Google Calendar (events, free/busy data) is never sent to AI providers and is never used to train, fine-tune, or develop AI/ML models
- Reflection content sent to AI is the same content you've written — no additional personal data is included
- AI-generated analysis is visible only to the content author (never shared with other forum members)
- Per-call token usage and costs are tracked for operational purposes
6. Data Security
We implement robust security measures including:
- Authentication via OpenIddict OAuth2/OIDC with Google SSO (authorization code flow + PKCE)
- Field-level encryption for sensitive reflection content
- Two-layer authorization: role-based global permissions (56+ permissions) and per-forum access policies
- All data transmissions encrypted via TLS/HTTPS
- Infrastructure security: Redis for distributed caching and locking, PostgreSQL database with audit trails
- Soft-delete with full audit fields (CreatedBy, UpdatedBy, DeletedBy with timestamps)
7. Data Retention
- Account data: retained while your account is active
- Reflection data: retained while your account is active; time-based privacy redaction hides content from other members after your configured period
- Usage activity data: raw records retained for 12 months, then aggregated into daily summaries and purged
- Chatbot conversations: retained until you delete them (soft-delete)
- Email logs: retained for notification deduplication purposes
- Deleted data: soft-deleted records are retained for audit compliance
8. Data Sharing
We do not sell your personal information.
We share data with AI providers (OpenAI, Anthropic, Groq) solely for processing your requests.
We use third-party services:
- BackBlaze B2: document storage
- BunnyStream: video storage
- AWS SES: email delivery
- Google: authentication (Google Sign-In) and, optionally, calendar scheduling (Google Calendar API)
Forum administrators can view aggregated usage statistics for their forums.
Other forum members can see: your published reflections (subject to privacy redaction), discussion topics, votes, comments, action items, and constitution contributions.
9. Your Rights
You have the right to:
- Access your personal data through your profile and reflection history
- Update your information via profile settings
- Configure notification preferences (enable/disable each of 10 notification types, set reminder intervals)
- Set privacy redaction periods for your reflections
- Delete chatbot conversations
- Request account deletion by contacting us
11. Children's Privacy
Forum EO is designed for business professionals and is not intended for children under 16. We do not knowingly collect information from children. If you believe we have collected information from a child, please contact us immediately.
12. Changes to This Policy
- We may update this policy from time to time
- Material changes will be communicated via email notification
- Continued use after changes constitutes acceptance
13. Contact Us
If you have any questions about this Privacy Policy, please contact us:
- Service: Forum EO
- Operated by: Baytech Consulting
- Email: support@forumeo.com
- Website: www.forumeo.com
For privacy-related inquiries, use the subject line "Privacy Request".