Draft โ€” pending legal review

Privacy policy

Last updated:  ยท  Plain-English version

This page explains, in plain English, what data Gentoo Logic collects when you use our products (Cairn, Pebble, the Researcher, the App Builder), how we use it, who we share it with, and what choices you have. If anything below is unclear, email pdauderis@rookeryventuresllc.com and we will walk you through it.

1. What we collect

Account information

When you sign up, we collect your name, email address, and the venture or organization you represent. If you pay us, our payment processor handles your card details โ€” we never see the full card number.

Email content (when you connect Gmail)

Pebble โ€” our inbox agent โ€” needs to read your email to triage it and draft replies. When you connect a Google account, we read message contents, subject lines, sender and recipient addresses, attachments, and labels. We only act inside the account you connected. We do not look at messages outside the connected account.

Calendar events (when you connect Google Calendar)

Pebble reads your calendar to schedule meetings and surface conflicts. We see event titles, times, attendees, and locations for the connected account.

Contacts (when you connect Google Contacts)

With your permission, we read your contacts to build a working address book for your venture. We see names, email addresses, phone numbers, and any notes you have written into the contact record.

Files (when you connect Google Drive)

Pebble can organize files it creates on your behalf โ€” proposals, briefs, meeting notes. We do not scan your full Drive unless you have explicitly enabled a Drive-scan feature; if you have, that scan is read-only and is described in the feature's consent screen.

OAuth tokens

When you connect a Google account we receive an access token and a refresh token. We store these encrypted at rest and use them only to perform the actions you have authorized. You can revoke them at any time at myaccount.google.com/permissions or by clicking Disconnect in the app.

Usage data

We collect basic logs about how the product is used โ€” pages visited, features clicked, errors hit. These logs help us fix bugs and improve the product. They contain device and browser information but not the contents of your messages or files.

2. How we use it

We use the data above to run the product you signed up for โ€” nothing more. Specifically:

We do not sell your data. We do not use the contents of your messages, calendar, contacts, or files to train AI models โ€” neither our own models nor third-party models. The only data that ever leaves your tenant in an aggregated form is anonymous "what kind of decision was made and how it was handled" telemetry, and you can turn that off in Settings โ†’ Privacy.

3. Who we share it with

We share data only with the service providers we need to run the product:

We do not share your data with advertisers, data brokers, or third-party analytics platforms. If we are ever required by law to disclose data (court order, subpoena), we will notify you unless the legal order prohibits notice.

4. How long we keep it

5. Your rights and choices

You have rights over your data. We honor these rights for everyone โ€” not only people in jurisdictions where the law requires it.

To exercise any of these, email pdauderis@rookeryventuresllc.com. We will respond within 30 days.

6. Security

We do the basics carefully. OAuth tokens are encrypted at rest. Data in transit is encrypted with TLS. Database access is limited to the service accounts that need it, and every access is logged. Tenant data lives in tenant-scoped collections that the database rules prevent from being read across tenants โ€” the isolation is enforced in code, not just policy.

We are a small team and we do not pretend to be SOC 2 certified โ€” we are not. We will tell you what we are and are not. If a breach happens that affects your data, we will notify you within 72 hours of discovering it, with what happened, what data was involved, and what we are doing about it.

7. Children

Gentoo Logic is a B2B product. It is not designed for, marketed to, or intended for use by anyone under 16. We do not knowingly collect personal information from anyone under 16. If you believe we have, email us and we will delete it.

8. Changes to this policy

We update this policy as the product changes. When we make a material change โ€” anything that affects what we collect, how we use it, or who we share it with โ€” we will email everyone with an active account and update the "last updated" date at the top of this page. You will see the change in your dashboard before it takes effect.

9. Contact

Gentoo Logic is operated by Rookery Ventures LLC. For any privacy question, data request, or complaint, email pdauderis@rookeryventuresllc.com. For everything else, see gentoologic.com.