Privacy Policy
Last updated: June 29, 2026
AgentDesk ("we", "our", "us") is a self-hosted AI agent management platform operated at agentdesk.tpresearcher.online. This Privacy Policy describes how we collect, use, and protect information when you use AgentDesk.
1. Information We Collect
AgentDesk collects only the information necessary to operate the platform:
- Account information — email address and display name you provide during registration.
- OAuth tokens — when you connect third-party services (e.g., Google), we store encrypted OAuth refresh tokens to maintain access on your behalf.
- Agent data — agent configurations, task definitions, schedules, and conversation logs you create within the platform.
We do not collect analytics, tracking data, or usage telemetry.
2. Google User Data
When you connect your Google account, AgentDesk requests access to the following scopes based on the services you enable:
- Gmail (read, compose, send, modify labels) — to allow agents to search, read, draft, and send emails on your behalf.
- Google Drive (read, create, manage files) — to allow agents to search, read, and organize files in your Drive.
- Google Docs (read and write) — to allow agents to read and create documents.
- Google Sheets (read and write) — to allow agents to read, create, and update spreadsheets.
- Google Calendar (read and write) — to allow agents to view, create, and modify calendar events.
- Google Slides (read and write) — to allow agents to read and create presentations.
3. How We Use Google Data
AgentDesk's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically:
- Google user data is used solely to execute agent tasks that you explicitly configure (e.g., reading emails, creating documents, updating spreadsheets).
- Google user data is not sold to third parties.
- Google user data is not used for advertising or marketing purposes.
- Google user data is not shared with third parties except as necessary to provide the service (i.e., sending API requests to Google on your behalf).
- Google user data is not used to train AI models. Data retrieved from Google APIs is passed to the AI agent for the current task only and is not stored beyond conversation logs on your self-hosted instance.
4. Data Storage and Security
AgentDesk is self-hosted software. All data — including OAuth tokens, agent configurations, and conversation logs — is stored on your own server infrastructure.
- OAuth refresh tokens are encrypted at rest using AES-256-GCM before being stored in the local SQLite database.
- Access tokens are held in server process memory only and are not persisted to disk. They expire automatically (typically within 1 hour for Google tokens).
- All communication with Google APIs occurs over HTTPS/TLS.
5. Data Retention and Deletion
- You can disconnect a Google account at any time from Settings > Integrations. This immediately deletes the stored OAuth tokens from the database.
- You can revoke AgentDesk's access from your Google Account permissions page at any time.
- Since AgentDesk is self-hosted, you have full control over all stored data and can delete it at any time by removing the database or uninstalling the application.
6. Third-Party Services
AgentDesk connects to third-party APIs (Google, Notion, Telegram, etc.) solely to perform tasks you configure. We do not embed third-party analytics, advertising SDKs, or tracking scripts.
7. Children's Privacy
AgentDesk is not directed at children under 13. We do not knowingly collect personal information from children.
8. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be reflected by the "Last updated" date at the top of this page.
9. Contact
If you have questions about this Privacy Policy or your data, contact us at sakn501@gmail.com.