Privacy Policy

Sidekick AI provides AI-assisted business operations workflows for service teams and local businesses. The service helps users coordinate approvals, email triage, document work, reminders, receipts, website and SEO tasks, reports, and connected-tool actions.

Questions or privacy requests can be sent to support@sidekickai.ca.

• Account information, such as your Supabase authentication user ID, email address, login state, and account ownership records.
• Business onboarding information, such as business name, business type, phone or contact identifier, timezone, tone, business context, primary goal, first-week success notes, website URL, website platform, and SEO preferences.
• Integration information, such as provider name, connection status, Nango connection ID, connected timestamps, reconnect state, Wix instance metadata, Slack team metadata, and related setup details.
• Messaging information, such as Telegram or Slack identifiers, channel routing metadata, owner-approved messages, reminders, routine state, and message content needed to deliver Sidekick workflows.
• Operational content, such as receipts, files, exports, draft responses, reports, website project metadata, Vercel deployment metadata, SEO audits, error logs, support records, and agent workspace notes.
• Usage and device information, such as pages visited, actions taken in the product, analytics events if analytics are enabled, browser metadata, timestamps, and diagnostic logs.

Sidekick AI uses OAuth or provider-authorized flows for connected services. We do not ask for or store your Google, Dropbox, Asana, Slack, Wix, or other third-party account passwords. OAuth tokens and connection metadata may be handled by Nango and the relevant provider so Sidekick can perform the workflows you enable.

You choose which integrations to connect. You can disconnect integrations from the product or revoke access directly from the provider, including from your Google Account permissions page.

If you connect Google services, Sidekick AI may access and process Google user data only for the Sidekick features you enable and use. Depending on the integrations you connect, this may include:

• Gmail data, such as message lists, message details, threads, profile metadata, attachments, and sent messages when you ask Sidekick to investigate, summarize, draft, or send email.
• Google Calendar data, such as calendars, event details, attendees, locations, times, and created or updated events when you ask Sidekick to check availability or manage scheduling.
• Google Drive data, such as files, folders, file metadata, file content, and upload or organization actions when you ask Sidekick to find, summarize, store, copy, move, or manage Drive files.
• Google Sheets data, such as spreadsheets, ranges, values, created sheets, and appended rows when you use Sidekick for records, receipts, expenses, or tabular business workflows.
• Google Analytics and Search Console data, such as accounts, properties, reports, traffic metrics, search visibility, indexing status, and website performance information.
• Google Business Profile data, such as business review information and owner-approved review responses, if that integration is enabled and connected.

Sidekick AI's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

We do not sell Google user data, use it for advertising, transfer it to data brokers, or use it to determine credit-worthiness. We do not use Google user data to train or improve generalized, foundation, or frontier AI/ML models.

• Create and manage your Sidekick account, onboarding, dashboard, integrations, and assigned agent.
• Provide user-facing workflows, including approvals, email summaries, document retrieval, receipt processing, reminders, website updates, SEO checks, traffic reports, and connected-tool actions.
• Generate drafts, summaries, recommendations, and operational reports using AI systems and model providers where needed to provide the service.
• Maintain security, prevent abuse, debug errors, monitor reliability, and support the product.
• Communicate with you about setup, support, account status, product changes, security, and legal notices.
• Comply with law, enforce our Terms, resolve disputes, and protect the rights of Sidekick AI, users, providers, and the public.

Sidekick AI uses AI systems and agent runtimes, including OpenClaw-powered workflows and configured model providers, to prepare summaries, drafts, reports, and task recommendations for user-facing features. When AI processing is needed, we send only the information reasonably needed for the task.

Users remain responsible for reviewing and approving outputs before relying on them or sending them externally. Sidekick is designed for business operations assistance, not professional legal, tax, medical, financial, or compliance advice.

We share information only as needed to provide, secure, and operate Sidekick AI, including with:

• Infrastructure and platform providers, such as Supabase, Vercel, and hosting or monitoring vendors.
• Integration and OAuth providers, such as Nango and the third-party services you connect.
• Messaging and workflow providers, such as Telegram, Slack, Google, Dropbox, Asana, Wix, and Vercel, when you connect or direct Sidekick to use those services.
• AI/model providers and agent runtimes that process content to provide Sidekick's user-facing features.
• Professional advisors, authorities, or counterparties when required by law, legal process, security needs, or a business transaction.

We do not sell personal information or Google user data. We do not share connected-service content for unrelated advertising or data brokerage.

We keep information for as long as needed to provide Sidekick AI, maintain security, comply with law, resolve disputes, enforce agreements, and preserve backups. Operational records, logs, reports, and agent workspace artifacts may be retained while your account or assigned agent is active.

You can request deletion of your Sidekick account data or connected-service records by contacting support@sidekickai.ca. Some information may remain in backups, logs, legal records, or provider systems for a limited time where deletion is not immediately practical or legally required.

We use reasonable administrative, technical, and organizational safeguards designed to protect information in transit and at rest. Access to production systems and secrets is limited to authorized personnel and service processes. No internet service can be guaranteed completely secure.

• Access, correct, or update account and onboarding information through Sidekick where available.
• Disconnect integrations in Sidekick or revoke provider access directly from the provider.
• Request access, export, correction, or deletion by contacting us.
• Opt out of non-essential communications by following available instructions or contacting support.

Sidekick AI is intended for business users and is not directed to children under 13. We do not knowingly collect personal information from children under 13.

We may update this Privacy Policy as the service, integrations, or legal requirements change. If we materially change how we use Google user data or other personal information, we will update this page and provide additional notice where required.