# Privacy Policy ## Service Overview TabTabTab is a web-based productivity application that provides AI-powered assistance for working with documents, spreadsheets, and files. Our approach to your data prioritizes both functionality and privacy. ## Authentication We offer multiple authentication options: - **Google OAuth:** Sign in with your Google account for quick access - **Email & Password:** Traditional account creation with email verification We collect your email address for account management, authentication, and essential service communications. ## Data Storage ### What We Store on Our Servers To enable AI-powered workflows and cross-browser access (similar to Google Drive), we store the following in our backend: - **Files:** Uploaded files are stored in a private Google Cloud Storage (GCS) bucket - **Documents:** Rich text documents are stored in our TipTap backend - **Spreadsheets:** Spreadsheet data is stored in our database **Why we store files:** - Enables the AI to efficiently process and work with your files - Allows you to access your work from any browser or device - We do not look at your files, except to provide support at your request ### What Stays in Your Browser (Local Only) The following data is stored only in your browser and never sent to our servers: - **Chat Message History:** Your conversation threads with the AI - **Threads:** Organization of your chat sessions - **File Snapshots:** Local copies of file states - **File Change Staging:** Pending changes before you commit them **Note:** Because this data stays in your browser, if you switch to a different browser or clear your browser data, this information will be lost. ## Observability & Debugging ### 90-Day Data Retention For debugging, support, and service reliability purposes, we temporarily retain observability logs for up to 90 days, which may include: - **User prompts:** The queries you send to the AI - **Tool calls:** Actions the agent takes on your behalf (and their outcomes) - **AI responses:** The model outputs returned to you These logs do **not** include raw file contents (for example: PDFs, images, spreadsheets, or other uploaded file data). **This data is:** - Automatically deleted after 90 days - Used solely for debugging issues, providing support, and improving service reliability - Never used for training AI models or shared with third parties - Accessed only by authorized team members (e.g. via our support/observability tools such as Langfuse) when investigating issues ## AI & Training Policy ### Your Data Is Not Used for Training - **AI Providers:** Our AI providers are contractually instructed not to train on your data - **TabTabTab:** We do not use your data to train AI models ## Analytics We use PostHog for analytics to understand how users interact with our product, improve the experience, and identify issues: - **Navigation events:** How you move through the app (to improve UX) - **File upload events:** When you upload a file (not the file content itself) - **Agentic request lifecycle:** Start, stop, abort, and completion events - **Error tracking:** To identify and fix bugs Session replay is disabled. We do not track the content of your files—only high-level usage patterns. ## Your Rights You have the right to: - Request deletion of your account and associated data - Export your files and documents - Control your notification and email preferences ## Contact Us For any privacy-related questions or concerns, please contact us at: Email: privacy@tabtabtab.ai ## Updates to This Policy We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the effective date. Last updated: January 22, 2026