Privacy Policy

Last updated: July 2, 2026

ExecBot is a private AI chief-of-staff service operated by POWER OF 28 LLC ("ExecBot", "we", "us"). This policy explains what information we handle when you use ExecBot at execbot.io and its associated applications, and the choices you have. ExecBot is an invitation-only service for business use.

1. Information we collect

2. How we use information

We use your information only to provide and improve the service you configure: running your specialists and automations, building your briefings and memory, showing you your own usage and costs, securing accounts, and providing support. We do not sell your data. We do not use your content to train AI models — your content is processed by the model provider under your own key and your own provider agreement.

3. Google API Services — Limited Use

ExecBot's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Gmail data is used only to provide user-facing features you have configured, is never used for advertising, is never sold, and is not used to train generalized AI or machine-learning models. Human access to Gmail data is limited to cases required for security, compliance with law, or with your explicit consent for support.

4. Storage and security

Your data is stored with tenant-level isolation enforced at the database layer (PostgreSQL row-level security), encrypted in transit (TLS) and at rest. Secrets — OAuth tokens and API keys — are additionally encrypted with AES-256-GCM. Attachments are stored in Cloudflare R2 object storage scoped to your tenant.

5. Subprocessors

We rely on a small set of infrastructure providers to run the service: Railway (application and database hosting), Cloudflare (storage and networking), Google (sign-in and, if connected, Gmail), Anthropic (model inference under your own API key and agreement), ElevenLabs (voice, on voice-enabled plans), Voyage AI (embeddings for your memory), and Stripe (payments). Each receives only what is necessary for its function.

6. Retention and deletion

Your content is retained while your membership is active so that memory — a core feature — works. You can delete conversations, memories, attachments, and connected credentials in the product. On request we will export your data and/or delete your tenant in full; write to access@execbot.io and we will complete deletion within 30 days, subject to legal retention obligations. Revoking Gmail access immediately stops all Gmail processing.

7. Your rights

Depending on your jurisdiction you may have rights to access, correct, export, or delete your personal information, and to object to or restrict certain processing. Contact us at access@execbot.io to exercise them.

8. Changes

We will post any material changes to this policy on this page and update the date above. Continued use of the service after changes take effect constitutes acceptance.

9. Contact

POWER OF 28 LLC · access@execbot.io