What We Collect
- Account info (email, display name) from Google Sign-In or email login
- API keys you provide (encrypted with AES-256-GCM at rest)
- Chat messages and task history within your workspace
- Usage data (tasks run, credits used, features accessed)
What We Don't Collect
- We never read your decrypted API keys — they're encrypted before storage
- We don't access your workspace files except when your AI team needs to
- We don't sell or share your data with third parties
- If you use MCP key server, your keys never reach our servers at all
How We Use Your Data
- To provide and improve the GWC platform
- To route AI requests using your keys or credits
- To maintain billing and subscription status
- To improve AI task quality (anonymized, aggregated only)
Data Storage
All data is stored on Google Cloud Platform (Firestore) in the asia-southeast1 region. API keys are encrypted with AES-256-GCM. Workspace VMs are isolated per-user.
Your Rights
- Export: Download all your data anytime
- Delete: Request full account deletion
- Portability: Download your code and project files as ZIP
- Files are kept for 30 days after account cancellation, then permanently deleted
Third-Party Services
GWC integrates with services you connect (Google Cloud, Stripe, GitHub, AI providers). Each service has its own privacy policy. We only share the minimum data needed for the integration to work.
Contact
Questions about privacy? Email us at hello@gwc-corp.com.