Privacy Policy

Last Updated: June 15, 2025

Introduction

This Privacy Policy outlines our policies and procedures on the collection, use, and disclosure of your information when you use our business automation services ("Service"). It informs you of your privacy rights and how the law protects you.

We use your personal data to provide and improve our services, which include streamlining follow-up tasks, repetitive tasks, inventory management, sales process automation, collection automation, and more. By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy.

Compliance with Google API Services User Data Policy: Our use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Interpretation and Definitions

Interpretation

Words with an initial capital letter have meanings defined under the following conditions, and these definitions apply whether they appear in singular or plural form.

Definitions

• Account: A unique account created for you to access our Service or parts of our Service.
• Company: ("We," "Us," or "Our") refers to K Lite Education, based in Nehru Place, New Delhi.
• Cookies: Small files placed on your device by a website, containing information about your browsing history and other uses.
• Country: India.
• Device: Any device capable of accessing our Service, such as a computer, smartphone, or tablet.
• Personal Data: Any information relating to an identified or identifiable individual.
• Service: Refers to the website and any other services provided by the Company, specifically business process automation.
• Service Provider: Any natural or legal person processing data on behalf of the Company.
• Usage Data: Data automatically collected from the use of our Service or its infrastructure.
• Website: The Company's website, accessible from www.autopilotmybusiness.com.
• You: The individual or legal entity accessing or using the Service.

This policy has been crafted to reflect the operations of K Lite Education, under the management of Arun P Sharma.

Google User Data: Access, Use, Storage, and Sharing

To provide its powerful automation features, our Service requires extensive access to your Google account, specifically your Gmail data. This section transparently details what data we access, why we need it, and how we protect it, in full compliance with Google's requirements for sensitive and restricted scopes.

1. What Google User Data We Access and Why

Our application is a business automation tool that operates based on rules and workflows you create. To execute these user-defined tasks, we require access to various functions within your Gmail account. We are committed to data minimization, but the comprehensive nature of automation requires broad permissions. Access is never used for purposes other than executing the workflows you configure.

Below is a functional breakdown of the data we access, linked to the specific automation capabilities of our Service:

A. Full Email Management (Reading, Composing, Sending, Modifying, and Deleting)

Purpose: The core of our Service is automating your email communication. This allows you to create workflows that can, for example, automatically reply to customer inquiries, send follow-ups on invoices, process information from an email body, and then archive or delete the email to keep your inbox clean.

Data Accessed: Email body, headers, recipients, attachments. We can read, create, send, and even permanently delete emails on your behalf as directed by your automation rules.

B. Mailbox Organization

Purpose: To help you automatically manage and organize your inbox. Your workflows can apply labels (e.g., "Paid," "Urgent," "Follow-Up") to incoming or outgoing emails, and move emails between folders (e.g., move all receipts to a "Receipts" folder).

Data Accessed: Email messages and their labels.

C. Mailbox Integration and Insertion

Purpose: For advanced workflows that require importing emails into your mailbox. For example, you could create an automation that logs an activity from a CRM and then inserts a corresponding email record into your Gmail account.

Data Accessed: We can insert emails into your mailbox.

D. Gmail Settings Management

Purpose: To allow you to create and manage highly sophisticated automation rules. This functionality is used to programmatically create or modify Gmail filters and forwarding addresses based on your business needs. For example, you could create a workflow to temporarily forward all emails from a specific client to a project manager.

Data Accessed: Your Gmail filters, forwarding settings, and other general email settings. This access is highly sensitive and is used only to execute automation rules you explicitly create.

E. Metadata-Only Access

Purpose: For simpler, faster workflows that do not require reading the entire email. For example, an automation could be triggered just by checking the sender's email address or the subject line. This minimizes data access wherever possible.

Data Accessed: Email headers (From, To, Subject, Date) and labels, without accessing the email body.

F. Google Workspace Add-on Functionality

Purpose: To provide our Service's features directly within the Gmail interface for a seamless user experience. This access is contextual and only active when you are interacting with our add-on inside Gmail.

Data Accessed: Email content and compose windows, but only when the add-on is open and you are actively using it.

List of Requested Scopes for Transparency:

To enable the functionalities described above, we request the following Google OAuth scopes:

• https://mail.google.com/
• https://www.googleapis.com/auth/gmail.modify
• https://www.googleapis.com/auth/gmail.readonly
• https://www.googleapis.com/auth/gmail.compose
• https://www.googleapis.com/auth/gmail.send
• https://www.googleapis.com/auth/gmail.insert
• https://www.googleapis.com/auth/gmail.labels
• https://www.googleapis.com/auth/gmail.metadata
• https://www.googleapis.com/auth/gmail.settings.basic
• https://www.googleapis.com/auth/gmail.settings.sharing
• https://www.googleapis.com/auth/gmail.addons.current.message.readonly
• https://www.googleapis.com/auth/gmail.addons.current.action.compose
• https://www.googleapis.com/auth/gmail.addons.current.message.action

2. How We Use Your Google User Data

Your Google user data is used exclusively to provide and improve the automation services you have configured.

• Execution of Rules: Data is used to execute the specific automation rules that you create, enable, and trigger in your Account. This includes all actions like sending emails, applying labels, creating filters, or deleting messages on your behalf.
• Service Maintenance: To provide and maintain the Service.
• Troubleshooting & Support: Human access to your data is strictly prohibited. The only exception is for security purposes (e.g., investigating a security incident) or to resolve a technical support request, and even then, only with your explicit, real-time consent.
• No Advertising: Your data is never used for serving advertisements, and it is never sold, transferred, or disclosed to third parties for marketing or advertising purposes.

3. Sharing and Disclosure of Your Google User Data

We do not share, transfer, or disclose your Google user data with any third parties.

The only exceptions to this rule are:

1. To Comply with Law: When necessary to comply with applicable laws or a valid legal process (e.g., a subpoena or court order).
2. For Service Provision: To a trusted Service Provider (such as a cloud hosting provider like AWS or Google Cloud) who processes data on our behalf. These providers are bound by strict confidentiality agreements and must comply with our privacy and security standards, as well as the Google API Services User Data Policy.

4. Data Protection and Security

We implement robust technical and organizational security measures to safeguard your Google user data against unauthorized access, alteration, disclosure, or destruction.

• Encryption: All data is encrypted in transit using Transport Layer Security (TLS 1.2 or higher) and encrypted at rest using industry-standard AES-256 encryption.
• Limited Use Compliance: We comply fully with Google's Limited Use requirements. All use of data is limited to providing or improving user-facing features.
• Access Controls: We enforce strict internal access controls based on the Principle of Least Privilege, ensuring that only a minimal number of authorized personnel with a legitimate business need (e.g., system maintenance) can access systems containing user data.
• Secure Infrastructure: Our application is hosted on a secure cloud infrastructure that provides comprehensive physical and network security protections.
• Regular Monitoring: We continuously monitor our systems for vulnerabilities, potential intrusions, and other security threats.

5. Data Retention and Deletion

We retain your Google user data only for as long as you maintain an active Account with our Service, or as needed to provide the Service to you.

You have full control over your data and the right to delete it at any time.

• Account Deletion: You can delete your Account from the application's dashboard at any time. Upon receiving a deletion request, all of your associated Google user data will be permanently and irrevocably erased from our live systems within 30 days. Backup data will be deleted in line with our backup rotation cycle.
• Revoking Access: You can revoke our application's access to your Google account at any time via your Google Account permissions page: https://myaccount.google.com/permissions. Revoking access will immediately stop the application from accessing your data. You can then contact us at ea@autopilotmybusiness.com to request the deletion of any data we previously stored.

Contact Us

If you have any questions about this Privacy Policy, you can contact us:

• By email: ea@autopilotmybusiness.com
• Contact Person: Arun P Sharma