Privacy Policy

Who we are

ROST is an operating system for companies staffed by people and supervised AI agents. You stay in control: agents act only inside a defined role with explicit boundaries, and durable actions require human approval. You can reach us at privacy@elevatez.ai.

Information we collect

• Account information. When you sign in with Google, we receive your name, email address, and profile identifier to create and secure your account.
• Content you provide. Information you enter into ROST — such as your organization structure, roles, goals, and the instructions you give an agent.
• Connected-service data.When you connect a third-party service (for example Google), the data the agent accesses on your instruction to perform its task (see “Google user data” below).
• Usage and diagnostic data. Logs of actions taken in the product (including an audit record of every agent tool call) and basic technical data needed to run the service reliably and securely.

Google user data

If you connect your Google account, ROST requests only the scopes needed for the feature you enable, and a supervised agent uses that access on your behalf:

• Gmail (read).Read the messages relevant to the agent’s assigned task in order to triage, summarize, and extract the information you asked it to handle.
• Gmail (drafts). Create email replies as drafts in your mailbox for you to review. ROST is draft-not-send by default; the agent does not send email without your explicit approval.
• Google Sheets. Read spreadsheet data to produce the reports or summaries you requested, and write results back only to the sheets you approve.

Limited Use. ROST’s use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We use Google user data only to provide and improve the user-facing features described above. We do not sell it, we do not transfer it to third parties except to provide these features (and only as described under “How we share information”), we do not use it for advertising, and we do not use it to develop, improve, or train generalized AI/ML models. Humans cannot read your Google data except where you give explicit permission for support, for security, to comply with applicable law, or as required for the operation of the features you use.

How we use information

We use the information we collect to operate, secure, and improve ROST; to perform the tasks you direct your agents to perform; to provide support; and to comply with legal obligations. AI processing is performed transiently to produce the output you requested and is shown only to you and the people in your own workspace.

How we share information

We do not sell your information. We share it only with service providers that help us run ROST, bound by contract to protect it and to use it only to provide their service to us:

• Cloud hosting (application and database infrastructure).
• AI model providers that process content transiently to generate the summaries, drafts, and answers you request. These providers are contractually prohibited from using your content — including any Google user data — to train their models.

We may also disclose information if required by law or to protect the rights, safety, and security of our users and the service.

Data retention and deletion

We retain your information for as long as your account is active or as needed to provide the service, then delete or de-identify it within a reasonable period, except where we must retain it to meet a legal obligation. Connected-service credentials are revoked when you disconnect the integration or close your account. You can request deletion of your data by contacting privacy@elevatez.ai.

Security

We protect your information with industry-standard safeguards. Third-party credentials are stored as references in a dedicated secrets vault — never in our application database, logs, or model prompts — and are bound to a single role with a server-enforced permission check on every action. Each tenant’s data is isolated, and every agent tool call is recorded in an append-only audit log.

Your choices

You can review and revoke ROST’s access to your Google account at any time from your Google Account permissions page, or by disconnecting the integration in ROST. Depending on where you live, you may have rights to access, correct, or delete your personal information; contact us to exercise them.

International users, children, and changes

ROSTis intended for business use by adults; it is not directed to children. If you use the service from outside the country where it is operated, you consent to processing your information there. We may update this policy from time to time and will revise the “Last updated” date above; material changes will be communicated through the service.

Contact

SKBD LLC — privacy@elevatez.ai