Privacy Policy
Last updated: 2026-07-03
Botrun (the "Service", "we") values your privacy. This policy explains how we collect, use, store, and share your data when you use the Service — in particular the Google user data obtained through Google sign-in.
1. What Data We Collect
1.1 Basic Google account data (via Google sign-in)
When you sign in with Google, we obtain the following non-sensitive scope data through Google OAuth:
- What we access: your Google account email, name, and profile picture (
openid,email,profilescopes) - Why we access it: to verify your identity and create/identify your account
- How we use it: to display your name and avatar and associate your data with your workspace
- Whether we share it: we do not sell or share it with third-party advertising platforms or data brokers
1.2 Data you provide or generate
Projects, knowledge-base documents, conversations, and settings you create in the Service. This data is stored within the Service to provide its features.
1.3 Google Workspace files (with your authorization)
When you choose to connect Google and grant access, the Service can access only the Google Sheets / Docs / Slides files you explicitly authorize or that the Service creates (using the drive.file scope, which is non-sensitive):
- What we access: only the specific Drive files you hand to the Service via the file picker, or that the Service creates for you; we do not browse or read other files in your Drive
- Why we access it: so AI agents can read or generate those spreadsheets / documents / slides at your direction
- How we use it: only for features you actively operate in the interface
- Whether we share it: we do not sell it or transfer it to third-party advertising or data brokers
1.4 Google Spreadsheets / Documents / Presentations you point us to (sensitive scopes, with your authorization)
When you additionally grant the following sensitive scopes, you can paste a Google Sheets / Docs / Slides URL directly into a conversation and have AI agents read or edit that file (spreadsheets, documents, presentations scopes):
- What we access: only the content of the Google spreadsheets, documents, and presentations whose URL (or file ID) you actively provide in a conversation; we do not enumerate, browse, or read any file you have not pointed us to
- Why we access it: so AI agents can read, analyze, or edit the files you designate, at your explicit direction
- How we use it: file content is used solely to complete the task you request (e.g., reading content to answer your question, or writing changes you ask for). To provide AI features, relevant content may be sent to the AI model service providers we engage, only as necessary to fulfill your request, and is not used for model training
- How we store it: we do not keep a separate full copy of your files; content referenced during a task may be retained as part of your conversation history (see Section 1.2), which you can delete at any time
- Whether we share it: we do not sell it or transfer it to third-party advertising platforms or data brokers
2. How We Use Data
We use data solely to provide and improve user-facing features that are prominent in the Service's interface, including authentication, account management, and the platform features you actively use.
3. How We Store and Protect Data
- Data is stored in an access-controlled environment; secrets are kept encrypted.
- We apply reasonable technical and organizational measures to prevent unauthorized access, disclosure, or alteration.
4. Whether We Share Data
- We do not sell your personal data, nor transfer it to advertising platforms or data brokers.
- We share only when: you consent; when processing is delegated to service providers acting on our behalf (e.g., AI model service providers, only as necessary to provide the features you use and not for model training); when the law requires it; or when it is necessary to protect the Service and its users.
5. Limited Use of Google User Data
Our use of data obtained through Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements:
- used only to provide or improve user-facing features;
- not transferred or used for advertising;
- not sold;
- not read by humans unless you give explicit consent, for security or abuse investigations, to comply with law, or where the data is de-identified/aggregated.
6. Your Rights
- You can revoke the Service's authorization at any time in your Google account permissions.
- You may request to access, correct, or delete your account data.
7. Contact Us
For questions about this policy or to exercise the rights above, contact us at service@cameo.tw.