Privacy Policy
Effective date: July 6, 2026
Otto-Matic AI LLC (“Otto-Matic,” “we,” “us”) builds custom AI executive assistants (“Otto”) for businesses. This policy explains what information we collect, how we use it, who we share it with, and the controls you have — in plain English. It applies to ottomatic-ai.com, the Otto-Matic dashboard at app.ottomatic-ai.com, and every Otto instance we operate for clients (together, the “Service”).
The short version: your data is yours.We use it only to run your Otto. We never sell it, never use it for advertising, and never let one client’s data touch another’s.
1. Information we collect
- Account information. Name, email address, and organization membership, collected when you sign in. Authentication is handled by our identity provider (Clerk).
- Connected-tool data. When you connect a tool (for example Gmail or Google Calendar), Otto accesses the data that connection permits — described in detail in Section 3.
- Messages you exchange with Otto. Chat conversations, requests, and the notifications Otto sends you.
- Usage and billing data. Feature usage, task counts, and service metrics we need to operate your plan. Payments are processed by Stripe; we never see or store full card numbers.
2. How your data is isolated
Every client runs on their own isolated Otto instance with its own encrypted credential vault, its own memory, and its own messaging accounts. Client data is never co-mingled. Within a client organization, personal connections (like your Gmail) are scoped to the individual team member who connected them: Otto uses your account only when you are asking, and no teammate can reach your connected data through Otto.
3. Google user data
If you choose to connect a Google account, Otto requests the following Google OAuth scopes — and nothing broader:
- Gmail — read, manage, and draft (
gmail.modify): lets Otto read messages, apply labels, and prepare drafts so it can summarize your inbox, surface what needs you, and draft replies for your review. - Gmail — send (
gmail.send): lets Otto send an email from your address — only when you direct it to. - Calendar — view (
calendar.readonly): lets Otto see your schedule to answer questions and find open times. - Calendar — manage events (
calendar.events): lets Otto create and update events when you ask it to schedule something.
What we do with it
Google user data is used solely to provide the assistant features you see: reading and summarizing your email, drafting and (at your direction) sending messages, answering questions about your schedule, and creating events you request. Scheduled routines you set up (like a morning inbox summary) run with your own connection and deliver only to you.
What we never do with it
- We never sell Google user data or share it with data brokers.
- We never use it for advertising of any kind.
- We never use it to develop, improve, or train generalized artificial-intelligence or machine-learning models.
- No human at Otto-Matic reads it, except (a) with your explicit permission (for example, a support request you initiate), (b) as necessary for security purposes such as investigating abuse, or (c) as required by applicable law.
Otto-Matic’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Where it lives and how long
OAuth tokens are stored encrypted in your instance’s private credential vault. Email and calendar content is processed to answer your requests; short-lived working context (like a summary Otto prepared for you) lives only inside your isolated instance. When you disconnect a Google account — from the Integrations page or from your Google Account security settings — we delete the stored tokens and Otto immediately loses access. You can also email us to have any retained Google user data deleted.
4. AI processing
Otto is powered by third-party large-language-model providers, reached through an API gateway. Content is transmitted to these providers only as needed to fulfill your requests, under agreements that prohibit them from using your data to train their models. Your data is never used — by us or by our providers — to train generalized AI models.
5. Who we share data with
We share data only with the service providers (“subprocessors”) required to run the Service — cloud hosting, database, authentication, model providers, payments, and messaging delivery — each bound to use it only on our instructions. We also disclose data if the law requires it, or as part of a merger or acquisition (in which case this policy still applies to your data). We do not sell personal data. Ever.
6. Security
- Encryption in transit (TLS) and at rest.
- One isolated instance per client — no shared databases, vaults, or memory between clients.
- Least-privilege access: Otto requests only the OAuth scopes each feature needs, and every instance runs with a strict tool allowlist and audit logging.
- Audit logs record actions, not content — no message bodies, tokens, or personal data in logs.
7. Your rights and controls
- Disconnect any integrationat any time from the dashboard’s Integrations page.
- Revoke Google access directly at myaccount.google.com/permissions.
- Access, correct, export, or delete your personal data by emailing hello@ottomatic-ai.com. We respond within 30 days.
- Close your accountand we delete your organization’s instance, vault, and stored data.
8. Children
The Service is for businesses and is not directed to children under 13. We do not knowingly collect data from children.
9. Changes to this policy
If we make material changes, we’ll update the effective date above and notify account owners by email before the changes take effect.
10. Contact
Otto-Matic AI LLC · hello@ottomatic-ai.com
