Legal

Privacy Policy

TypeDuck is operated by TQDM Inc. This policy explains what data we process to provide the TypeDuck web app, connectors, and agent tools.

Controller

TQDM Inc., 1111B S Governors Ave, STE 23256, Dover, DE 19904, USA

Email: [email protected] | Phone: +1 (814) 524-5685

Data processed

  • Account data such as email address, display name, organization membership, roles, sessions, and authentication events.
  • Workspace data such as teamspaces, chats, uploaded files, documents, support messages, audit logs, and agent run metadata.
  • Connector configuration such as connector installation state, authorized accounts, selected resources, resource grants, and audit events.
  • Google OAuth data when you connect Google Drive, including Google profile email, granted OAuth scopes, encrypted access and refresh tokens, Drive folder metadata, and file content or metadata from folders you select.
  • Technical server logs such as IP address, timestamp, request path, user agent, status code, and error messages.
  • We do not sell personal data and do not use Google user data for advertising.

Purpose and legal basis

  • Provide the TypeDuck application, account access, organization management, chat, memory, file, and connector features.
  • Authenticate users, maintain sessions, enforce permissions, and protect the service from abuse.
  • Let authorized agents read selected connector resources and write outputs where you have enabled write permissions.
  • Maintain operational logs, diagnostics, security audit trails, and service reliability.
  • Legal basis: performance of a contract for providing the service; legitimate interests for security, reliability, and audit logs; consent where required for optional connector authorization.

Google Drive data and Limited Use

  • TypeDuck accesses Google Drive only after you authorize the Google Drive connector through Google OAuth.
  • TypeDuck uses Google Drive data only to provide user-facing connector functionality: listing folders for selection, reading files from selected folders, and writing outputs to permitted folders according to your configured grant.
  • Google Drive OAuth tokens are stored encrypted and are used only to perform actions requested by the product or by an authorized agent acting in your workspace.
  • TypeDuck does not use Google Drive data for advertising, does not sell Google user data, and does not transfer Google user data except as necessary to provide or improve user-facing features, comply with law, or protect security.
  • TypeDuck use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Storage and deletion

  • Account and workspace data is stored while you use the service.
  • Connector tokens are stored encrypted and can be revoked by disconnecting the connector or revoking access in the provider account.
  • You may request deletion of your account or workspace data by contacting us.
  • Some operational logs, backups, and audit records may persist for a limited period where required for security, legal compliance, or service integrity.

Sharing of data

  • We share data with technical service providers only as needed to operate the service, such as cloud hosting, storage, email delivery, and infrastructure monitoring.
  • Connector data may be sent to the third-party service you authorized when performing connector actions.
  • We may disclose data if required by law or to protect the rights, safety, and security of users, the public, or the service.
  • No advertising data sale, no brokered sale of personal information, and no use of Google user data for ad targeting.

International transfers

  • As a US company, data may be processed in the USA and other regions where our infrastructure or providers operate.
  • For EU and UK users, transfers may rely on Standard Contractual Clauses and supplementary technical and organizational measures where applicable.

Cookies and local storage

  • We use HTTP-only cookies for authentication sessions.
  • We may use local storage for user interface preferences such as theme.
  • We do not use third-party advertising cookies in the TypeDuck app.

Security

  • We use technical and organizational measures designed to protect data against loss, misuse, and unauthorized access.
  • Traffic is encrypted via TLS. Sensitive connector credentials and tokens are encrypted at rest.
  • Please secure your email inbox, Google account, devices, and workspace membership because they can provide access to your TypeDuck account and connector grants.

Your rights

  • Depending on your location, you may have rights to access, correct, delete, restrict, object to, or export personal data.
  • You may withdraw optional connector authorization by disconnecting the connector or revoking access at the provider.
  • You may contact us to exercise privacy rights or ask questions about this policy.
  • Contact: [email protected]

Changes and contact

  • This privacy policy may be updated as the service changes. The current version is published here.
  • TQDM Inc., 1111B S Governors Ave, STE 23256, Dover, DE 19904, USA
  • Email: [email protected] | Phone: +1 (814) 524-5685

Last updated: June 25, 2026