Privacy Policy

1. Introduction

Clono ("we," "our," or "us") operates tryclono.com and provides a tool layer that connects your integrated services (email, calendar, task management, etc.) to software clients and agents through hosted skillpacks and authenticated HTTP APIs. This privacy policy explains how we collect, use, store, and share your information when you use our service.

2. Information We Collect

We collect the following types of information:

• Account information: Email address, name (if provided), and hashed password when you create an account.
• API keys: API keys you generate in Clono to authenticate software clients and agents. These are stored securely and used only to authorize requests to our Clono APIs.
• OAuth tokens and credentials: When you connect tools (e.g., Gmail, Google Calendar, Outlook, Trello), we store OAuth access and refresh tokens, and other credentials required to access those services on your behalf. We use these solely to execute tool operations when your agents request them.
• Tool results: Queries, arguments, and results from tool executions may be logged for debugging, reliability, and improving the service.

3. How We Use Your Data

We use your information to:

• Provide and operate the Clono service
• Authenticate your account and API keys
• Connect to and execute operations on your integrated services (e.g., send emails, read calendar events) when your AI agents request them
• Improve the service, fix bugs, and ensure security

4. Google and Other Third-Party Services

When you connect Google services (Gmail, Google Calendar, Google Drive, Google Sheets, Google Tasks, Google Contacts, Google Docs, Google Slides), we use OAuth 2.0 to obtain access tokens. We store refresh tokens to maintain access and request new access tokens when needed. We access your Google data only to perform the operations you request through Clono (e.g., reading emails, creating calendar events). We do not sell your Google data. We comply with the Google API Services User Data Policy.

Similarly, when you connect Microsoft (Outlook, OneDrive, Excel) or Trello, we store OAuth credentials and use them only to execute operations you request. We do not share your credentials with third parties except as required to provide the service (e.g., calling Google APIs).

5. Data Storage and Security

We store data on secure servers. Passwords are hashed with a salt. OAuth tokens and API keys are stored encrypted. We use industry-standard practices to protect your data. Access to production systems is restricted and logged.

6. Data Retention

We retain your account data and credentials while your account is active. If you delete your account or disconnect a tool, we delete the associated credentials. Logs and tool results may be retained for a limited period for operational and security purposes.

7. Your Rights

You may:

• Access, update, or delete your account information
• Revoke access to any connected tool at any time from the Integrations page
• Regenerate or delete your API keys
• Request deletion of your account and associated data by contacting us

8. Cookies and Tracking

We use essential cookies and session storage for authentication and app functionality. We do not use third-party advertising or tracking cookies.

9. Changes

We may update this privacy policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date.

10. Contact

If you have questions about this privacy policy or your data, contact us at nathanielangafor@gmail.com.