Privacy Policy
Last Updated: April 3, 2026
At Splice AI, we take your privacy and data security seriously. This Privacy Policy details what data we collect, how it is used, and the rights you have concerning your personal information when using our service.
1. What Data We Collect
To provide you with an automated and seamless AI assistant experience, Splice AI integrates directly with your existing tools. We collect:
- Account Information: Name, email address, and authentication credentials necessary to create and manage your account.
- Integration Data: Data retrieved from third-party services you explicitly authorize (e.g., Gmail, Google Calendar, WhatsApp, LinkedIn, X/Twitter, GitHub, Jira, Notion) via OAuth. This data is only used to execute the specific tasks you command.
- Usage Metrics: Anonymous telemetry regarding how you interact with Splice AI, such as the frequency of commands executed, to help us improve service performance.
- Agent Memory: Short summaries of your preferences and working context that the AI builds over time to personalise responses. You can view and delete these at any time from your account settings.
2. How We Use It
Your data is used strictly for the following purposes:
- Executing Commands: Operating the AI engine to draft emails, schedule social posts, arrange calendar events, or manage tasks as requested by you.
- Service Maintenance: Monitoring system health, addressing errors, and maintaining operational security.
- Communication: Sending you service updates, security alerts, and administrative messages.
3. How Long We Keep It
We believe in holding onto data only as long as it is actively useful to you:
- Integration Tokens: OAuth tokens are securely encrypted at rest. If an integration is disconnected, the associated tokens are immediately destroyed.
- Task & Conversation History: Retained while your account is active and purged upon account deletion.
- Account Deletion: Upon requesting account deletion, all associated personal data and integration tokens are deleted within 30 days.
4. User Rights
You retain full control over your data. Depending on your jurisdiction, you have the right to:
- Access: Request a copy of the personal data we hold about you.
- Delete: Request immediate deletion of your account and all associated data.
- Export: Download your data in a portable, machine-readable format.
- Revoke: Instantly revoke Splice AI's access to your connected third-party accounts at any time via your dashboard settings or directly through the third-party provider.
5. Third-Party Integrations & OAuth Compliance
Splice AI's core functionality relies on OAuth integrations. Below we describe each provider, what data is accessed, and our compliance commitment.
Google (Gmail & Calendar)
We request access to Gmail (read, compose, send) and Google Calendar (read, create, update) scopes. This data is used solely to execute your commands — reading emails you ask about, sending replies you approve, and managing calendar events.
Splice AI's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We never store Gmail message bodies beyond the active request, and we never expose your Google OAuth tokens to third parties or to our AI model providers.
We request OAuth access to your LinkedIn account to enable AI-powered social media management on your behalf. The scopes we request include w_member_social (create, edit, and delete posts and comments) and, where approved, r_member_social (read your posts, comments, and engagement data to power features such as reply drafting, performance analysis, and content suggestions).
LinkedIn data accessed through these scopes is used solely to execute actions you explicitly request within Splice AI. We do not sell, share, or use your LinkedIn data to train AI models. We do not scrape your LinkedIn network, contacts, inbox, or any data beyond the specific posts and comments relevant to your requested actions. LinkedIn data is retained only for as long as needed to complete your request and is deleted upon account disconnection or account deletion. Our use of the LinkedIn API complies with the LinkedIn API Terms of Use and LinkedIn's Professional Community Policies.
X (Twitter)
We request OAuth 2.0 access to post tweets on your behalf using the X API v2 (tweet.write scope). We do not read your DMs, followers, or timeline beyond what is necessary to confirm post success. Our use of the X API complies with the X Developer Agreement & Policy.
WhatsApp connectivity is provided via a local bridge that links to your existing WhatsApp account. Message content is processed in-memory solely to execute commands you give (e.g., "reply to this message"). We do not store the content of WhatsApp messages on our servers. Use of this feature must comply with WhatsApp's Terms of Service.
GitHub
We request OAuth access to your GitHub repositories to execute tasks you request (reading issues, creating PRs, etc.). We request only the minimum scopes required for the features you use. Our integration complies with GitHub's Terms of Service.
Jira & Notion
We access Jira issues and Notion pages using their official OAuth flows, scoped to the minimum permissions needed to read and create content on your behalf. We comply with Atlassian's and Notion's developer terms respectively.
6. GDPR & CCPA Compliance
For EU Users (GDPR): Splice AI acts as a Data Controller for your account information and a Data Processor for the content fetched from your integrations. We rely on your explicit consent and the necessity to fulfill our contract with you as lawful basis for processing.
For California Residents (CCPA): We do not "sell" your personal information, nor do we "share" it for cross-context behavioral advertising. You have the right to request disclosure of our data collection practices and request deletion of your data.
7. Contact Us
If you have questions about this Privacy Policy or wish to exercise any of your data rights, please contact our privacy team at: