How TAO handles operational and connected-app data.

TAO collects beta application details, account details, organisation details, contact requests, support messages, audit logs, usage events, and connected-provider data that a user or administrator authorises.

• Beta and newsletter forms collect name, email, company, role, team size, preferred path, and stated use case.
• Account creation collects name, work email, organisation name, password hash, verification state, and session/audit metadata.
• Connected providers can include email, calendar, files, contacts, finance, rental, CRM, and workflow records depending on the integration enabled.
• Enterprise pilots may include implementation notes, system inventories, workflow maps, and security review material.

TAO uses data to operate the beta programme, provide the product, connect apps into a unified operational interface, power Andy and TAO Pilot, provide support, maintain security, and deliver scoped implementation work.

• Andy and TAO Pilot may process connected-app context to draft replies, summaries, reminders, tasks, workflows, and review cards.
• Significant actions — sending email, writing calendar events, writing back to accounting or operational systems — remain visible and reviewable. They do not commit without explicit human approval.
• Provider data is not sold. Provider data is not used for unrelated advertising.
• Connected-provider data is used only to provide or improve user-facing TAO features that are visible in the product.

Where a user connects Google Workspace, TAO uses Google user data only to provide or improve user-facing features visible in the TAO product, never to develop or train generalised AI models. Human access is limited to cases where the user asks for support, where access is necessary for security or abuse investigation, or where required by law.

Andy is the assistant inside TAO. Andy drafts next steps from the operational record — a reply, a task, a calendar event, an invoice. Andy does not commit significant writes to your providers without explicit human approval. Operators can configure narrow auto-approve rules for routine, low-risk action classes; significant writes remain manual.

• You can request human review of any Andy-influenced decision before it commits.
• You can ask for an explanation of what Andy read and which inputs produced a particular draft.
• You can opt out of automated decision-making for your workspace, in line with the CCPA ADMT regulations effective January 1, 2026.
• The audit log records who approved what, when, and which Andy draft preceded the action.

Tokens and provider credentials are stored server-side and encrypted at rest. TAO keeps data for as long as needed to provide the workspace, meet security/audit requirements, support beta review, or deliver an enterprise implementation. Users can request deletion or provider disconnection through the support route.

• OAuth tokens are never intentionally exposed in the browser UI.
• Revoking a provider connection prevents future sync once the disconnect is processed.
• Some audit records may be retained to protect the service, investigate abuse, or meet legal obligations.

Wherever you are, the following rights apply to your personal information held by TAO. Where local law gives you more, local law wins.

• Access — request a copy of the personal information TAO holds about you.
• Correction — ask us to correct inaccurate or incomplete information.
• Deletion — ask us to delete your personal information, subject to legal retention obligations.
• Portability — request an export of your operational record in a structured, machine-readable format.
• Objection / opt-out — object to specific processing, including automated decision-making.
• Complaint — lodge a complaint with your local supervisory authority (e.g., your national data-protection authority).

Send any rights request to support@theartificialorganisation.com. See the Data Processing Agreement summary for the contractual basis.

TAO uses a limited set of subprocessors. Data shared with each subprocessor is limited to what the user-facing feature, support case, or security need requires. We will give advance notice of changes to this list with a reasonable objection window for enterprise customers.

• Vercel — Marketing site hosting and global edge delivery.
• AWS / managed Postgres — Application hosting and primary database for the operational record.
• Anthropic, OpenAI (model providers) — Generative model inference for Andy drafts. Customer data is not used to train provider models.
• Postmark / SES (email delivery) — Transactional email delivery — verification, invitations, notifications.
• Datadog / Sentry (observability) — Error reporting and infrastructure observability.