Privacy Policy

How we collect, use, and protect your data on PageLines' hosted AI agent platform

Last Updated: June 8, 2026

At PageLines, Inc. ("PageLines," "we," "us," or "our"), we value your privacy and are committed to protecting your personal data. We will never sell your personal data to anyone. This Privacy Policy explains how we collect, use, share, and protect your information when you use our website (www.pagelines.com), hosted AI agent platform, community, and related services (collectively, the "Services").

We comply with global privacy laws, including the European Union General Data Protection Regulation ("GDPR"), the California Consumer Privacy Act ("CCPA"), and the Brazilian General Data Protection Law ("LGPD") (collectively, "Applicable Law"). If you have questions, contact us at [email protected].

1. What is Personal Data?

"Personal Data" means any information that identifies or can be linked to you, such as your name, email address, AI agent configurations, business data processed through our Services, or device details. It also includes any similar definition under Applicable Law.

2. Information We Collect and Why

We collect data to provide and improve our Services, such as helping you deploy and manage hosted AI agents, access our community, and receive support. Here's what we collect and why:

2.1 When You Use Our Services

  • Data Collected: Device info (e.g., type, operating system, browser), IP address (truncated before storage), pages visited, visit duration, and referral source.
  • Purpose: To optimize your experience, ensure functionality, and detect misuse.
  • Legal Basis: Our legitimate interest (GDPR Art. 6(1)(f)).

2.2 AI Agent and Bot Data

  • Data Collected: Agent configurations, custom instructions, integration settings, conversation logs, and execution data generated by your hosted AI agents.
  • Purpose: To provide our hosted AI agent services, troubleshoot issues, and improve agent performance.
  • Legal Basis: Contract performance (GDPR Art. 6(1)(b)).

2.3 AI Interactions and Learning

  • Data Collected: Conversation logs between you and your agent, message attachments, relevant connected-service context, interaction patterns, and feedback on AI responses.
  • Purpose: To generate assistant replies, improve your agent's performance, and provide analytics on your agent's interactions.
  • AI Processors: PageLines uses OpenRouter, OpenAI, and Google to process this data for AI replies and related assistant features.
  • Legal Basis: Contract performance (GDPR Art. 6(1)(b)) and legitimate interest (GDPR Art. 6(1)(f)).

2.4 Community and Support Data

  • Data Collected: Discussion posts, support tickets, feedback, and interactions within our community platform.
  • Purpose: To provide community services, support, and improve our offerings based on user feedback.
  • Legal Basis: Contract performance (GDPR Art. 6(1)(b)) and legitimate interest (GDPR Art. 6(1)(f)).

2.5 Cookies and Tracking

  • Data Collected: Standard log data and behavior patterns (e.g., clicks, time spent) via cookies or similar tools.
  • Purpose: To operate the Services, analyze usage, and personalize content.
  • Legal Basis: Consent where required (GDPR Art. 6(1)(a)) or legitimate interest (GDPR Art. 6(1)(f)).

2.6 When You Contact Us

  • Data Collected: Name, email, and message content (e.g., via contact forms or support requests).
  • Purpose: To respond to your inquiries or support requests.
  • Legal Basis: Legitimate interest (GDPR Art. 6(1)(f)).

2.7 When You Create an Account or Subscribe

  • Data Collected: Name, email, payment info (if applicable), and profile details (e.g., company, role).
  • Purpose: To set up and manage your account, deliver Services (e.g., hosted AI agent provisioning), and process payments.
  • Legal Basis: Contract performance (GDPR Art. 6(1)(b)).

2.8 Aggregated Data

We may create anonymous, aggregated insights (e.g., usage patterns, common agent configurations) from Personal Data to improve our Services. This data cannot identify you.

3. Google Account Data

3.1 Google Sign-In

PageLines uses Google OAuth to authenticate users. When you sign in with Google, we access your name, email address, and profile picture to create and manage your PageLines account.

3.2 Google Workspace Integration

You may optionally connect your Google Workspace account to your AI agent. This is a separate authorization from sign-in and requires your explicit consent. When connected, PageLines requests the following OAuth scopes on behalf of your AI agent:

  • Google Calendar (calendar.readonly, calendar.events) — Your agent reads your calendar to answer scheduling questions and creates, updates, or deletes events on your behalf when you ask it to.
  • Google Tasks (tasks.readonly, tasks) — Your agent reads your task lists to show you what's due and creates or updates tasks when you ask it to.
  • Google Sheets (spreadsheets) — Your agent reads, writes, and creates spreadsheets when you ask it to, such as generating reports or organizing data.
  • Google Drive (drive.file) — Your agent can access only the files it creates (e.g., new spreadsheets). It cannot access your other Drive files.

3.3 How Google Workspace Data Is Processed

When you send a request to your AI agent (e.g., "What's on my calendar today?"), the following happens:

  • Your agent calls the relevant Google API through PageLines' server-side proxy. OAuth tokens are stored on PageLines' servers and never exposed to the agent runtime.
  • The Google API response (e.g., your calendar events) is passed to our AI processors, including OpenRouter, OpenAI, and Google, as part of the conversation context so the agent can formulate a response.
  • Google Workspace data is used only to fulfill your request in real time. It is not stored permanently, indexed, or used for training AI models.

3.4 Storage and Retention of Google Data

  • OAuth tokens (access and refresh tokens) are stored encrypted on PageLines' servers for the duration of the connection.
  • Google API responses (calendar events, tasks, spreadsheet data) are included in conversation context but are not stored separately or permanently. Conversation logs may contain references to Google data and are retained per Section 10.
  • When you disconnect Google from your agent or delete your account, OAuth tokens are deleted immediately. Conversation logs containing Google data are deleted within 30 days.

3.5 Sharing of Google Data

  • AI processors (OpenRouter, OpenAI, and Google) receive Google Workspace data only as part of conversation context to fulfill your requests. These processors operate under data processing agreements or equivalent contractual commitments and do not use your data to train models.
  • Google Workspace data is not sold, shared with advertisers, or used for purposes unrelated to providing the Service.
  • No other third parties receive your Google Workspace data, except as required by law.

3.6 Your Control Over Google Data

  • You can disconnect Google Workspace from your agent at any time from the PageLines dashboard. This immediately revokes PageLines' access and deletes stored tokens.
  • You can also revoke access from your Google Account permissions page.
  • Disconnecting does not delete past conversation logs that may reference Google data. To delete those, contact us or delete your account.

3.7 Google API Services Compliance

PageLines' use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Google data to provide and improve user-facing features that are visible to the user.
  • We do not use Google data for advertising, market research, or email campaigns.
  • We do not allow humans to read Google data except with your consent, for security purposes, to comply with law, or when aggregated and anonymized for internal operations.
  • We do not transfer Google data to third parties except as necessary to provide the Service, with your consent, or as required by law.

4. How We Share Your Data

We do not sell your Personal Data. We only share it in these cases:

  • Service Providers: With trusted partners (e.g., cloud hosting providers, payment processors) who process data on our behalf under strict confidentiality agreements.
  • AI Processors: We use OpenRouter, OpenAI, and Google to power assistant replies and related AI features. They process messages, attachments, and relevant context only to provide the Service, under data processing agreements or equivalent contractual commitments that require the same or comparable protection for your data.
  • Messaging Platforms: When your Bot interacts with users on platforms like Telegram, Discord, or WhatsApp, those interactions are subject to the respective platform's privacy policies.
  • Legal Obligations: When required by law (e.g., subpoenas) or to protect our rights, your safety, or others'.
  • Business Transfers: If PageLines is sold or merged, your data may be transferred as an asset, subject to Applicable Law and this Privacy Policy.

5. Third-Party Links and Integrations

Our Services may link to external sites or integrate with third-party services (e.g., messaging platforms, CRMs, email providers). We're not responsible for their privacy practices. Review their policies before connecting them to your AI agents.

6. Communications From Us

We may send you emails about Service updates, legal notices, community activity, support, or promotions. You can opt out of non-essential emails via the unsubscribe link or by emailing [email protected].

7. Your Privacy Rights

Depending on your location, you may have these rights:

  • Access: See what data we hold about you, including AI agent data and interaction logs.
  • Correction: Fix inaccurate data.
  • Deletion: Request data removal, including deletion of your hosted AI agents and associated data (subject to legal exceptions).
  • Portability: Get your data in a machine-readable format.
  • Restriction/Object: Limit or object to certain processing.
  • Consent Withdrawal: Withdraw consent for optional processing.
  • CCPA-Specific (California): Opt-out of data sales (though we don't sell data).
  • LGPD-Specific (Brazil): Ask about entities we've shared data with.

8. How to Exercise Your Rights

Email [email protected] with your request. Include your name, email, and desired action (e.g., "delete my data and AI agents"). We'll verify your identity and respond within 30 days (or as required by law).

9. Withdrawing Consent

If you've consented to data processing (e.g., AI agent hosting, optional analytics), you can withdraw it anytime by contacting us or adjusting your account settings. This won't affect prior processing but may disable your hosted AI agents and limit Service functionality.

10. How Long We Keep Your Data

We retain data only as long as needed for the purposes above, such as:

  • Account data: Until you delete your account, plus 30 days.
  • AI agent data: Until you delete your agents or your account.
  • Interaction logs: Up to 12 months, unless you object or request deletion.
  • Usage data: Up to 12 months, unless you object.
  • Legal compliance: As required by law (e.g., tax records for 7 years).

11. International Data Transfers

Your data is processed on secure servers in the United States. If accessed from or transferred to other countries, we use safeguards like Standard Contractual Clauses to protect it.

12. Children's Privacy

Our Services are not for children under 13 (or the local age of consent). We don't knowingly collect their data. If we discover such data, we'll delete it. Contact us if your child has provided data without consent.

13. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication systems
  • Regular security assessments
  • Secure data centers and infrastructure
  • Employee training on data protection

However, no method is 100% secure. We will notify you of any material breaches as required by law.

14. Updates to This Policy

We may update this Privacy Policy. You'll be notified of material changes via email (if you have an account) or a site notice. Changes take effect 30 days after posting. Continued use means you accept the updated policy.

15. Contact Us

Email: [email protected]
Privacy: [email protected]
Address: PageLines, Inc., San Francisco, CA, USA

For complaints, you may also contact your local data protection authority.

16. California Privacy Rights Notice

If you are a California resident, you have additional rights under the CCPA:

  • Categories of Personal Information: We collect identifiers, commercial information, internet activity, and professional information.
  • Sources: Directly from you, your device, and interactions with our Services.
  • Business Purposes: Operating Services, AI agent hosting, customer support, marketing, and legal compliance.
  • Third Parties: We share with service providers, AI model providers, and as required by law.

To exercise your CCPA rights, contact us at [email protected].