OTOPrivacy Policy
How OTO handles your personal information, Google user data, and product data.
Last updated April 20, 2026
1. Introduction
heyoto OÜ (“OTO”, “we”, “us”, “our”) operates the marketing website at https://heyoto.eu and the OTO product at https://app.heyoto.eu. OTO is a leadership tool that helps managers run effective 1:1 meetings.
This Privacy Policy explains what information we collect, how we use it, who we share it with, and the rights you have. It covers both the website and the OTO application. If you do not agree with this policy, please do not use our services.
If you have questions, contact us at hello@heyoto.eu.
2. Who we are
Data controller: heyoto OÜ Tööstuse 47D, Tallinn, Harjumaa 10416, Estonia Email: hello@heyoto.eu
3. What information we collect
3.1 Account information
When you create an OTO account we collect your name, work email address, a password (hashed, never stored in plain text), profile picture (if you provide one), company name, team structure, and preferences such as timezone and notification settings.
3.2 Meeting content you create in OTO
OTO stores the content you voluntarily enter into the product so we can make it available to you across devices. This includes 1:1 meeting agendas, talking points, action items, notes, feedback, reflections, template selections, and tags you associate with team members.
3.3 Google user data (Google Sign-In and Google Calendar)
If you sign in with Google or connect your Google Calendar, Google grants OTO an OAuth access token. With your consent, we request the following scopes and use the data strictly as follows:
openid,email,profile(Google Sign-In): we receive your Google account’s email address, name, and profile picture. We use this to create or sign you into your OTO account.https://www.googleapis.com/auth/calendar.events.readonlyorcalendar.readonly(Google Calendar): we read your upcoming and recurring calendar events so OTO can automatically identify 1:1 meetings, show you who you are meeting, and attach notes and agendas to the right event.https://www.googleapis.com/auth/calendar.events(optional, only when you enable writeback): we create or update a single calendar event description or add a link to the OTO meeting notes so participants can find them.
We only request the minimum scopes necessary for the feature you are using. You can disconnect Google at any time from your OTO account settings, which revokes our access token and stops further data access.
3.4 Payment information
If you upgrade to a paid plan, payments are processed by Stripe, Inc. OTO does not receive or store your full card number or CVC. We receive only a token, the last four digits of the card, the card brand, and the billing country from Stripe. See Stripe’s privacy policy at https://stripe.com/privacy.
3.5 Automatically collected technical data
When you use our website or the OTO application, we and our processors automatically collect:
- Log and device data — IP address, browser type and version, operating system, device type, referring URL, language, and approximate location derived from IP.
- Usage events — pages viewed, buttons clicked, features used, timestamps, and session duration.
- Error data — stack traces, error messages, and the state of the application at the time of a crash.
We use this information to operate the service, keep it secure, diagnose problems, and improve it.
4. How we use Google user data (Limited Use)
Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- We use Google user data only to provide and improve user-facing features of the OTO application that are prominent in the app’s user interface (identifying and preparing for your 1:1 meetings).
- We do not transfer Google user data to third parties except as necessary to provide or improve user-facing features, to comply with applicable law, or as part of a merger, acquisition, or asset sale (in which case we will require the recipient to honor this Privacy Policy).
- We do not use Google user data for advertising, and we do not serve ads based on Google user data.
- We do not allow humans to read Google user data, except (a) with your explicit consent for specific messages, (b) for security purposes such as investigating abuse, (c) to comply with applicable law, or (d) where the data has been aggregated and anonymized for operational purposes.
If you want to revoke OTO’s access to your Google account, disconnect it from within OTO or visit https://myaccount.google.com/permissions.
5. How we use your information
We process your personal information to:
- provide, operate, maintain, and improve the OTO service;
- create and manage your account and authenticate you;
- sync with your calendar and organize your 1:1 meetings;
- communicate with you about the service, security issues, billing, and product updates you have subscribed to;
- provide customer support and respond to your requests;
- detect, prevent, and address fraud, abuse, and security issues;
- comply with legal obligations and enforce our Terms of Service.
Legal bases (GDPR). We rely on (i) performance of a contract with you, (ii) our legitimate interests in operating and improving the service, (iii) your consent (for analytics cookies and optional features), and (iv) compliance with legal obligations.
6. Who we share your information with
We do not sell your personal information. We share it only with the service providers (sub-processors) listed below, each under a data-processing agreement, and only to the extent necessary to run OTO.
| Processor | Purpose | Data categories | Location |
|---|---|---|---|
| Google LLC | Google Sign-In, Google Calendar integration | Google account profile and calendar event data you authorize | EU / US |
| Stripe, Inc. | Payment processing and subscription billing | Billing name, email, card token, billing country | US / EU |
| Mixpanel, Inc. | Product analytics (only with your consent) | Pseudonymous usage events, page views, IP-derived approximate location, device info | US |
| Microsoft Corporation (Microsoft Clarity) | Session analytics and heatmaps (only with your consent) | Clicks, scrolls, page interactions, truncated IP, device info; input in forms is masked by default | US / EU |
| Bugsnag (SmartBear Software) | Crash reporting and error monitoring | Stack traces, error messages, browser and OS info, user ID, truncated IP | US |
| Netlify, Inc. | Hosting for the marketing website and the OTO web frontend | Requests to the site (URL, IP, user agent); no application data stored at rest | US / global CDN |
| Google LLC (Google Cloud Run) | Hosting for the OTO backend (API) | All application data in transit; processed in-memory while serving requests | EU region |
| Neon, Inc. | Managed PostgreSQL database for the OTO backend | Account and meeting content stored at rest | EU region |
| Upstash, Inc. | Managed Redis for caching and background jobs | Short-lived session, cache, and job data | EU region |
We may also disclose information when required by law, subpoena, or court order, to protect the rights, property, or safety of OTO, our users, or others, or in connection with a merger, acquisition, or sale of assets (in which case you will be notified).
7. Cookies, tracking and analytics
7.1 Strictly necessary
We use a small number of cookies and local-storage items that are required to run the site and remember your cookie choice. These are always on.
7.2 Analytics (consent-based)
When you accept analytics cookies from the banner shown on your first visit, we load:
- Mixpanel — to understand which pages and features are used, at an aggregated level, so we can improve OTO. Privacy policy: https://mixpanel.com/legal/privacy-policy.
- Microsoft Clarity — to record anonymised session interactions (clicks, scrolls, navigation) and produce heatmaps that help us improve usability. Clarity masks text inputs by default. Privacy policy: https://privacy.microsoft.com/privacystatement.
If you decline analytics cookies, these tools are not loaded and no data is sent to them. You can change your choice at any time by clearing your browser’s site data for our domain, which re-shows the banner.
7.3 Error monitoring
We use Bugsnag to collect diagnostic data when the application crashes or hits an unexpected error. This is processed on the basis of our legitimate interest in keeping the service working. Bugsnag does not use this data for advertising. Privacy policy: https://smartbear.com/privacy.
7.4 Do-Not-Track
No industry standard has been finalised for how to respond to browser Do-Not-Track signals, so we do not automatically respond to them. The cookie banner gives you an equivalent, explicit choice.
8. International transfers
Some of our sub-processors are located outside the European Economic Area. When we transfer personal data outside the EEA, we rely on adequacy decisions where available or on the European Commission’s Standard Contractual Clauses, combined with additional safeguards where needed.
9. How long we keep your information
| Data | Retention |
|---|---|
| Account profile and meeting content | While your account is active |
| After account deletion | Deleted or anonymised within 30 days, except for backups which are purged within 90 days |
| Google user data | For as long as you keep Google connected; deleted within 30 days after disconnect or account deletion |
| Billing records | Up to 7 years (legal/accounting obligation in Estonia) |
| Analytics events | Up to 24 months, then aggregated or deleted |
| Error logs | Up to 90 days |
You can request deletion at any time by emailing hello@heyoto.eu.
10. How we protect your information
We take reasonable technical and organisational measures to protect your data, including encryption in transit (TLS), encryption at rest for our database and backups, role-based access control, logging, periodic security reviews, and vendor due diligence. No system is perfectly secure — if we ever become aware of a breach affecting your personal data, we will notify you and the relevant supervisory authority in line with applicable law.
11. Your rights
Depending on where you live, you may have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete data.
- Delete your data (“right to be forgotten”).
- Restrict or object to processing.
- Data portability — receive your data in a machine-readable format.
- Withdraw consent at any time (without affecting the lawfulness of processing before withdrawal).
- Lodge a complaint with your local data-protection authority. In Estonia, that is the Andmekaitse Inspektsioon (https://www.aki.ee). EU residents can find their authority at https://edpb.europa.eu/about-edpb/about-edpb/members_en.
To exercise any of these rights, email hello@heyoto.eu from the email address associated with your account. We will respond within 30 days.
12. Children
OTO is a workplace tool for adults. It is not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it.
13. Changes to this policy
We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the latest change. For material changes we will notify you by email or by a prominent in-product notice before the changes take effect.
14. Contact us
For any privacy question or request, please contact:
heyoto OÜ Tööstuse 47D, Tallinn, Harjumaa 10416, Estonia Email: hello@heyoto.eu