Privacy Policy

Effective Date: 2026-04-11

This Privacy Policy explains how lookatmy.ai ("we", "us", "our") collects, uses, stores, and protects your personal data when you use our services, including AI agent interactions and third-party application integrations.

We are deeply committed to privacy and transparency. Our goal is to collect and use only the information necessary to provide and improve our services while safeguarding your privacy.

1. Information We Collect

We collect the following types of information:

  • Account Information: When you create an account, we collect your email address and, if provided, your display name, alias, and preferences.
  • Service Data: We store files you upload, your chat logs, workflow configurations, trigger settings, your custom AI personas, and related preferences, strictly for the purpose of providing you with our service.
  • Connected Application Data: When you connect third-party applications (such as Gmail, Slack, Google Calendar, Instagram, Notion, Telegram, and others), we process data from those applications in real-time to fulfill your requests. This may include calendar events, email content, messages, social media data, task lists, and other information accessible through the connected app's API. This data is processed transiently and is not permanently stored unless it becomes part of a conversation log or a file you explicitly save.
  • Authentication Tokens: When you authorize a third-party application, your authentication credentials (OAuth tokens) are stored and managed by our integration partner, Composio. We do not directly store your third-party login credentials.
  • Workflow and Trigger Data: We store your workflow instructions, trigger configurations, scheduling preferences, and execution logs to provide automation functionality.
  • AI Memory Data: Our AI agent may learn and remember your preferences, communication style, and contextual information across conversations to provide personalized responses. You can view, edit, or delete these memories at any time.
  • Usage Analytics: Based on your cookie preferences, we may collect analytics data through Google Analytics and PostHog to understand how our service is used. This includes page views, feature usage, session duration, and general interaction patterns.
  • Marketing Data: When marketing cookies are enabled, we may use Google Ads cookies for conversion tracking to measure the effectiveness of our marketing campaigns and for remarketing purposes.
  • Technical Information: We may collect browser type, operating system, IP address, and device information to improve service compatibility and performance.

2. Cookies and Tracking Technologies

We use cookies and similar tracking technologies based on your preferences. You can manage these through our cookie consent banner:

Types of Cookies We Use:

  • Strictly Necessary Cookies: Essential for authentication and core functionality. These cannot be disabled.
  • Analytics Cookies: We use Google Analytics and PostHog to understand usage patterns and improve our service. These cookies collect aggregated data about site usage.
  • Marketing Cookies: We use Google Ads for measuring the effectiveness of our marketing campaigns and for remarketing.

Third-Party Services:

  • Google Analytics: Collects anonymized data about site usage and user behavior.
  • PostHog: Product analytics platform for understanding user interactions and feature usage.
  • Google Ads: Used for our marketing campaigns, conversion tracking, and remarketing.

You can modify your cookie preferences at any time through the cookie settings in your account or by clicking the cookie settings link in the footer.

3. How We Use Your Information

We use your information to:

  • Operate and deliver the services you request, including executing AI agent actions and automated workflows;
  • Process data from connected third-party applications to fulfill your requests;
  • Maintain the security, reliability, and integrity of our platform;
  • Personalize your experience through AI memory and learned preferences;
  • Improve and develop new features based on usage analytics;
  • Understand user behavior and optimize the user experience;
  • Measure the effectiveness of our marketing campaigns (when marketing cookies are enabled);
  • Communicate important service updates and changes.

4. Third-Party Application Data

When you connect third-party applications through our Service:

  • Data Processing: Data from connected apps is accessed and processed in real-time by our AI agent to complete your requests. For example, if you ask "What's on my calendar tomorrow?", the agent accesses your calendar data, processes it, and returns a response.
  • Transient Processing: Data retrieved from connected apps is processed transiently and is not stored in our databases unless it becomes part of a conversation log that you can view, manage, and delete.
  • Integration Partner: Third-party app connections are facilitated by Composio, our integration partner. Composio securely manages your OAuth tokens and API connections. Composio's privacy practices are governed by their own privacy policy.
  • Scope of Access: The AI agent only accesses data within the scope of permissions you grant when authorizing the connection. You can review and revoke permissions at any time.
  • Workflow Execution Data: When automated workflows execute, they may access and process data from connected apps according to your workflow instructions. Execution logs (success/failure status, timestamps) are stored for your reference.
  • No Selling of Third-Party Data: We do not sell, share, or use data from your connected applications for advertising, profiling, or any purpose other than providing the Service to you.

5. Data Storage and Security

  • File & Chat Data: Your files, chat logs, and AI memories are stored securely and only used to provide the services you initiate.
  • Third-Party Providers: We use reputable third-party vendors including:
    • AI model providers for chat and agent functionality (routed through OpenRouter)
    • Composio for third-party application integrations
    • Cloud storage providers for file storage (Cloudflare R2)
    • OpenAI for vector storage and document search (RAG)
    • Google Analytics and PostHog for usage analytics
    • Google Ads for marketing and conversion tracking
    • Resend for transactional and onboarding emails
    • Lemon Squeezy for payment processing
  • Data Protection: We implement industry-standard security measures including encryption in transit and at rest, access controls, and regular security reviews.
  • Access Controls: Only authorized personnel can access user-related data as necessary to maintain and troubleshoot the service.
  • Anonymized Model Requests: Chat messages sent to AI model providers are routed through OpenRouter, which acts as a proxy. Your requests are anonymized and cannot be traced back to your identity by the model provider.

6. Sharing and Disclosure

We share your information only in the following circumstances:

  • Service Providers: With trusted third-party services necessary to operate our platform (AI providers, integration partners, hosting, analytics, advertising).
  • Connected Apps: With third-party applications that you explicitly authorize and connect. Data is shared only within the scope of your authorized permissions and only to fulfill your requests.
  • Analytics Partners: Anonymized usage data with Google Analytics and PostHog for service improvement.
  • Marketing Partners: When you consent to marketing cookies, data may be shared with Google Ads for remarketing campaigns and conversion tracking.
  • Legal Requirements: As required by law or to protect the rights and safety of lookatmy.ai and its users.

We do not sell your personal data, chat content, or data from connected applications to third parties. Some AI model providers accessible through our platform may have their own data practices, including training on inputs. Your requests are anonymized through OpenRouter, and by selecting a specific model, you acknowledge the data practices of its provider.

7. Data Retention and Deletion

  • Account Data: We retain your files, chat logs, workflows, AI memories, and preferences for as long as your account is active.
  • Connected App Tokens: OAuth tokens for connected applications are retained until you disconnect the app or delete your account. Tokens are managed by Composio.
  • Workflow Execution Logs: Workflow execution logs are retained for your reference and can be deleted with your account.
  • Analytics Data: Google Analytics data is retained according to Google's data retention policies (typically 14-50 months). PostHog data is retained for 90 days by default.
  • Marketing Data: Google Ads data retention follows Google's advertising policies.
  • Cookie Data: Cookies expire based on their type. Session cookies expire when you close your browser, persistent cookies have varying expiration dates.
  • Requesting Deletion: You may request deletion of your account and all associated data at any time by contacting us at [email protected]. Upon deletion:
    • All chat logs, files, AI memories, workflows, and preferences will be permanently deleted.
    • All connected third-party applications will be disconnected and OAuth tokens will be revoked.
    • We will request deletion of your data from our integration partners where applicable.
    • Some anonymized, aggregated analytics data may be retained as it cannot be linked back to you.

8. Your Rights

Depending on your jurisdiction, you have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request corrections to inaccurate personal data.
  • Deletion: Request deletion of your personal data.
  • Portability: Request your data in a portable format.
  • Opt-out: Opt out of analytics and marketing cookies at any time.
  • Withdraw Consent: Withdraw consent for data processing where consent is the legal basis.
  • Disconnect Apps: Disconnect any third-party application and revoke the AI agent's access at any time.
  • Manage AI Memory: View, edit, or delete any information the AI agent has learned about you.

To exercise these rights, please contact us at [email protected].

9. Managing Your Privacy

You can control your privacy settings through:

  • Connected Apps: Manage and disconnect third-party applications through your Connectors page.
  • AI Memory: View and manage what your AI agent remembers about you in Account > Memories.
  • Cookie Preferences: Manage cookie consent through the cookie banner or account settings.
  • Browser Settings: Use your browser settings to block or delete cookies.
  • Google Ads Settings: Visit Google Ads Settings to manage ad personalization.
  • Google Analytics Opt-out: Install the Google Analytics Opt-out Browser Add-on.

10. Children's Privacy

lookatmy.ai is not intended for children under 18. We do not knowingly collect personal information from children under this age.

11. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, new features, or legal requirements. If we make significant changes, we will notify users via email or through the service. Continued use after changes indicates acceptance of the new policy.

13. Contact

If you have any questions or concerns about your privacy or how your data is handled, please contact us at:

[email protected]

Your privacy is central to our mission. Thank you for trusting lookatmy.ai, please contact us if you have any concerns.