Last updated: April 2026
We collect information you provide directly: your name, email address, and credentials when you create an account. When you connect third-party services (Gmail, Slack, Google Calendar, etc.) through Nango, we store OAuth access tokens encrypted at rest — we never see your third-party passwords. We collect usage data (messages sent to Leo, features used, timestamps) to improve the service. We do not sell your personal data to third parties.
We use your data to: (a) provide and personalize the Leo AI service; (b) send transactional emails (invitations, password resets); (c) analyze aggregate usage to improve features; (d) comply with legal obligations. Your messages and documents are processed by Anthropic's Claude models — Anthropic's usage policy applies to API data. We do not use your data to train external AI models.
Your data is stored in Turso (libSQL), a distributed SQLite database hosted on AWS. OAuth tokens are encrypted with AES-256 before storage. All data in transit is encrypted via TLS 1.3. We implement access controls so each user can only access data from their own organizations.
When you connect integrations (Gmail, Slack, HubSpot, etc.), Leo accesses those services on your behalf using credentials you authorize. You can disconnect any integration at any time from the Integrations page, which revokes Leo's access. We use Nango to manage OAuth flows securely — Nango's privacy policy also applies.
We retain your account data for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except where required by law. Chat history and documents are retained while your account is active. You may request deletion of specific data by contacting us.
Depending on your jurisdiction, you may have the right to: access the personal data we hold about you; correct inaccurate data; request deletion of your data; export your data in a portable format; object to certain processing. Contact us at privacy@yourleo.ai to exercise any of these rights.
We use a single session cookie (http-only, secure) to maintain your login. We do not use tracking cookies or third-party advertising cookies. We do not use Google Analytics or similar tracking.
yourleo.ai is not intended for children under 16. We do not knowingly collect data from children under 16. If you believe a child has provided us data, contact privacy@yourleo.ai.
We may update this policy. We will notify you by email or in-app notice for material changes. Your continued use after notification constitutes acceptance.
For privacy questions: privacy@yourleo.ai yourleo.ai — Leo AI Inc. Houston, TX, USA