How Joyflow handles workspace data.

Joyflow collects the information needed to run a workspace for real work: account identifiers, name, email, authentication status, workspace and channel settings, business profile information, chats, messages, tasks, approvals, saved skills, uploaded knowledge documents, connector settings, permissions, usage events, durable run records, audit logs, and support communications.

During local preview or seeded demo mode, Joyflow may use sample workspace data so the product can be tested without a production account. Production workspaces use the account, workspace, and connector data supplied by you, your workspace, or the services you authorize.

If you connect another service, Joyflow may process the account details, selected resources, OAuth tokens, API responses, files, emails, calendar events, CRM records, payment records, analytics reports, support tickets, project data, message metadata, and other content the provider makes available under the permissions you grant.

Joyflow supports managed app connections, direct OAuth integrations, built-in file and web ingestion tools, and bridge connectors such as webhooks or automation platforms. The exact data processed depends on the connector, the scopes you authorize, the resources you select, and the tool calls you approve or allow.

We use this information to run Joyflow, sign users in, resolve their workspaces, show chats and channels, ground agent responses, run registered tools, route approvals, keep audit records, process uploads, enforce usage limits, improve reliability, prevent abuse, debug errors, secure the service, and communicate about the service.

Joyflow does not give agents an open browser. Agents act through registered tools. Tool calls pass through validation, policy checks, and audit logging before anything external or higher-risk can happen.

Messages, business context, selected knowledge, connector results, and tool schemas may be sent to configured AI providers so Joyflow can answer or complete requested work. Joyflow tries to send only the context needed for the current request.

AI output can be inaccurate or incomplete. Review generated content, tool proposals, and approval drafts before relying on them for business, legal, financial, medical, or safety-sensitive decisions. Do not submit information to Joyflow that you are not authorized to process with AI providers or connected services.

Connector credentials, OAuth tokens, bridge secrets, selected resources, and provider account labels are stored so Joyflow can run the tools you authorize. Production token storage is designed to use encrypted secrets, provider scopes, workspace permissions, and revocation flows when a connector is disconnected or no longer needed.

Workspace policies, resource selections, and human approval rules can further restrict what connected tools may do. Disconnecting a provider inside Joyflow may not remove every permission at the provider level, so you may also need to revoke access in the external provider's own account settings.

We may share information with vendors that help host, secure, authenticate, analyze, or operate Joyflow. This can include database, authentication, infrastructure, AI, email, and observability vendors. These vendors are expected to process information only for the services they provide to Joyflow.

We may disclose information when required by law, to protect the service or users, to investigate abuse, in connection with a business transfer, or with your direction through product features such as connectors, approvals, exports, or share links.

Joyflow does not sell personal information, and it is not designed to share personal information for cross-context behavioral advertising. If that changes, this policy will be updated before those practices are used.

Joyflow keeps workspace records for as long as needed to provide the service, meet security and audit needs, comply with legal obligations, resolve disputes, and enforce agreements. Audit logs and approval history may be kept longer because they explain what happened.

Account owners can request deletion or export of eligible account and workspace information. Deleting connector access may require revoking access both inside Joyflow and directly with the external provider. Some records may remain in backups, logs, audit trails, or legal records for a limited period when retention is required for security, compliance, dispute resolution, or fraud prevention.

Depending on where you live, you may have rights to access, correct, delete, export, or object to certain uses of personal information. You can also limit connector access by disconnecting providers, changing workspace settings, or removing uploaded knowledge.

For users in regions with privacy laws such as the GDPR, UK GDPR, CCPA/CPRA, or similar laws, Joyflow processes personal information under bases such as providing the service, legitimate business interests, consent where required, and legal obligations. You can contact us to exercise applicable privacy rights.

Joyflow may use cookies, local storage, or similar technologies for authentication, session continuity, security, preferences, and product functionality. The public site and app may also collect limited usage and diagnostics information to understand reliability and improve the service.

You can control cookies through your browser settings, but disabling necessary cookies may prevent sign-in, workspace access, or other product features from working correctly.

Joyflow is intended for business users and is not directed to children under 13. Do not use Joyflow to collect children's personal information unless your deployment has the necessary notices, consents, and controls.

We use administrative, technical, and organizational safeguards to protect information. No system is perfectly secure, so teams should use strong authentication, least-privilege connector scopes, careful workspace permissions, and human review for sensitive actions.

If we make material changes to this policy, we will update the effective date and provide additional notice when legally required.