CloaBack to home

Privacy Policy

Last updated: May 3, 2026

About this policy

This Privacy Policy describes how Cloa ("we", "us", or "our") collects, uses, shares, and protects information when you use the Cloa AI assistant across our mobile app, voice calls, web interfaces, and Telegram personas. Cloa is operated by the Cloa team and accessible at https://cloahq.com. By using Cloa, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the service.

Information we collect

Cloa collects three categories of information. (1) Information you provide directly: your account email, conversation messages, voice transcripts, photos you share, and content you create through Cloa. (2) Data from connected third-party services that you authorize: when you connect Google services or other integrations (Notion, Slack, Telegram), Cloa receives only the data needed to power the features you enable, and only at the permission level you choose (Off, Ask First, or Always). (3) Basic product analytics via PostHog such as screen views, feature usage, and performance metrics. We do not analyze the content of your conversations for analytics purposes.

Google user data — what we access and why

When you connect a Google service to Cloa, you authorize specific OAuth scopes corresponding to the features you enable. The Google user data Cloa accesses includes: Gmail messages and drafts (to read context, compose, and send email on your behalf), Calendar events (to read your schedule and create events), Drive files (to read or save documents you reference), Docs / Sheets / Slides (to read and edit documents you point Cloa to), Contacts (to look up people when scheduling or messaging), Tasks (to read and manage your task lists), and Meet meeting links (to create video meetings). Cloa accesses each scope only when you explicitly enable the corresponding feature, and only to perform actions you request or proactive features you have turned on. We do not access any Google data for purposes outside the user-facing features of Cloa.

Google API Services User Data Policy

Cloa’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy (https://developers.google.com/terms/api-services-user-data-policy), including the Limited Use requirements. Specifically, Cloa commits to: (a) using Google user data ONLY to provide or improve user-facing features that are prominent in the requesting application; (b) NOT transferring Google user data to others except as necessary to provide or improve user-facing features, to comply with applicable law, or as part of a merger, acquisition, or sale of assets, in which case affected users will be notified; (c) NOT using or transferring Google user data for serving advertisements, including retargeted, personalized, or interest-based advertising; (d) NOT allowing humans to read Google user data unless we obtain your affirmative agreement, it is necessary for security purposes (such as investigating abuse), required to comply with applicable law, or for internal operations and only after the data has been aggregated and anonymized.

How we use your data

Your data is used to power Cloa’s memory, actions, and proactive features. Conversation history builds your long-term memory so Cloa can recall context across sessions. Connected service data enables Cloa to take actions on your behalf (sending email, scheduling meetings, reading documents you reference). Voice transcripts are stored so Cloa can maintain conversation continuity across calls and chat. We never sell your data, and we never use Google user data to train models for other users. Aggregated, de-identified usage metrics may be used to improve Cloa for everyone.

Integration permissions

Every integration connects through the service’s own secure sign-in. For each connected service you control the permission level individually: Off (no access), Ask First (Cloa asks before reading or writing), or Always (Cloa acts independently within the access you granted). You can change or revoke any permission at any time from the Cloa app settings or directly via the third-party provider (for example, your Google Account connections page). Cloa only accesses what you have explicitly granted. Revoking a permission stops new accesses immediately.

When we share your data

We share your information only as necessary to operate the service. (1) AI model providers (e.g., Anthropic, Google, OpenAI) process your messages under data-processing agreements that prohibit them from training on or retaining your data beyond the request. (2) Infrastructure providers (Supabase, Railway, Cloudflare) host encrypted storage and compute. (3) Speech-to-text providers process voice audio in real time for voice calls. (4) Payment processors (RevenueCat, App Store, Play Store) handle subscription billing and only see purchase metadata, not your content. (5) Legal compliance when required by law, court order, or to protect rights and safety. We do NOT sell your data, we do NOT share Google user data with advertisers or data brokers, and we do NOT transfer Google user data to any third party for purposes other than the user-facing functionality of Cloa.

Data storage & security

Your data is stored on encrypted infrastructure. OAuth tokens and integration credentials are encrypted at rest using industry-standard symmetric encryption with rotatable keys. Data in transit is protected with TLS 1.2+. Access to systems holding user data is restricted by role-based access control with audit logging. We follow industry-standard security practices including secret management, dependency scanning, and regular security review. Voice call audio is processed in real time and transcripts are stored under the same encryption as text messages.

Data retention & deletion

Your conversation history and memory persist as long as your account is active — that is the point of persistent memory. You can delete specific memories or threads at any time from within the app. If you delete your account, all associated data including OAuth credentials, conversations, voice transcripts, and Google user data Cloa has stored is permanently removed within 30 days. If you revoke a Google integration through your Google Account or through Cloa, the corresponding tokens are deleted immediately and Cloa will no longer access that service. You can also request export or deletion of your data at any time by emailing [email protected] — we respond within 30 days.

Your rights

You can access, correct, export, or delete your data at any time. Account deletion can be initiated from within the Cloa app. For EU and UK residents, you have rights under GDPR including access, portability, rectification, erasure, restriction, and objection. For California residents, you have rights under CCPA and CPRA including the right to know, delete, and opt out of any sale of personal information (note: Cloa does not sell personal information). To exercise any of these rights or ask a privacy question, contact [email protected] — we respond within 30 days.

Changes to this policy

We may update this policy as Cloa evolves. Significant changes will be communicated through the app or via email to the address on your account. If a change materially affects how Cloa processes Google user data, you will be notified before the change takes effect. Continued use after changes take effect constitutes acceptance.

Contact us

For questions about this policy, your data, or Cloa’s privacy practices, contact us at [email protected]. Cloa is operated from Singapore.

Questions about privacy? [email protected]

Cloa