Privacy Policy

1. Information We Collect

When you sign in with Google, we receive your name, email address, and profile picture. We store these solely to identify your account on DataToRAG.

If you connect a service (e.g., Google Workspace), we receive an OAuth access token scoped to the permissions you approve. We use this token only to fulfill requests you make through the MCP protocol. We do not access your data outside of explicit tool invocations.

2. How We Use Your Information

• Authenticate your identity and manage your account
• Execute MCP tool calls on your behalf using connected service tokens
• Generate API keys that you create from the dashboard
• Send transactional emails related to your account (if applicable)

3. Data Storage and Security

Your data is stored in encrypted databases. OAuth tokens are stored securely and are never exposed in client-side code. We use HTTPS for all communications.

4. Third-Party Services

We integrate with third-party services (Google Workspace, etc.) only when you explicitly connect them. We do not sell, rent, or share your personal information with third parties for marketing purposes.

5. Data Retention

We retain your account data for as long as your account is active. You can disconnect services or delete your account at any time. Upon deletion, we remove your stored tokens and personal data.

6. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by contacting us at [email protected].

7. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes by posting the new policy on this page with an updated date.

8. Contact

Questions? Reach us at [email protected].