Vantage by Yellow Intelligence

Yellow Intelligence

Privacy Policy

Effective date: 2 May 2026

Company: Yellow Intelligence

Product: Vantage

Jurisdiction: Dubai International Financial Centre, Dubai, United Arab Emirates

Yellow Intelligence operates Vantage, an enterprise sales productivity platform that helps authorized business users retrieve, summarize, and act on information from approved business systems.

This Privacy Policy explains how we collect, use, store, share, and protect information when you use Vantage, including information accessed through Google APIs.

1. Who We Are

Yellow Intelligence is based in the Dubai International Financial Centre, Dubai, United Arab Emirates.

For the purposes of this Privacy Policy, “Yellow Intelligence,” “we,” “us,” and “our” refer to Yellow Intelligence, the operator of Vantage.

Contact details:

Yellow Intelligence
Email: hello@yellowintelligence.ai
Security: security@yellowintelligence.ai
Website: https://yellowintelligence.ai
Address: Dubai International Financial Centre, Dubai, United Arab Emirates

2. Information We Collect

Vantage may collect or process the following types of information, depending on the systems enabled by your organization and the permissions granted by the user or administrator.

Account and Identity Information

We may collect:

  • Name
  • Email address
  • Organization name
  • User role
  • Authentication identifiers
  • Workspace or account identifiers

Business System Data

If enabled by your organization, Vantage may access data from connected business systems such as CRM, communication, calendar, document, and collaboration tools.

This may include:

  • Customer and prospect records
  • Deal or opportunity information
  • Notes, tasks, and activity history
  • Calendar events
  • Emails and email metadata
  • Documents and document metadata
  • Contact information
  • Internal messages or collaboration content
  • Files explicitly made available to Vantage

Google Workspace Data

If you connect a Google account, Vantage may request access to selected Google Workspace services, depending on the features enabled for your organization.

This may include:

  • Gmail messages and metadata
  • Google Calendar events and metadata
  • Google Drive files and metadata
  • Google Docs content and metadata
  • Google Contacts
  • Google Sheets content and metadata

Vantage only accesses Google data needed to provide the product features requested by the user or enabled by the organization.

3. How We Use Information

We use collected information to provide and improve Vantage’s user-facing features, including:

  • Retrieving relevant business context for authorized users
  • Summarizing deal, account, customer, or stakeholder information
  • Helping users prepare for meetings and follow-ups
  • Creating chronological research bundles from approved sources
  • Searching user-authorized business data
  • Supporting CRM workflows and sales productivity use cases
  • Routing user requests to the correct workspace or agent
  • Maintaining audit logs, security logs, and operational reliability
  • Debugging, support, abuse prevention, and compliance

Vantage is designed around customer-specific deployments, user-specific workspaces, scoped permissions, runtime secret resolution, and auditable agent actions. Customer data is intended to remain in the customer deployment environment, and each employee is mapped to an isolated agent workspace.

4. Use of Google API Data

Vantage’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

In particular:

  • We use Google API data only to provide or improve user-facing features that are visible and relevant to the user.
  • We do not use Google API data for advertising.
  • We do not sell Google API data.
  • We do not use Google API data for retargeting, personalized advertising, or interest-based advertising.
  • We do not use Google API data to train general-purpose AI or machine learning models.
  • We do not allow humans to read Google user data unless required to provide support, investigate abuse or security issues, comply with law, or when the user has given explicit permission.
  • We do not transfer Google API data except as necessary to provide the Vantage service, comply with law, address security issues, or with the user’s explicit consent.

Google’s Limited Use policy requires apps to limit Google API data use to appropriate user-facing features and restricts unrelated transfers, advertising use, and unauthorized human access.

5. Legal Basis for Processing

Where applicable, we process personal data under one or more of the following legal bases:

  • To perform a contract with a customer or user
  • To provide the Vantage service requested by the customer or user
  • To comply with legal obligations
  • To protect the security and integrity of the service
  • To pursue legitimate business interests, such as service improvement, support, and fraud prevention
  • With consent, where consent is required by law or by the relevant third-party integration

Where DIFC data protection law applies, personal data may be processed in accordance with the DIFC Data Protection Law, DIFC Law No. 5 of 2020, and related regulations. The DIFC Commissioner of Data Protection supervises and enforces the DIFC Data Protection Law.

6. AI and LLM Processing

Vantage uses configured large language model providers to generate responses, summaries, and recommendations based on selected context.

When data is sent to an LLM provider, it is limited to the context required to answer the user’s request or perform the enabled workflow. Vantage uses context selection, per-agent memory, deterministic retrieval workflows, and permission controls to reduce unnecessary data exposure.

Vantage does not use customer Google Workspace data to train general-purpose AI models.

The exact LLM provider and hosting model may vary by customer deployment and configuration. Where required, this can be configured according to the customer’s enterprise requirements.

7. Data Storage

Vantage may store information required to operate the service, including:

  • User workspace data
  • Memory files and indexes
  • Session logs
  • Audit logs
  • Configuration records
  • Research outputs
  • CRM-related working files
  • Authentication state needed to maintain authorized integrations

The documented Vantage architecture uses customer-specific deployments, per-user agent workspaces, per-agent memory, runtime secret resolution, audit logs, and daily backups. Secrets are managed outside committed code and resolved at runtime through a secret manager.

8. Data Sharing

We do not sell personal data or Google user data.

We may share data only in the following limited situations:

  • With service providers needed to operate Vantage, such as cloud hosting, observability, authentication, LLM, or infrastructure providers
  • With systems authorized by the user or organization, such as CRM, calendar, email, or collaboration tools
  • With the customer organization that administers the Vantage deployment
  • To comply with legal obligations
  • To investigate security incidents, abuse, or unauthorized access
  • In connection with a merger, acquisition, financing, or sale of assets, subject to applicable law and required consent where applicable

Service providers are permitted to process data only as needed to provide their services to us.

9. International Data Transfers

Depending on the customer deployment, connected services, and selected LLM or infrastructure providers, personal data may be processed or transferred outside the DIFC, Dubai, or the United Arab Emirates.

Where required, we use appropriate contractual, technical, and organizational safeguards for such transfers.

Customer-specific deployment location, model provider, and hosting choices may be agreed separately with the customer.

10. Human Access to User Data

Human access to user data is restricted.

Yellow Intelligence personnel may access user data only when necessary to:

  • Provide support requested by the customer or user
  • Debug or maintain the service
  • Investigate abuse, security, or reliability issues
  • Comply with legal obligations
  • Perform authorized implementation or customer success work

Where possible, access is limited, logged, and scoped to the issue being addressed.

11. Security

We use administrative, technical, and organizational safeguards designed to protect user and customer data.

The documented security controls for Vantage include:

  • Customer-specific deployment environments
  • Per-user agent workspaces
  • Scoped agent permissions
  • Runtime secret resolution
  • Secrets stored outside source code
  • Session logs
  • Tamper-evident audit chains
  • TLS termination
  • Observability and alerting
  • Daily backups
  • Permission checks for executable skills

No system can guarantee absolute security, but we take reasonable measures to protect data against unauthorized access, disclosure, alteration, or destruction.

Security concerns can be reported to:

security@yellowintelligence.ai

12. Data Retention

We retain data only for as long as needed to provide Vantage, comply with legal obligations, resolve disputes, maintain security, and support customer operations.

Retention periods may vary by customer deployment and contract.

The documented architecture includes session cleanup for older session files and archival of older logs, but final customer-specific retention settings may be configured based on the customer agreement.

13. Data Deletion

Users or customer administrators may request deletion of personal data or connected account data by contacting us at:

hello@yellowintelligence.ai

Upon receiving a verified deletion request, we will delete or de-identify data unless retention is required for legal, security, backup, audit, or contractual reasons.

Users may also revoke Google access at any time from their Google Account permissions page. Once access is revoked, Vantage will no longer be able to access new data from that Google account unless the user reconnects it.

14. User Rights

Depending on applicable law, users may have rights to:

  • Access personal data
  • Correct inaccurate personal data
  • Request deletion of personal data
  • Object to or restrict certain processing
  • Request portability of personal data
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with a relevant data protection authority

Where DIFC data protection law applies, individuals may have rights under the DIFC Data Protection Law, DIFC Law No. 5 of 2020.

To exercise these rights, contact us at:

hello@yellowintelligence.ai

15. User Controls

Depending on the customer deployment and enabled integrations, users or administrators may be able to:

  • Connect or disconnect Google accounts
  • Limit which Google services are connected
  • Revoke OAuth access
  • Restrict workspace, CRM, or channel access
  • Request export or deletion of data
  • Configure user-level permissions
  • Configure organization-level access controls

16. Cookies and Website Analytics

Our website may use cookies or similar technologies to operate the site, understand traffic, improve performance, and maintain security.

If analytics or tracking tools are used, they will be used in accordance with applicable law and will not involve selling Google user data.

17. Children’s Privacy

Vantage is intended for business and enterprise users. It is not intended for children under 13, and we do not knowingly collect personal information from children under 13.

18. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date and, where appropriate, notify users or customer administrators.

19. Contact Us

If you have questions about this Privacy Policy, Google API data use, or your data rights, contact us at:

Yellow Intelligence
Email: hello@yellowintelligence.ai
Security: security@yellowintelligence.ai
Website: https://yellowintelligence.ai
Address: Dubai International Financial Centre, Dubai, United Arab Emirates