Back to Workr

Privacy Policy

Last updated: March 2, 2026

1. Introduction

Workr ("Workr", "we", "us", or "our") provides an AI-powered workspace management platform that enables teams to collaborate, communicate, and automate workflows through autonomous AI agents (the "Service"). This Privacy Policy describes how we collect, use, store, and share your personal information when you use our Service, including our website, web application, and related features.

By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when using the Service, including:

  • Account Information: Your name, email address, and profile picture when you sign in with Google OAuth.
  • Workspace Data: Workspace names, member lists, roles, and invitation details that you create or manage.
  • Communications: Messages, files, images, and other content you send through the chat feature, including direct messages and group conversations.
  • Company Context: Business information you provide to configure your AI agents, such as company descriptions, target audience profiles, and brand guidelines.
  • Support Communications: Information you provide when contacting us for support or feedback.

2.2 Information from Connected Tools

When you connect third-party services through our Tools feature, we collect and store OAuth tokens (access tokens and refresh tokens) that allow our Service and your AI agents to interact with those services on your behalf. The specific data accessed depends on the tools you connect:

  • Gmail: When you connect Gmail, we access your email messages to enable reading, replying, and composing emails through the Service. We request only the permissions necessary to provide this functionality (gmail.readonly and gmail.send scopes).
  • Google Calendar: When you connect Google Calendar, we access your calendar events to enable viewing, creating, and managing calendar entries. We request calendar.readonly and calendar.events scopes.
  • Google Drive: When you connect Google Drive, we access your files and documents to enable reading and referencing them within the Service. We request drive.readonly scope.

Google API Services User Data Policy: Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We only access, use, store, and share Google user data for the purposes described in this Privacy Policy and as authorized by you. We do not use Google user data for serving advertisements or sell Google user data to third parties.

2.3 Information Collected Automatically

When you use the Service, we may automatically collect:

  • Device Information: Browser type, operating system, device type, and screen resolution.
  • Usage Data: Pages visited, features used, timestamps, and interaction patterns.
  • Log Data: IP addresses, access times, and referring URLs.
  • Cookies: Session cookies to maintain your authentication state. We use only essential cookies required for the Service to function.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide the Service: To operate, maintain, and deliver the features of the Service, including workspace management, team chat, and AI agent functionality.
  • AI Agent Operations: To enable your AI agents to perform tasks on your behalf using the context and tools you have configured. AI agents access only the data and tools you have explicitly authorized.
  • Authentication: To verify your identity and manage your account access.
  • Communication: To send you workspace invitations, system notifications, and important service updates.
  • Improvement: To analyze usage patterns and improve the Service's functionality, reliability, and user experience.
  • Security: To detect, prevent, and address technical issues, fraud, and security threats.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • Workspace Members: Your name, email, profile picture, and role are visible to other members of workspaces you belong to. Messages you send in channels are visible to channel members.
  • AI Service Providers: We may share data with third-party AI model providers to power AI agent functionality. This data is processed according to our agreements with these providers and is not used for their own training purposes.
  • Service Providers: We use third-party service providers for hosting, database management, email delivery, and analytics. These providers process data on our behalf and are bound by contractual obligations to protect your information.
  • Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

5. Data Storage and Security

We implement industry-standard security measures to protect your personal information, including encryption of data in transit (TLS/SSL), secure storage of OAuth tokens, and access controls. However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.

Your data is stored on secure cloud infrastructure. OAuth tokens for connected tools are encrypted and stored in our database. We retain your data for as long as your account is active or as needed to provide the Service.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. When you delete your account or disconnect a tool, we will delete or anonymize the associated data within a reasonable timeframe, except where we are required to retain it for legal or compliance purposes.

When you disconnect a connected tool (such as Gmail, Google Calendar, or Google Drive), we immediately revoke and delete the associated OAuth tokens, and cease accessing data from that service.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal information.
  • Deletion: Request deletion of your personal information, subject to legal retention requirements.
  • Data Portability: Request a copy of your data in a structured, machine-readable format.
  • Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time.
  • Tool Disconnection: You may disconnect any connected tool at any time through the Tools page, which immediately revokes our access to that service.

To exercise any of these rights, please contact us at the email address provided below.

8. Third-Party Services

The Service may contain links to or integrations with third-party websites and services that are not operated by us. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you access through our Service.

9. Children's Privacy

The Service is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information promptly.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from the laws of your country. We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated Privacy Policy on this page and updating the "Last updated" date. Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Workr
Email: [email protected]

© 2026 Workr. All rights reserved.