1. Introduction
PupiBot ("we", "our", or "the Service") is a Google Workspace automation assistant that helps users manage their calendar events, emails, Drive files, spreadsheets, documents, tasks, and contacts through natural language commands.
This Privacy Policy describes how we collect, use, store, and protect your information when you use PupiBot.
1.1 Data Controller
| Name | Claudio Gallardo (Independent operator of PupiBot) |
| Contact email | claudio.gallardo@pupibot.lat |
| Website | https://pupibot.lat |
2. Information We Collect
2.1 Google Account Information
When you authorize PupiBot via Google OAuth 2.0, we access:
| Information | Purpose | Storage |
|---|---|---|
| Email address | Identify your account | Yes - In Firestore |
| Profile name | Personalize the experience | Yes - In Firestore |
| Profile photo | Display in the interface | Not stored |
2.2 Google Workspace Data
PupiBot accesses your Google Workspace data only when you explicitly request it through a command. The permissions (scopes) we request are:
| Service | Permissions | Usage |
|---|---|---|
| Google Calendar | Read, create, modify, and delete events | Manage your calendar per your instructions |
| Gmail | Send new emails and create drafts | Send emails per your instructions |
| Google Drive | Create and manage files created by PupiBot or selected by the user | Manage files per your instructions (includes Docs and Sheets via drive.file) |
| Google Sheets | Read and write spreadsheets (access via Drive) | Work with spreadsheets created by PupiBot or selected by the user via Google Picker |
| Google Docs | Read and create documents (access via Drive) | Manage documents created by PupiBot or selected by the user via Google Picker |
| Google Tasks | Read, create, and manage tasks | Manage your tasks per your instructions |
| Google Contacts | Read, create, and manage contacts | Search and create contacts per your instructions |
IMPORTANT:
- PupiBot does NOT store the content of your emails, files, events, or documents.
- PupiBot does NOT transfer your data to third parties.
- PupiBot accesses your data only at the moment of executing your command and data is processed ephemerally in memory.
2.3 Service Usage Data
| Data | Purpose | Retention |
|---|---|---|
| User ID | Identify sessions | While account is active |
| Conversation history (last 7 messages) | Context for sequential commands | 24 hours |
| Daily command counter | Plan limit management | Daily reset |
| Subscription plan | Billing management | While active |
2.4 Information We Do NOT Collect
- We do NOT store the content of your emails, files, or documents
- We do NOT store your passwords (we use OAuth 2.0)
- We do NOT share data for advertising
- We do NOT sell your personal information
- We do NOT access your data without your explicit command
3. How We Use Your Information
We use your information exclusively to provide and improve user-facing features within PupiBot:
- Execute your commands: When you say "create an event tomorrow at 3pm", we access Google Calendar to create that specific event.
- Maintain conversation context: We keep the last 7 messages to understand references like "download it" or "send it to him".
- Manage your subscription: We track your plan and daily usage to apply the corresponding limits.
We do NOT use Google user data for any purpose other than providing and improving user-facing features within PupiBot.
4. Google API Services User Data Policy
PupiBot's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
4.1 Limited Use Disclosure
PupiBot's use of information received from Google APIs will adhere to Google's Limited Use requirements. Specifically:
- We limit our use of data to providing or improving user-facing features that are prominent in PupiBot's user interface.
- We do NOT transfer data to third parties except as necessary to provide or improve user-facing features, for security purposes, or to comply with applicable law.
- We do NOT allow humans to read user data unless we have the user's affirmative agreement, it is necessary for security purposes (e.g., investigating abuse), or it is necessary to comply with applicable law.
- We do NOT use data for advertising, retargeting, personalized advertising, or interest-based advertising.
- We do NOT sell user data to third parties, data brokers, or information resellers.
- We do NOT use data to determine creditworthiness or for lending purposes.
4.2 AI/ML Training Disclosure
AI/ML Model Training: PupiBot does NOT use Google user data to train artificial intelligence or machine learning models. User commands are processed by Google AI (Gemini) solely to interpret the user's intent and generate a response in real time. No Google user data (emails, files, events, contacts, or tasks) is used for model training, fine-tuning, or any form of machine learning improvement.
4.3 Scopes Requested
PupiBot requests the following OAuth scopes, each justified by a specific user-facing feature:
| # | Scope | Classification | User-Facing Feature |
|---|---|---|---|
| 1 | openid | Non-sensitive | User authentication (login) |
| 2 | userinfo.email | Non-sensitive | Identify user account |
| 3 | userinfo.profile | Non-sensitive | Personalize responses with user's name |
| 4 | calendar | Sensitive | Create, edit, delete calendar events by user command |
| 5 | drive.file | Non-sensitive | Manage files created by PupiBot or selected via Google Picker (covers Docs & Sheets) |
| 6 | gmail.send | Sensitive | Send emails and create drafts by user command (cannot read existing emails) |
| 7 | tasks | Sensitive | Create, edit, and manage tasks by user command |
| 8 | contacts | Sensitive | Search, create, and manage contacts by user command |
Total: 8 scopes (4 non-sensitive + 4 sensitive). Restricted scopes: 0.
5. Data Storage and Security
5.1 Infrastructure
- Cloud provider: Google Cloud Platform (GCP)
- Database: Google Cloud Firestore
- Server: Google Cloud Run
- Region: United States (us-central1)
5.2 Security Measures
- All communications encrypted with TLS/HTTPS
- Authentication via industry-standard OAuth 2.0
- Access tokens stored securely in encrypted sessions
- No access to user passwords
- Code execution in isolated sandbox environment
- No filesystem or network access from sandbox
5.3 Token Management
The OAuth access tokens that Google provides:
- Are stored temporarily during your session
- Are used exclusively to execute your commands
- Expire automatically per Google's policies
- Can be revoked by you at any time from myaccount.google.com/permissions
6. Sharing Information with Third Parties
6.1 Service Providers
| Provider | Purpose | Data Shared |
|---|---|---|
| Google Cloud Platform | Hosting infrastructure | Operational data |
| Google AI (Gemini) | Natural language processing | Command text only (no personal data attached) |
| PayPal | Payment processing | Email for billing (Pro subscribers only) |
6.2 What We Do NOT Do
- We do NOT sell data to third parties
- We do NOT share data for advertising
- We do NOT transfer content of your emails, files, or documents to any third party
6.3 Legal Requirements
We may disclose information if required by:
- Court order or legal process
- Protection of rights, safety, or property
- Emergencies involving danger of death or physical injury
7. Data Retention
| Data Type | Retention Period |
|---|---|
| Account information | Until you delete your account |
| Conversation history | 24 hours (overwritten with new messages) |
| Usage logs | 30 days |
| Subscription data | Until cancellation + 90 days for disputes |
Account Deletion
When you delete your account:
- Your profile information is deleted from our database
- Access tokens are revoked
- Conversation history is deleted
- Subscription data is anonymized after 90 days
8. Your Rights
You have the right to:
- Access: Request a copy of your data
- Rectification: Correct inaccurate information
- Deletion: Request the deletion of your account and associated data
- Portability: Obtain your data in a structured, machine-readable format
- Revocation: Revoke PupiBot's permissions at any time from myaccount.google.com/permissions
To exercise any of these rights, contact: claudio.gallardo@pupibot.lat
9. Cookies
| Cookie | Purpose | Type |
|---|---|---|
| Session Token | Keep your session active | Essential |
| Preferences | Remember language settings | Functional |
We do not use third-party cookies for advertising or tracking.
10. Children's Privacy
PupiBot is not intended for users under 16 years of age. We do not knowingly collect information from children.
11. International Legal Compliance
General Data Protection Regulation (GDPR)
If you reside in the European Economic Area (EEA), you have the following rights under the GDPR:
- Legal basis: We process your data based on your explicit consent (Art. 6.1.a GDPR) granted when you authorize PupiBot via Google OAuth.
- Right of access (Art. 15): You can request a copy of your personal data.
- Right to rectification (Art. 16): You can correct inaccurate data.
- Right to erasure (Art. 17): You can request the deletion of your data ("right to be forgotten").
- Right to data portability (Art. 20): You can receive your data in a structured format.
- Right to object (Art. 21): You can object to the processing of your data.
- Right to withdraw consent: You can revoke access at any time from myaccount.google.com/permissions.
To exercise any right, contact: claudio.gallardo@pupibot.lat
California Consumer Privacy Act (CCPA)
If you are a California resident, you have the following rights under the CCPA:
- Right to know: What personal information we collect and how we use it (detailed in this policy).
- Right to delete: You can request the deletion of your personal information.
- Right to opt-out: You can opt out of the "sale" of personal information.
- Non-discrimination: We will not discriminate against you for exercising your rights.
12. International Data Transfers
Your data may be processed on servers located outside your country of residence, specifically in the United States (Google Cloud Platform). These transfers are conducted under:
- Standard contractual clauses
- Google's data protection framework
13. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes via:
- In-app notification
- Email to the address associated with your account
Continued use of the Service after changes constitutes your acceptance.
Summary for Users
What we do:
- Execute the commands you give us
- Store only the minimum necessary to function
- Protect your data with modern security standards
What we do NOT do:
- We do not store your emails, files, or documents
- We do not sell or share data for advertising
- We do not access anything without your explicit request
- We do not use Google data to train AI/ML models
You are in control:
- You can revoke our access at any time
- You can request the deletion of your data
- You can see exactly what permissions you have granted
14. Contact
If you have questions about this Privacy Policy:
- Email: claudio.gallardo@pupibot.lat
- Website: pupibot.lat