Privacy Policy – Jarvis AI Assistant

1. Overview

Jarvis AI Assistant ("Jarvis", "we", "us") is a personal productivity assistant that integrates with Google Workspace, Microsoft 365, and other third-party services to help authorised users manage their calendar, email, tasks, and daily information needs.

This Privacy Policy explains what data Jarvis collects, why it collects it, how it is stored and protected, and your rights over that data. We are committed to handling your data responsibly and in compliance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

            Personal Use App: Jarvis is designed as a private personal assistant for
            authorised individuals, not a public multi-tenant SaaS product. Access is restricted to
            explicitly authorised accounts.
        

2. What Data We Collect

2.1 Google Workspace Data

When you authorise Jarvis via Google OAuth 2.0, we access the following Google services on your behalf:

Google Service	Data Accessed	Purpose
Gmail	Email metadata, subject, sender, body, attachments	Search, read, summarise, send, and reply to emails on your command
Google Calendar	Calendar events, dates, times, attendees	View, create, update, and delete events on your command
Google Tasks	Task titles, due dates, lists	List, add, and complete tasks on your command
Google Drive	File metadata and content for files you instruct Jarvis to access	Upload and organise files on your command
Google Profile	Name, email address, profile photo	Create your Jarvis user account and display your identity

            Key principle: Jarvis only accesses Google data when you explicitly
            request an action (e.g., "show my calendar for today"). Data is fetched in real time
            and is not bulk-downloaded or stored permanently in Jarvis databases.
        

2.2 Microsoft 365 Data (Optional)

If you sign in with Microsoft, we access Outlook email and Microsoft Calendar under the same on-demand principle described above. Only the scopes Mail.ReadWrite, Mail.Send, and Calendars.ReadWrite are requested.

2.3 Profile Information You Provide

First name, last name
Home and work address (used for commute time and navigation queries)
Contact aliases (e.g., "accountant" → email address)
Morning digest preferences (WhatsApp number, delivery time, channel)
Preferred AI model

2.4 Conversation History

Jarvis stores your conversation messages in Google Firestore to maintain context across sessions. Older messages are progressively summarised rather than deleted, so that context is preserved while staying within AI model limits. The full context — including these summaries and recent messages — is sent to the AI model on each request to enable coherent multi-turn conversations. Time-sensitive responses (weather, live scores, search results) are not stored.

2.5 Uploaded Documents (Jarvis Vault)

Documents you upload to the Jarvis Vault are processed into text chunks and stored as vector embeddings in a Neon serverless PostgreSQL database. Original file content is not stored — only the processed text chunks and their mathematical embeddings.

2.6 Voice Audio

When you use voice input, audio is sent to Google Cloud Speech-to-Text for transcription. Audio bytes are not stored by Jarvis after transcription. For WhatsApp voice notes, the transcribed text is processed and the audio is discarded.

2.7 WhatsApp Messages

WhatsApp messages are received via Twilio. Message content is processed in real time to generate responses. Messages are treated as conversation inputs and are subject to the conversation history policy above.

2.8 Technical Data

OAuth access and refresh tokens (stored encrypted in Google Secret Manager and Firestore)
Session identifiers (stored in secure, signed browser cookies)
Application logs (retained for debugging; contain request metadata, not message content)

3. How We Use Your Data

We use the data collected solely to operate Jarvis features you request:

Executing commands on Google Workspace or Microsoft 365 services on your behalf
Maintaining conversational context to provide coherent multi-turn responses
Delivering the morning digest (calendar, email summary, weather, news) to your chosen channel
Searching your uploaded documents via vector similarity when you use Jarvis Vault
Authenticating your identity and maintaining a secure session

            We do not: sell, rent, or share your data with third parties for
            advertising or commercial profiling. We do not use your data to train AI models.
        

4. Third-Party Services

Jarvis relies on the following third-party services to function:

Service	Provider	Purpose	Data Sent
OpenAI API	OpenAI	Language model responses and text embeddings	Your message; conversation history context; and — only when you explicitly request an action — Google or Microsoft data retrieved on your behalf (e.g. email content, calendar event details, task titles); document chunks from Jarvis Vault
Google Cloud Platform	Google	App hosting, Firestore, Speech-to-Text, Text-to-Speech, Secret Manager	Application data, audio for transcription
Neon	Neon Inc.	Vector database for Jarvis Vault	Document text chunks and embeddings
Twilio	Twilio Inc.	WhatsApp messaging	WhatsApp message content
Firebase Authentication	Google	Email/password sign-in	Email address and hashed credentials
Google Maps API	Google	Travel time and directions	Origin and destination addresses
OpenWeatherMap	OpenWeatherMap Ltd.	Weather forecasts	Location name or coordinates

How your Google and Microsoft data is used with OpenAI:

When you ask Jarvis to perform an action involving your Google or Microsoft account (e.g. "summarise my latest emails", "what's on my calendar today?", "add a task"), Jarvis fetches the relevant data from Google or Microsoft on your behalf and sends it to OpenAI's API together with your request to generate an AI response. This is the core mechanism by which Jarvis works as an AI assistant — the AI model needs to see the actual content to act on it.

What this means in practice:

Email bodies and attachment text are sent to OpenAI when you ask Jarvis to read, summarise, or reply to emails
Calendar event details are sent when you ask about your schedule or create meetings
Task titles are sent when you ask to view or manage your task lists
Drive folder names and file metadata are sent when you ask Jarvis to organise files
Data is sent only in response to your explicit request — Jarvis does not batch-upload or pre-send your data

OpenAI processes this data under its Privacy Policy and API Usage Policies. By default, OpenAI does not use API data to train its models and retains it for up to 30 days for safety purposes. See OpenAI's data usage documentation for current details.

            Bring Your Own API Key (BYO Key):

            If you supply your own OpenAI or Google Gemini API key in your Jarvis profile, your
            messages and any fetched Google/Microsoft data are processed via your personal API
            account rather than the Jarvis server's account. Your key is encrypted with Fernet
            (AES-128) before storage and is never returned to the browser after being saved.
            Data handling in this mode is governed by the terms associated with your personal
            OpenAI or Google account.
        

Each third-party service has its own Privacy Policy. We encourage you to review the policies of OpenAI, Google, Neon, and Twilio for details on how they handle data transmitted to their platforms.

5. Data Storage and Security

5.1 Storage Locations

Google Firestore (australia-southeast1) — user profiles and conversation history
Google Secret Manager — OAuth tokens and API keys, encrypted at rest
Neon PostgreSQL — document embeddings for Jarvis Vault
Google Cloud Storage (australia-southeast1) — temporary voice audio files

5.2 Security Measures

All data in transit is encrypted via HTTPS/TLS 1.3
OAuth tokens are stored in Google Secret Manager with IAM-restricted access
Session cookies are cryptographically signed and use the HttpOnly flag
The application runs on Google Cloud Run with least-privilege service accounts
No sensitive credentials are stored in application code or environment variables in plaintext

5.3 Data Retention

Conversation history: Rolling 10-message window; cleared on logout or on request
User profile: Retained while your account is active
Vault documents: Retained until you delete them via the Jarvis Vault interface
Voice audio files: Automatically deleted after delivery (within minutes)
Application logs: Retained for 30 days via Google Cloud Logging

6. Your Rights

Under the Australian Privacy Act and applicable privacy laws, you have the right to:

Access: Request a copy of the personal data Jarvis holds about you
Correction: Update your profile information at any time via the My Profile page
Deletion: Delete your conversation history via the chat interface; delete Vault documents via the Jarvis Vault interface; request full account deletion by contacting us
Revoke OAuth access: Revoke Jarvis's access to your Google account at any time via Google Account Permissions
Data portability: Export your profile data via the Export Profile button on your profile page
Withdraw consent: Log out and revoke OAuth access at any time; this will prevent Jarvis from accessing your data

7. Google API Services User Data Policy

Jarvis's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

Google user data is used only to provide Jarvis features that are visible to and requested by the user
Google user data is transferred to OpenAI's API solely to generate AI responses to your explicit requests — this is the necessary and disclosed third-party transfer required to operate Jarvis as an AI assistant. No other third-party transfers of Google user data occur except as required by law
Google user data is not used for serving advertisements
Jarvis does not use your Google data to train AI or machine learning models. OpenAI's API, which processes this data, does not use API data for model training by default (see OpenAI's data usage policy)
Humans employed by Jarvis do not read your Google data. Data passes through automated systems only (Jarvis application and OpenAI API)

8. Children's Privacy

Jarvis is not intended for use by persons under 18 years of age. We do not knowingly collect personal information from minors. If you believe a minor has provided data to Jarvis, please contact us for immediate removal.

9. Changes to This Policy

We may update this Privacy Policy periodically. When we do, we will update the "Last Updated" date at the top of this page. Continued use of Jarvis after changes constitutes acceptance of the updated policy. For material changes, we will notify authorised users via their registered email address.

10. Contact Us

If you have questions about this Privacy Policy, your data, or want to exercise your privacy rights, please contact the Jarvis administrator via the Jarvis application. We aim to respond to all privacy enquiries within 30 days.