Otto-Matic

Privacy Policy

Effective date: July 6, 2026

Otto-Matic AI LLC (“Otto-Matic,” “we,” “us”) builds custom AI executive assistants (“Otto”) for businesses. This policy explains what information we collect, how we use it, who we share it with, and the controls you have — in plain English. It applies to ottomatic-ai.com, the Otto-Matic dashboard at app.ottomatic-ai.com, and every Otto instance we operate for clients (together, the “Service”).

The short version: your data is yours.We use it only to run your Otto. We never sell it, never use it for advertising, and never let one client’s data touch another’s.

1. Information we collect

2. How your data is isolated

Every client runs on their own isolated Otto instance with its own encrypted credential vault, its own memory, and its own messaging accounts. Client data is never co-mingled. Within a client organization, personal connections (like your Gmail) are scoped to the individual team member who connected them: Otto uses your account only when you are asking, and no teammate can reach your connected data through Otto.

3. Google user data

If you choose to connect a Google account, Otto requests the following Google OAuth scopes — and nothing broader:

What we do with it

Google user data is used solely to provide the assistant features you see: reading and summarizing your email, drafting and (at your direction) sending messages, answering questions about your schedule, and creating events you request. Scheduled routines you set up (like a morning inbox summary) run with your own connection and deliver only to you.

What we never do with it

Otto-Matic’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Where it lives and how long

OAuth tokens are stored encrypted in your instance’s private credential vault. Email and calendar content is processed to answer your requests; short-lived working context (like a summary Otto prepared for you) lives only inside your isolated instance. When you disconnect a Google account — from the Integrations page or from your Google Account security settings — we delete the stored tokens and Otto immediately loses access. You can also email us to have any retained Google user data deleted.

4. AI processing

Otto is powered by third-party large-language-model providers, reached through an API gateway. Content is transmitted to these providers only as needed to fulfill your requests, under agreements that prohibit them from using your data to train their models. Your data is never used — by us or by our providers — to train generalized AI models.

5. Who we share data with

We share data only with the service providers (“subprocessors”) required to run the Service — cloud hosting, database, authentication, model providers, payments, and messaging delivery — each bound to use it only on our instructions. We also disclose data if the law requires it, or as part of a merger or acquisition (in which case this policy still applies to your data). We do not sell personal data. Ever.

6. Security

7. Your rights and controls

8. Children

The Service is for businesses and is not directed to children under 13. We do not knowingly collect data from children.

9. Changes to this policy

If we make material changes, we’ll update the effective date above and notify account owners by email before the changes take effect.

10. Contact

Otto-Matic AI LLC · hello@ottomatic-ai.com