Unswitch Unswitch experimental

Legal

Unswitch Inc. Privacy Policy

Last updated: March 14, 2026

1. Introduction

This Privacy Policy explains how Unswitch Inc. collects, uses, stores, and shares information when you use the Unswitch web app, desktop app, and related services (collectively, the "Service").

2. Information We Collect

Depending on which features you use, we may collect the following categories of information:

  • Account and identity data: Google account information such as your Google account ID, name, email address, profile image, account creation and login timestamps, waitlist or access status, and related account metadata.
  • Google Drive connection data: If you connect Google Drive, we store Drive access and refresh tokens server-side so we can access files you choose, refresh tokens, and create requested Google Docs, Sheets, Slides, and other Drive outputs in your account. We may create Unswitch application folders in your Drive. Current generated Docs, Sheets, and Slides flows are intended to keep generated Drive files owner-only at creation time.
  • Phone verification and onboarding data: We collect your phone number, a one-way hash of the normalized number used for duplicate detection, phone-verification timestamps, onboarding-completion timestamps, and country information from geo headers or your selected phone country.
  • Content and context you choose to send: prompts and instructions; uploaded local files; clipboard text, images, files, and folders; screenshots; browser tab content; Google Drive files; generated outputs; preferences; feedback; and support messages. In desktop Autopilot or AI Actions flows, this can also include command results, verification screenshots, file lists, and limited window or path metadata returned by the commands you approve.
  • Billing data: If you buy credits or enable auto-recharge, Stripe processes your payment details. We store billing metadata such as Stripe customer IDs, saved payment-method references, transaction history, payment-intent IDs, webhook event IDs, and auto-recharge failure status. We never store full card numbers.
  • Device, telemetry, logs, and support data: device IDs, client version, platform, operating-system details, heartbeat and version-adoption telemetry, usage and request metrics, audit logs, client-submitted trace and error logs, and feedback or support submission details.
  • Local desktop data: If you use the desktop app, settings, local logs, API trace files when tracing is enabled, and tokens stored in platform secure credential stores are kept on your device.

3. How We Use Your Information

We use the information we collect to operate, secure, and improve the Service, including to:

  • Authenticate users, create accounts, manage sessions, and enforce waitlist or access controls.
  • Run onboarding and phone verification and abuse-prevention checks.
  • Process your AI requests, generate outputs, create async jobs, deliver downloads, and store temporary artifacts needed to complete your requests.
  • Read Google Drive files you explicitly select and create requested files or folders in your Google Drive.
  • Send product emails, support notifications, and realtime job-status updates.
  • Process credit purchases, saved-card setup, auto-recharge, webhook reconciliation, and related billing workflows.
  • Provide support, review feedback, troubleshoot issues, monitor service health, and maintain security and audit records.

4. Google API Services User Data Policy

Unswitch's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

5. How We Share Your Information

We do not sell your personal information. We share information only as needed to operate the Service, complete the features you request, protect the Service, or comply with law.

  • Google services: Google Identity Services, Google Drive, Docs, Sheets, Slides, Picker, and related Google APIs process the Google account and Drive data you choose to use with Unswitch.
  • AI providers: Prompts, attachments, screenshots, and related request content may be processed by third party AI providers for files, deep research, and audio-generation features.
  • Payments: Stripe processes payments, saved-card setup, and related billing events.
  • Messaging and support: SendGrid sends product or support emails, Twilio Verify may process phone verification data when phone verification is enabled, and third party services deliver realtime async-job notifications.
  • Infrastructure, storage, and analytics: We use Google Cloud services, including Cloud Storage, Cloud Tasks, BigQuery, and Cloud Monitoring, to host and operate the Service, persist artifacts and logs, and monitor reliability.
  • Legal or business transfers: We may disclose information when required by law, to protect rights or safety, or in connection with a merger, acquisition, or similar transaction.

6. Data Storage and Security

We use encryption in transit and encrypt sensitive data at rest under our control. Server-side data is primarily stored in Google Cloud systems configured for the US central region. Data may also be stored in your Google Drive account if you request Drive outputs, and on your local device if you use the desktop app.

7. Retention and Deletion

Retention depends on the type of data, the feature you use, and environment-specific configuration. Some retention windows are enforced in application code, while others come from Cloud Storage lifecycle settings that can be overridden per environment.

  • Uploaded AI input blobs are assigned a 24-hour expiry for request use by default, but blobs attached to async jobs may remain until the related job is deleted or cleaned up.
  • Async AI jobs expire after 7 days by default.
  • Deep-research email download links expire after up to 7 days by default, and never later than the related job's expiry.
  • Cloud Storage lifecycle defaults are 14 days for async payload objects, 30 days for async artifact objects, 365 days for feedback objects, 7 days for trace-log buckets, 90 days for error-log buckets, and 2 years for audit-log buckets.
  • Client heartbeat records are deleted after 90 days.

You can revoke Google access from your Google account settings and you can disconnect Google Drive from Unswitch to remove stored Drive tokens from our systems. Files created in your Google Drive remain there until you delete them from Google Drive. We do not currently provide a self-serve account deletion or data-export tool. If you want data we control deleted, contact support@unswitch.com. Some data may remain until scheduled cleanup runs complete or within third-party systems used for billing, logging, security, or abuse prevention.

If you use the desktop app, local settings, local logs, and local secure-store entries on your device are separate from server-side deletion and may need to be removed from the device you control.

8. Contact Us

If you have questions about this Privacy Policy or a data request, contact us at:

Related document: Terms of Service.