Privacy Policy: Governance.

To deploy your Autonomous Workforce, we require specific technical permissions to interface with your existing ecosystem. This involves the collection and use of:

• System Credentials: Temporary passwords, API keys, and OAuth secret tokens for platforms including, but not limited to, CRM, ERP, GRC, and Project Management Systems.
• Operational Context: Real-time data fetched via Model Context Protocol (MCP) to allow agents to "read" your inbox, check live database records, and execute business logic.
• Business Intelligence: Internal SOPs, case studies, and PDFs used to ground the agent's reasoning in your specific company "voice" and rules.

We treat your access keys as highly sensitive assets:

• Encrypted Storage: All API keys and passwords are stored in AES-256 encrypted vaults and are never shared with unauthorized third parties or stored in plain-text local files.
• Access Sunset Clause: Brine AI strictly mandates that clients rotate or revoke administrative passwords within 24 hours of successful integration completion.
• Least Privilege Access: Where possible, we utilize Service Accounts and limited-scope OAuth tokens to ensure our agents only see the data required to perform their specific role (e.g., SDR vs. Support).

Unlike standard "chatbot" agencies, Brine AI ensures your data remains your own:

• No AI Training: We guarantee that no customer data, email content, or internal business intelligence (from your ERP, GRC, or Project Management tools) accessed via our agents is ever used to train public or private Large Language Models (LLMs).
• Stateless Processing: Our MCP-driven agents function on a "stateless" basis—reading information to generate a response and discarding that context immediately after task resolution.
• Human-in-the-Loop Logs: All autonomous actions (emails sent, database updates) are logged and available for your review to ensure 100% transparency.

• Service Integrity: We do not sell, rent, or trade your mobile phone numbers, API data, or business information to third-party marketers or affiliates.
• Technical Partners: Data is only shared with essential third-party service providers (e.g., the LLM provider or hosting environment) under strict confidentiality agreements and solely for the purpose of executing your workflows.

You maintain absolute control over your autonomous workforce:

• Instant Revocation: You may revoke our access at any time by deleting the Google Cloud Web App or deactivating the API tokens we implemented in your CRM or ERP.
• Data Deletion: Upon termination of service, all Knowledge Base files and local configuration data will be purged from our systems.