Privacy Policy

Last updated: February 18, 2026

1. Introduction

Gold-B's Agent ("the Application", "we", "our") is a self-hosted WhatsApp automation platform that runs entirely on the user's own hardware. This Privacy Policy explains how the Application handles data, including information accessed through Google APIs.

By installing and using Gold-B's Agent, you ("the User") agree to the practices described in this policy.

2. Self-Hosted Architecture

Gold-B's Agent is designed as a self-hosted, privacy-first application:

3. Google API Services — Data Access & Usage

The Application optionally integrates with Google services via OAuth 2.0. Each integration is independently enabled by the user. The Application requests the following scopes:

Google API ScopePurposeData Accessed
spreadsheets Log incoming leads and export data to Google Sheets Read and write rows in user-specified spreadsheets
drive.file Store documents created by automation rules in Google Drive Create and read files that the Application itself created (no access to other Drive files)
gmail.modify Read incoming emails for lead processing and send automated email replies Read, send, and manage labels on emails in the connected Gmail account
calendar.events Create calendar reminders and events triggered by automation rules Create and edit events in Google Calendar
userinfo.email Identify the connected Google account in the admin panel Email address of the authenticated Google account

3.1 How Google Data Is Used

3.2 How Google Data Is Stored

3.3 How Google Data Is Shared

Gold-B's Agent does not share Google user data with any third parties. All data processing occurs locally on your machine. We do not sell, rent, license, or disclose Google user data to anyone.

3.4 Google API Services User Data Policy Compliance

Gold-B's Agent's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements:

4. Other Data Handling

4.1 WhatsApp Messages

Incoming and outgoing WhatsApp messages are processed locally by the gateway container. Message content may be sent to the user's configured AI provider (e.g., Google Gemini, OpenAI) for generating responses. This is governed by the respective AI provider's privacy policy and the user's own API key agreement.

4.2 Configuration Data

All settings, rules, templates, keywords, and credentials are stored locally on your machine in a dedicated application directory. Sensitive credentials are encrypted using platform-native encryption (Windows DPAPI) or AES-256-GCM.

4.3 Usage Analytics

The Application collects local usage metrics (message counts, rule matches, token usage) stored as local NDJSON files with automatic 90-day retention. These metrics are never transmitted externally.

5. Data Retention & Deletion

6. User Rights

Since Gold-B's Agent is self-hosted, you have full control over your data:

7. Security Measures

8. Children's Privacy

Gold-B's Agent is not intended for use by individuals under the age of 18. We do not knowingly process data from minors.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected in updated versions of the Application. The "Last updated" date at the top of this page indicates the most recent revision.

10. Contact

If you have questions about this Privacy Policy or the Application's data practices, please contact us by opening an issue on our public support repository or by email at goldb.agent.support@gmail.com.