Leoparo

Effective date: January 11, 2026

This Privacy Policy explains how Leoparo ("Leoparo," "we," "our," or "us") collects, uses, discloses, and protects information when you use Leoparo (the "Service"), an AI assistant that helps you interact with your own applications and data (for example, summarizing emails or answering questions about documents you connect). If you do not agree with this Policy, do not use the Service.

0) Key definitions

Personal Information: information that identifies or can reasonably be linked to an individual.
Customer Content: content you submit to the Service or make available through the Service, including prompts, chat messages, files, documents, and content retrieved from connected apps.
Connected Account Data: data accessed from third-party services you connect (e.g., Gmail, Google Drive, Slack, Notion), including OAuth tokens and data retrieved via APIs within the scopes you grant.
Subprocessors: vendors we use to operate the Service (e.g., analytics, support tools, payment providers, and AI model providers).

1) Who we are & how to contact us

Controller: Or Soffer (sole proprietor) trading as "Leoparo"
Mailing address: soffer@leoparo.com
Support: support@leoparo.com
Privacy: privacy@leoparo.com
Security: security@leoparo.com

2) Scope

This Policy applies to Personal Information we process about:

Visitors to our websites (including leoparo.com), and
Users of the Service (including workspace members invited by another user).

If we process Personal Information on behalf of a business/enterprise customer under a Data Processing Addendum ("DPA"), the DPA governs for that customer's workspace.

3) Information we collect

What we collect depends on how you use the Service.

A. Account & identity data

Name, email address, authentication data (e.g., hashed password), profile image (if provided), workspace details, roles/permissions, and audit/authentication logs.

B. Customer Content & Connected Account Data

Prompts, chat messages, files/documents you upload, and AI outputs (summaries, drafts, answers).
Data retrieved from connected apps at your direction (or via automations you enable).
OAuth and integration data needed to operate connections (e.g., scopes, access/refresh tokens, expiration timestamps, connection status).

C. Automation data

If you create automations, we process trigger events, configuration, execution metadata, and results. Depending on your settings and the integration, an automation run may include portions of Customer Content required to execute the automation. Some chats and automations may perform actions without manual review (for example, sending an email on your behalf) depending on your settings.

D. Usage, device, and telemetry data

IP address, browser/device/OS info, approximate location derived from IP (city/region), timestamps, feature usage, performance metrics, and diagnostic logs.

E. Billing & commercial information

Subscription tier, plan limits/usage, and transaction metadata we receive from our Merchant of Record/payment provider.

F. Support and communications

Messages you send to us (e.g., email/support chat). If you choose to share content for troubleshooting, that content may be processed to provide support.

4) Sources of information

We collect information:

Directly from you (account creation, prompts, uploads, support messages),
From connected services (via OAuth/API access you authorize),
Automatically (cookies, logs, device data), and
From service providers (e.g., payment confirmations, fraud signals, analytics events).

If you provide information about other people (e.g., emailing a third party), you represent you have the right to do so.

5) How we use information

We use Personal Information to:

Provide and operate the Service (authenticate users, run chats, retrieve connected data at your request, generate responses, and execute actions/automations on your behalf).
Maintain safety and security (prevent abuse, detect fraud, troubleshoot incidents, enforce terms).
Provide support and communications (respond to requests, send service notices).
Improve the Service (debugging, reliability, performance, feature improvements, and quality assurance).
Billing and administration (manage subscriptions, plan limits, and receipts).
Comply with legal obligations and respond to lawful requests.

Legal bases (EEA/UK where applicable): contract performance, legitimate interests (e.g., security, service improvement), consent (e.g., optional marketing/analytics where required), and legal obligation.

6) AI processing & model providers

How responses are generated. When you use the Service, we may process your prompt and minimal necessary relevant context (e.g., retrieved snippets from connected apps or documents) to generate an output.

Model providers. We may use third-party AI model providers and/or self-hosted models. Providers and regions may change for performance and reliability. These providers act as subprocessors under contractual obligations to protect data.

No foundation-model training by default. We do not use Customer Content to train foundation models (ours or third-party) unless you provide explicit opt-in consent (for example, by enabling a clearly labeled setting). We may use aggregated or de-identified telemetry to improve reliability, safety, and routing.

Human access. We do not allow humans to review Customer Content except:

with your explicit request/consent for specific content (e.g., support),
for security/abuse investigation,
to comply with law, or
where data has been aggregated and anonymized for internal operations.
to debug, maintain, and secure the Service (including investigating reliability issues), consistent with this Policy,

7) Integrations (acting on your behalf) & Google Limited Use

Your control. When you connect a third-party service, Leoparo requests the minimum scopes needed for the features you enable. We use access only to perform tasks you initiate or schedule (e.g., "summarize my inbox," "draft a reply," "search my documents"). You can disconnect integrations in Settings and may revoke access from the third-party provider at any time.

Google Workspace / Gmail — Limited Use Disclosure

Leoparo's use of information received from Google Workspace APIs (including Gmail) adheres to the Google API Services User Data Policy, including the Limited Use requirements.

In particular, for data accessed via Google Workspace APIs:

We limit use of that data to providing or improving user-facing features that are visible and prominent in Leoparo.
We do not sell that data or use it for advertising (including retargeting, personalized, or interest-based ads).
Any "transfer" of Google Workspace API data (for example, to a model provider acting as our subprocessor) is only to provide or improve those user-facing features, with your consent through your use of the feature, and subject to contractual protections.
We do not allow humans to read Google user data except with your explicit consent for specific data, for security purposes, to comply with law, or where aggregated/anonymized for internal operations.
We do not use Google user data to create, train, or improve machine learning/AI models beyond the specific user-facing functionality you request.

8) Document retrieval, embeddings, and indexes

To support search and "chat with your files," we may create embeddings (vector representations) and metadata for connected documents. Embeddings help retrieve relevant passages when you ask questions.

If you delete a file/chat or disconnect an integration, we stop accessing it going forward.
We will delete or de-link related embeddings/indexes within a reasonable timeframe where technically feasible.
Residual copies may persist in encrypted backups for a limited period and in security/audit logs as described in Section 12.

9) How we share information

We share Personal Information only as needed to operate the Service:

A. Subprocessors / service providers

Hosting, storage, vector databases, analytics, customer support tools, email delivery, monitoring/logging, and AI model providers—under contracts requiring confidentiality and appropriate security.

B. Connected third-party services (at your direction)

We send requests to your connected apps only to perform actions you request (e.g., creating a draft, sending an email, writing to a workspace tool).

C. Legal and safety

To comply with law or protect rights, safety, and security.

D. Business transfers

If we undergo a merger, acquisition, financing, or asset transfer, information may be disclosed as part of that transaction as permitted by law.

We do not sell Personal Information and do not share Personal Information for third-party advertising.

10) Payments (Merchant of Record)

We use Polar as Merchant of Record for checkout, payments, tax handling, and invoicing. Payment and tax data are processed by Polar under its own privacy policy as an independent controller. We receive limited transaction metadata to activate and manage subscriptions.

11) Cookies, analytics, and marketing pixels

We use:

Strictly necessary cookies/local storage for authentication, security, and core functionality.
Optional analytics (e.g., product analytics/performance measurement).
Optional marketing measurement tools (e.g., ad conversion measurement) where enabled.

Where required by law, we present a consent choice before setting non-essential cookies/pixels. You can also control cookies via browser settings. We honor Global Privacy Control (GPC) signals where applicable.

(See Cookie Notice in Annex A.)

12) Data retention

We retain Personal Information only as long as necessary to operate the Service, meet security/fraud-prevention needs, comply with law, and fulfill the purposes described above.

Typical retention approach (examples):

Account data: until account deletion, plus a reasonable period for restoration and security.
Customer Content (chats/files): until you delete it or delete your account/workspace.
OAuth tokens: until you disconnect the integration or delete your account; some token metadata may remain in audit logs.
Embeddings/indexes: until you remove the underlying source, plus a reasonable period for backups.
Security/audit logs: We may retain security, fraud-prevention, and audit logs indefinitely to protect the Service, detect abuse, enforce our Terms, and comply with legal obligations, to the extent permitted by applicable law. These logs are designed to contain primarily metadata (such as timestamps, user/workspace IDs, IP address, device information, event types, integration status, and error codes). In limited cases, logs may include snippets of content needed to diagnose errors or investigate abuse (for example, portions of an API request that caused a failure). Where feasible, we minimize, redact, and/or restrict access to such content in logs.
Billing records: retained as required for tax/accounting depending on jurisdiction.

Deletions may not be immediate across all systems, and certain data may be retained where required or permitted by law.

13) International data transfers

We may process and store Personal Information in countries other than your own. Where required, we rely on lawful transfer mechanisms such as Standard Contractual Clauses and the UK IDTA/Addendum.

14) Your rights & choices

Depending on your location, you may have rights to access, correct, delete, port, object to, or restrict processing of your Personal Information, and to withdraw consent where processing is based on consent.

To exercise rights: email support@leoparo.com (or privacy@leoparo.com). We may verify your identity. Workspace users should contact their workspace admin for requests about workspace-controlled data.

You can also disconnect integrations and revoke third-party access at any time.

15) California and other regional notices

We do not sell Personal Information. We do not share Personal Information for cross-context behavioral advertising. California residents may have rights to know, delete, and correct Personal Information, and to opt out of sharing where applicable. We honor GPC where required.

Residents of other jurisdictions (e.g., Brazil LGPD, Canada PIPEDA, Australia Privacy Act) may have similar rights.

16) Security

We implement safeguards designed to protect Personal Information, including encryption in transit and at rest, role-based access controls, least-privilege permissions, and monitoring/audit logging. No system is 100% secure; please keep credentials confidential and notify us of suspected unauthorized access.

17) Children's privacy

The Service is not directed to children under 13 (or the minimum age required by your jurisdiction). We do not knowingly collect Personal Information from children.

18) Changes to this Policy

We may update this Policy from time to time. We will post the updated Policy and update the effective date above. For material changes, we will provide additional notice (e.g., email or in-app notice). Continued use after the effective date constitutes acceptance.

19) Contact us

Questions about this Policy or our data practices? Email support@leoparo.com or privacy@leoparo.com.

Annex A: Cookie Notice (summary)

Strictly necessary: Session/auth cookies (first-party). Required for the Service to function.
Preferences: Language/theme settings (first-party). Optional.
Analytics: Product analytics/performance cookies (provider-specific). You can opt out where required by law.
Marketing: Conversion measurement pixels where enabled. Optional.
Functional/3rd-party: Cookies set by embedded integrations (e.g., support widget). Controlled by those third parties.