How Frondesk handles your data
Frondesk connects to the accounts you already use — your email, calendar, and the projects you choose to link. Because those are real, sensitive accounts, we hold ourselves to a clear standard: access only what a request requires, keep the little we store encrypted, never sell your data, and let you disconnect at any time. This page explains, in plain terms, how we handle your information.
We never see your password
Sign-in happens on Google's or Microsoft's own screen. We only receive a revocable token.
Encrypted & isolated
Your content stays on the services you connect. The tokens we hold are encrypted at rest, and each user's desks are fully isolated.
You're in control
Revoke access, opt out of human review, or delete everything whenever you want.
1 · What we collect
We collect only what Frondesk needs to act as your concierge, and we deliberately keep it minimal:
- Account details — your name, email, and mobile number, so we can create your account and reach you on your one number. If you sign up with an email and password, your password is stored only as a salted hash — never in plain text.
- Connection tokens — the revocable access tokens Google, Microsoft, or another service hand us after you approve access. When you link an account through Google or Microsoft, sign-in happens on their own screen and that password never reaches us.
- Content you route through Frondesk — the emails, calendar events, contacts, files, or project data Frondesk reads or writes to carry out a request. We process this only in the moment, to complete the task; the content stays on the connected service and we do not keep our own copy.
- Operational metadata — timestamps, which desk a request touched, and delivery status, used to run the service and keep your number healthy.
You choose the scopes for each connection when you link it, and can narrow or widen them any time in Settings. Frondesk only requests what a job needs.
2 · How we use it
Your data is used to do the thing you asked — and little else:
- To run your requests — reading, drafting, sending, scheduling, or saving across the accounts you've connected.
- To route between channels and desks — powering the automations you set up.
- To keep your number trustworthy — using known contacts so WhatsApp and SMS don't flag your line.
- To operate and secure the service — diagnosing errors, preventing abuse, and meeting legal obligations.
We do not use the content of your emails, messages, or files to build advertising profiles, and we never sell your data.
3 · AI processing & human review
Frondesk is an AI concierge, so your requests are processed by large language models to understand what you want and carry it out. Being clear about this matters:
- Automated by default. The vast majority of requests are handled entirely by AI, with no human ever reading your content.
- Limited human review. A small, access-controlled team may review a sample of conversations and transcriptions to debug problems and improve accuracy — for example, when you report an issue, or when a request fails. Reviewed data is minimized and tied to operational need.
- You can opt out. Turn off human review of your conversations in Settings → Privacy at any time; we'll still process your requests with AI, just without sampling them for review.
- Not for model training without consent. We do not use your private content to train third-party foundation models. Any internal quality work happens on minimized, access-limited data.
You can request the transcription & review log for your account — a record of when your content was reviewed and why — from your privacy settings or by contacting us.
4 · When we share data
We share the minimum necessary, and only with:
- The providers you connect — e.g. Google or Microsoft — to carry out your requests on those accounts.
- Infrastructure & AI subprocessors — vetted vendors that host the service and run model inference under contract, bound to confidentiality and to using data only to provide their service to us.
- Messaging carriers — WhatsApp/SMS gateways needed to deliver your messages.
- Legal & safety — where required by law, or to protect people and prevent fraud or abuse.
We never sell personal data, and we don't share it with advertisers.
5 · How long we keep it
The short version: we store as little as possible, and your conversations aren't part of it.
- Your conversations & content — Frondesk reads your messages, emails and calendar directly from the connected channels (WhatsApp, SMS, Gmail, Outlook and the like) to carry out each request. We don't keep our own copy: that content lives on those services, and we don't retain your message or request history.
- Connection tokens — kept, encrypted, until you disconnect the desk or delete your account. These are the main thing we hold, so Frondesk can reach your accounts on your behalf.
- Account details — your name, email and number, kept while your account is active.
- Review samples — if you haven't opted out, a minimized sample may be held only as long as a specific debugging or quality task needs, then deleted.
- On deletion — when you delete your account we remove your stored details and revoke your tokens, except the minimum we're legally required to retain.
6 · How we protect it
Security is built into the routing, not bolted on:
- OAuth only — we authenticate through the provider; your password never reaches us.
- Encryption — tokens are encrypted at rest (AES-256-GCM) and all traffic is encrypted in transit.
- Verified identity — which account a request may act on comes from a signed, verified signal — never from text a sender types.
- Per-user isolation — your account is reachable only by your own concierge.
- Least privilege — Frondesk requests only the scopes a job needs, and you can revoke them at the provider any time.
7 · Your rights & controls
You can, at any time:
- Access & export your data, including your transcription & review log.
- Correct your account details.
- Delete your account and connected data.
- Revoke any connection, from Frondesk or from the provider directly.
- Opt out of human review of your conversations.
Depending on where you live, you may have additional rights under laws like GDPR or CCPA. We honor them — just reach out.
8 · Contact
Questions, requests, or concerns about your privacy? Email privacy@frondesk.ai and a real person will get back to you. Since Frondesk is in beta, this policy may evolve — we'll flag material changes in the app before they take effect.