DoneCo.app Privacy Notice

During testing, DoneCo.app may collect account details, authentication identifiers, workspace settings, team-member and agent records, project and task data, comments, decisions, approval history, integration metadata, product usage events, logs, and support or feedback messages.

DoneCo.app processes data from connected tools only after a workspace member chooses to connect that tool. Depending on the connector you enable, this may include calendar metadata, chat or channel activity, code-hosting metadata, selected files, webhook payloads, or other work signals needed to power visible DoneCo.app features.

Connected-tool data is normalized into workspace events, daily briefs, action proposals, audit records, and other product surfaces that help users plan and run work.

If you connect Google Calendar, DoneCo.app requests read-only access to calendar lists and calendar events using the scopes https://www.googleapis.com/auth/calendar.readonly and https://www.googleapis.com/auth/calendar.events.readonly.

DoneCo.app may read calendar identity and event metadata such as event title, start and end time, organizer, attendees, location, meeting link, recurrence, and event status. These scopes do not allow DoneCo.app to create, edit, delete, invite attendees to, or send Google Calendar events.

Calendar data is used only for user-facing DoneCo.app features such as upcoming meetings, Daily Briefs, focus planning, meeting preparation, bottleneck context, and project or task recommendations.

DoneCo.app's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

DoneCo.app does not sell Google user data, use it for advertising, retargeting, personalized ads, credit decisions, data-broker purposes, or information-reseller purposes.

We use information to provide DoneCo.app, operate approval workflows, generate Brain proposals, personalize workspace planning, maintain audit trails, improve reliability, investigate bugs, prevent abuse, protect the service, respond to support requests, and understand private-test readiness.

DoneCo.app may send relevant workspace and integration context, including Google Calendar metadata, to AI service providers so the Brain can draft, summarize, classify, and propose Actions inside DoneCo.app.

Google Workspace data is not used to train or improve generalized AI or machine learning models. It is used only to provide or improve DoneCo.app's user-facing features and personalized workspace context.

We share data with service providers that help us operate DoneCo.app, such as cloud hosting, authentication, database, logging, payment, email, and AI infrastructure providers. These providers process data for DoneCo.app's service purposes.

DoneCo.app personnel do not read Google Calendar data except with your request or consent, to resolve support or security issues, to investigate abuse or bugs, or when required by law.

Personal surfaces such as Daily Briefs, focus sessions, reflections, and weekly reviews are designed as private user data. They are not per-person velocity dashboards, leaderboards, or individual performance analytics for managers.

DoneCo.app uses HTTPS in transit and Google Cloud infrastructure for production hosting. OAuth refresh tokens are stored in Google Secret Manager. Application data is stored in Cloud SQL with encryption at rest. Access to production systems is limited to operational needs.

We retain workspace and integration data while your workspace is active or as needed to provide DoneCo.app, maintain security, comply with legal obligations, resolve disputes, and preserve audit trails.

You can disconnect Google Calendar in DoneCo.app settings or revoke access from your Google Account permissions page. After disconnection, DoneCo.app stops future Calendar syncing. You may request access, correction, export, or deletion of active app data; backup, log, security, legal, and audit copies may remain for a limited period before deletion or anonymization under normal retention cycles.

DoneCo.app is operated from the United States and uses cloud infrastructure that may process data in the United States or other locations where our service providers operate. If local privacy law gives you data rights, contact us and we will handle the request according to applicable law.

For support, privacy requests, export requests, deletion requests, or Google API data questions, email help@doneco.app.