How John handles business and Google account data.
John is a governed executive operations intelligence system operated by 24/7 Expedite, Inc. This Privacy Policy explains how John handles data when an authorized user or invited external account connects Google services to John.
1. Who this applies to
This policy applies to authorized 24/7 Expedite operators, affiliated business users, and invited external accounts that explicitly consent to connect Gmail, Google Calendar, Google Tasks, or Google Drive to John.
2. Data John accesses
- Gmail message metadata and message content required for inbox intelligence and approved reply/send workflows
- Google Calendar events required for approved scheduling and rollback-aware event execution
- Google Tasks data required for approved task creation, listing, and rollback-aware task execution
- Google Drive files and file metadata required for document intelligence, OCR, comparison, and controlled export flows
- Basic account identity data such as email address and profile information needed to associate a consented Google account with John
3. How data is used
- Summarize and classify business email
- Relate current threads to prior documents and historical evidence
- Support governed workflow actions such as approved task or calendar creation
- Maintain auditability, rollback, and source-freshness status for connected accounts
4. Google API data restrictions
Google user data accessed through Workspace and consumer Google APIs is used only to deliver John’s user-facing business features. John does not sell Google user data. John does not use Google user data for advertising. John does not use Google user data to train generalized AI models unrelated to the user-facing features requested by the connected account.
5. Sharing and disclosure
Data is shared only with service providers required to operate John, such as Google Cloud infrastructure, and only for hosting, storage, security, and application delivery. Data is not shared with third parties for marketing.
6. Retention and deletion
Access tokens, refresh tokens, audit trails, and operational records are retained only as needed to keep connected accounts functional, preserve rollback and governance evidence, and satisfy legitimate business recordkeeping needs. Connected users may request disconnection or deletion review by contacting tj.totaj@247expedite.com.
7. Security
John uses HTTPS, controlled cloud storage, operator-key gates, approval controls, and audit logging to protect data. Google account connections are explicit and revocable. Sensitive actions remain approval-gated.
8. Contact
Questions about this Privacy Policy or Google account access may be sent to tj.totaj@247expedite.com.