Privacy Policy

1. Scope

This Privacy Policy applies to personal information we collect when you:

• visit our website;
• create an account;
• purchase or manage a subscription;
• use our LLM-agent, research, drafting, analysis, or computer-use features;
• contact us for support or otherwise communicate with us; or
• interact with our communications, pages, or integrations.

2. Personal Information We Collect

Depending on how you use the Service, we may collect the following categories of personal information.

A. Information you provide directly

This may include:

• name;
• email address;
• account credentials or account profile information;
• billing-related details;
• support requests, messages, and feedback;
• prompts, files, text, instructions, and other content you submit to the Service; and
• information you choose to provide in communications with us.

B. Payment and transaction information

If you purchase a subscription, payments may be processed by Stripe or another third-party payment processor. We may receive transaction-related information such as:

• subscription plan;
• payment status;
• billing period;
• transaction identifiers;
• country or ZIP/postal code associated with payment; and
• limited payment metadata.

We do not intentionally store full payment card numbers when Stripe-hosted or equivalent payment workflows are used.

C. Automatically collected information

When you use the Service, we may automatically collect information such as:

• IP address;
• device and browser information;
• operating system;
• session and usage logs;
• approximate location derived from IP address;
• pages viewed, links clicked, and referring URLs;
• feature usage, event logs, and performance data; and
• identifiers stored in cookies, pixels, or similar technologies.

D. Generated and derived information

We may generate or infer information based on your use of the Service, such as:

• usage statistics;
• account activity summaries;
• diagnostics and error reports;
• abuse and fraud indicators; and
• analytics relating to how the Service is used.

3. How We Use Personal Information

We may use personal information for the following purposes:

• to provide, operate, maintain, and improve the Service;
• to create and manage accounts;
• to authenticate users and secure accounts;
• to process subscriptions, billing, renewals, and related transactions;
• to respond to support requests and communicate with you;
• to generate requested outputs and provide requested product functionality;
• to monitor usage, troubleshoot errors, and debug issues;
• to detect, prevent, investigate, and address fraud, abuse, security incidents, and violations of our terms or policies;
• to comply with legal obligations and enforce our rights;
• to analyze usage trends and improve product design, performance, and reliability; and
• to send service-related notices, updates, and other communications.

Where permitted by law, we may also send product updates, newsletters, promotions, or marketing communications. You can opt out of non-essential marketing communications using the unsubscribe mechanism in those messages or by contacting us.

4. AI, Customer Content, and Model Training

Alpha Boffin provides AI-powered features that process prompts, files, instructions, and other content you submit.

By default, Alpha Boffin does not use your submitted content to develop, train, or fine-tune general-purpose artificial intelligence or machine learning models.

Alpha Boffin may use submitted content only as needed to:

• provide the Service to you;
• generate outputs you request;
• support product functionality;
• maintain and secure the Service;
• detect and prevent abuse;
• debug and improve reliability; and
• comply with law and enforce our agreements.

Alpha Boffin may use de-identified and aggregated usage data to analyze, operate, secure, and improve the Service, provided that such use does not identify you personally.

This no-training commitment applies in full to data Alpha Boffin obtains from Google APIs (Gmail, Google Calendar, and Google Drive). Such Google user data is passed to third-party large language model providers only as inference input strictly necessary to fulfill your in-product request, and is never used by Alpha Boffin or those providers to develop, train, fine-tune, or improve any generalized AI or ML models.

In the future, Alpha Boffin may offer optional settings, features, or programs that allow users to choose to permit certain content (excluding Google user data, which is governed by the Limited Use requirements described in Section 5) to be used for model improvement or training. If we offer such an option, we will provide notice, update applicable disclosures, and request consent where required before using your content for those purposes.

5. Google User Data and Limited Use

Alpha Boffin offers optional integrations with Google services. These integrations are activated only when you explicitly authorize Alpha Boffin through Google’s OAuth 2.0 consent screen. You may revoke Alpha Boffin’s access at any time from your Google Account at https://myaccount.google.com/permissions, or by disconnecting the integration from within Alpha Boffin’s in-app settings.

A. Google APIs accessed

When you connect a Google account, Alpha Boffin may access the following Google APIs:

• Gmail API
• Google Calendar API
• Google Drive API

B. Scopes requested and why

Alpha Boffin requests only the OAuth scopes needed to deliver the features you use. The scopes Alpha Boffin may request include:

• https://www.googleapis.com/auth/gmail.send — to send email messages on your behalf when you ask the agent to do so. This scope does not allow Alpha Boffin to read your inbox.
• https://www.googleapis.com/auth/calendar.events — to read your calendar and create, update, or remove events when you ask the agent to manage your schedule.
• https://www.googleapis.com/auth/drive.file — to create new files in your Google Drive and to read or modify only those files that you have explicitly opened with Alpha Boffin (for example, by selecting them through the Google file picker). This scope does not allow Alpha Boffin to list, search, or access any other files in your Drive.

C. How Alpha Boffin uses Google user data

Alpha Boffin uses information obtained from Google APIs solely to provide the features you request inside the Service — for example, to summarize an email thread, draft a reply, find an open meeting slot, locate a document, or save a generated file to your Drive. Alpha Boffin does not:

• use Google user data for advertising;
• sell or rent Google user data;
• use Google user data to develop, train, fine-tune, or improve any generalized or third-party AI or ML models;
• transfer Google user data to third parties except (i) sub-processors strictly necessary to provide the feature you requested (such as our cloud hosting provider and the large language model provider that performs inference on your prompt), all under contractual obligations consistent with this policy; (ii) for security purposes, such as investigating abuse; or (iii) to comply with applicable law; and
• allow humans to read Google user data, except (a) with your explicit consent, (b) where necessary for security investigations or to resolve a support issue you have raised, (c) to comply with applicable law, or (d) in aggregated or anonymized form for internal operations.

D. Storage and retention

OAuth refresh and access tokens are stored encrypted at rest. Google user data fetched to fulfill a request is retained only as long as needed to complete that request and any directly related follow-up actions in your session, plus minimal logs retained for short periods for debugging, reliability, and abuse prevention. Disconnecting the Google integration from in-app settings revokes Alpha Boffin’s tokens and deletes Google user data Alpha Boffin holds in connection with that integration, except where retention is required by law.

E. Limited Use compliance

Alpha Boffin’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

6. How We Share Personal Information

We may share personal information in the following circumstances:

A. Service providers and vendors

We may share information with vendors, contractors, and service providers who perform services on our behalf, such as:

• payment processors like Stripe;
• cloud hosting and infrastructure providers;
• third-party large language model providers (such as Anthropic and OpenAI) that perform inference on prompt content — which may include Google user data you have asked the agent to act on — under contractual terms that prohibit using that content to train their models;
• analytics and monitoring providers;
• customer support tools;
• communications providers; and
• security and fraud-prevention providers.

These parties are permitted to use the information only as reasonably necessary to provide services to us or as otherwise permitted by law.

B. Legal compliance and protection

We may disclose information if we believe disclosure is reasonably necessary to:

• comply with law, regulation, legal process, or governmental request;
• protect the rights, property, or safety of Alpha Boffin, our users, or others;
• detect, investigate, or prevent fraud, abuse, security incidents, or violations of our terms; or
• enforce our agreements and legal rights.

C. Corporate transactions

We may share or transfer information in connection with an actual or proposed merger, financing, acquisition, reorganization, sale of assets, bankruptcy, or similar corporate transaction.

D. With your direction or consent

We may share information with third parties when you direct us to do so or consent to the sharing.

7. Cookies and Similar Technologies

We and our service providers may use cookies, local storage, pixels, SDKs, and similar technologies to:

• keep you signed in;
• remember preferences;
• analyze traffic and usage patterns;
• secure the Service;
• measure performance; and
• support communications and marketing.

You may be able to control cookies through your browser settings. Blocking some cookies may affect Service functionality.

8. Data Retention

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to:

• provide the Service;
• maintain your account;
• comply with legal obligations;
• resolve disputes;
• enforce agreements; and
• maintain backup, audit, and security records.

Retention periods may vary depending on the type of information and the reasons we hold it.

9. Security

We use reasonable administrative, technical, and organizational measures designed to protect personal information from unauthorized access, loss, misuse, alteration, or disclosure. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

10. Sensitive Information

Unless we expressly state otherwise, the public self-serve Service is not intended for the submission of highly sensitive personal information, such as:

• health or medical records;
• payment card numbers;
• social security numbers;
• government identification numbers; or
• other similarly sensitive information.

Please do not submit such information through the Service unless we expressly allow it.

11. Children’s Privacy

The Service is not directed to children, and we do not knowingly collect personal information from children under the age of 13. If you believe a child has provided personal information to us, contact us and we will take appropriate steps to review and address the issue.

12. Your Privacy Rights

Depending on where you live, you may have certain privacy rights, which may include the right to:

• request access to personal information we hold about you;
• request correction of inaccurate personal information;
• request deletion of personal information;
• object to or request restriction of certain processing;
• withdraw consent where processing is based on consent; and
• request a portable copy of certain information, where applicable.

These rights are subject to exceptions and limitations under applicable law. To exercise a privacy request, contact us using the information below.

13. International Users

Alpha Boffin may process and store information in the United States and other jurisdictions where we or our service providers operate. By using the Service, you understand that your information may be transferred to and processed in countries that may have data protection rules different from those in your country.

14. Third-Party Services

The Service may link to or integrate with third-party websites, products, or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy notices separately. If you connect a Google account to Alpha Boffin, your interaction with Google is also governed by Google’s own privacy policy at https://policies.google.com/privacy.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we may provide notice by posting the updated policy, updating the effective date, sending an email, or providing another form of notice as appropriate. Your continued use of the Service after the updated policy becomes effective means the updated policy will apply to your continued interactions with the Service, to the extent permitted by law.

16. Contact Us

If you have questions about this Privacy Policy or want to submit a privacy request, contact:

Alpha Boffin Inc.
Contact: send us a message via our contact form.
Website: https://alphaboffin.com