Privacy Policy

1.1 Information You Provide

We collect information you voluntarily provide, such as:

• Account Information: Name, email address, password, and login credentials.
• Communication Data: Messages, emails, chats, and support requests.
• Billing Information: Processed securely through third-party payment providers (we do not store card details).

1.2 Information Automatically Collected

• Usage Data: Clicks, actions inside workflows, logs, and interactions with Services.
• Device Data: IP address, browser type, operating system, device identifiers, timestamps.
• Cookies & Tracking: Used for essential functionality, security, and performance optimization.

1.3 Information From Third-Party Integrations

If you connect third-party accounts (e.g., Google, Slack, Notion, Gmail, Calendar, Drive):

• We only receive data required to perform the specific task you initiate.
• We do not sync, crawl, or access your third-party data unless you explicitly trigger an action.

We use your data to:

• Provide and operate the Services
• Execute workflows and automations that you explicitly initiate
• Improve platform performance using only aggregated, non-personal, and non-Google data.
• Offer customer support
• Maintain security, detect fraud, and prevent abuse
• Comply with legal requirements

Important Clarification

Improvement of the Services applies only to non-Google data.

Google OAuth data is never used for analytics, product improvement, or AI training.

Pucho.ai complies with the Google API Services User Data Policy, including the Limited Use requirements.

This applies to Pucho.ai integrations with:

• Gmail
• Google Drive
• Google Calendar
• Google Sheets
• Google Docs
• Google Cloud Services

3.1 Access & Use Principles

We access Google user data:

• Only when you initiate an action (e.g., "Send email", "Read this file", "Create calendar event").
• Only for the minimum scope required to complete the requested task.
• Only on the exact files or items you choose through Google's official picker when applicable.

We never request broader access than necessary.

3.2 What Pucho.ai DOES NOT Do With Google User Data

Pucho.ai:

• does not sell, rent, or share Google data
• does not use Google data for ads, marketing, or profiling
• does not use Google data to train or improve AI or ML models
• does not use Google data for analytics or service improvement
• does not read or access your Google content unless triggered by you
• does not store Google data except temporarily to complete your task
• does not transfer Google data to third parties except when required to execute the workflow (e.g., sending your selected email)

We never request broader access than necessary.

3.3 Storage & Retention of Google Data

• Google OAuth data is not stored unless essential for completing a user-initiated workflow.
• Any temporary cached data is deleted immediately after task completion.
• Data is never used for long-term logs unless you explicitly enable a storage feature (e.g., "Save email content to database").
• You can disconnect your Google account at any time.

3.5 Limited Use Compliance Statement

Pucho.ai complies fully with:

Google API Services User Data Policy:

https://developers.google.com/terms/api-services-user-data-policy

This includes the Limited Use Policy, meaning Google data is used only to provide or improve user-requested functionality, and never for unrelated purposes.

We share data only under the following conditions:

4.1 Service Providers

Trusted vendors that provide:

• hosting & cloud infrastructure
• security tools
• workflow execution infrastructure
• analytics (excluding Google OAuth data)

They receive only minimal access needed to operate the Services.

4.2 Legal Requirements

If required to comply with:

• laws
• subpoenas
• regulatory requests
• court orders

4.3 Business Transfers

If Pucho.ai undergoes a merger or acquisition, your data may be transferred to the acquiring entity under similar privacy commitments.

4.4 No Unauthorized Sharing

We never share Google OAuth data unless necessary to perform a user-requested workflow.

• We retain data only as long as necessary to provide Services or comply with legal obligations.
• You may request deletion of your account and data at any time.
• Temporary workflow data is deleted after execution.
• Google user data is never stored for analytics or product improvement.

• Access your data
• Correct inaccurate information
• Request deletion
• Export your data
• Revoke third-party permissions

• We access only the data required for the specific action you choose
• We do not monitor or sync data in the background
• You can disconnect integrations at any time
• All third-party data is handled securely and minimally

• encryption in transit and at rest
• access control and audit logs
• secure hosting infrastructure
• regular vulnerability reviews