← Back to Baldo

Privacy Policy

Last updated: May 19, 2026

Baldo ("we", "us", "our") operates an AI-powered personal assistant accessible via WhatsApp and SMS at baldo.ai (the "Service"). This Privacy Policy explains how we collect, use, store, and protect your information.

1. Information We Collect

Information you provide directly:

• Messages: Text messages you send to Baldo via WhatsApp or SMS.
• Phone number: Your WhatsApp or SMS phone number, used to identify your account.
• Display name: Your WhatsApp profile name.
• Contact form submissions: Email address and message content if you use the contact form on our website.

Information from connected services (with your explicit consent):

• Google account data: If you choose to connect your Google account, we access your Gmail messages, Google Calendar events, and Google Drive files (read-only) to provide assistant features. We store OAuth tokens to maintain this connection.
• Microsoft account data: If you choose to connect your Outlook account, similar email and calendar access applies.

Information collected automatically:

• Usage data: Message counts, timestamps of interactions, and onboarding progress.
• Subscription data: Payment status and subscription period (payment details are processed by Stripe and never stored on our servers).

2. How We Use Your Information

• To provide, maintain, and improve the AI assistant Service.
• To process and respond to your messages using AI (Anthropic Claude).
• To manage your Google or Microsoft account integration at your request.
• To process subscription payments through Stripe.
• To build a personalized memory of your preferences and context to improve responses over time.
• To respond to your contact form inquiries.

3. Google Workspace API Data Use and AI/ML Disclosure

Baldo does not use any Workspace API data to develop, improve, or train generalized or non-personalized AI models. By default, Workspace data is read just-in-time to answer your current message, passed once to the language model as a tool result, and not retained beyond the active conversation context.

With your explicit, per-source opt-in (which you control and can withdraw at any time), Baldo may save a small number of durable personal facts it derives from a connected source you have enabled — for example a family member's name from a recurring calendar event, or an upcoming trip — into your own private memory so it does not have to ask you again. These derived facts are used only to personalize your assistant for you. They are never used to develop, improve, or train any AI model, and never shared with third parties. You can ask Baldo to forget any of them, or turn the source off, at any time, and turning a source off stops any further facts from being saved from it. This setting is off for every source until you turn it on.

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), we process your data under the following legal bases:

• Consent: By messaging Baldo, you consent to the processing of your messages. You may withdraw consent at any time by stopping use of the Service.
• Contract performance: Processing necessary to provide the Service you have subscribed to.
• Legitimate interest: Improving the Service, preventing abuse, and ensuring security.

5. Third-Party Services

We share data with the following third parties only as necessary to provide the Service:

• Anthropic (Claude AI): Your messages are sent to Anthropic's API for AI processing. Anthropic's privacy policy applies to their processing. Messages sent via the API are not used to train Anthropic's models.
• Meta / WhatsApp: Message delivery via WhatsApp Cloud API, subject to Meta's privacy policy.
• Google: Gmail, Calendar, and Drive access when you connect your Google account, subject to Google's privacy policy.
• Stripe: Payment processing, subject to Stripe's privacy policy. We do not store your credit card details.
• Google Cloud Platform: Infrastructure hosting (Firestore database, Cloud Run compute) in the United States (us-central1 region).

We do not sell, rent, or trade your personal information to any third party.

6. Data Storage and Retention

• Messages: Recent conversation history is cached for up to 24 hours to maintain context. Older sessions are consolidated into summarized memories.
• Memories: Long-term memories are subject to automatic salience decay. Frequently accessed memories are retained; unused memories fade and are eventually deleted. Memories you have opted to let Baldo derive from a connected source (calendar, email, or photos) are stored privately alongside the rest of your memory, tagged with their origin, and can be removed at any time on request or by turning that source off.
• Account data: Retained for the duration of your active account. Upon cancellation, data is retained for up to 30 days before deletion.
• Contact submissions: Retained as long as necessary to respond to your inquiry.
• Google/Microsoft tokens: Stored encrypted and retained while the integration is active. Revoke access at any time through your Google or Microsoft account settings.

7. International Data Transfers

Your data is processed and stored in the United States on Google Cloud Platform. If you are located outside the United States, your data will be transferred to and processed in the US. By using the Service, you consent to this transfer. For EEA users, we rely on Standard Contractual Clauses and adequacy decisions where applicable.

8. Your Rights

For all users:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your data.
• Disconnect your Google or Microsoft account at any time.

Additional rights for EEA residents (GDPR):

• Right to data portability.
• Right to restrict processing.
• Right to object to processing based on legitimate interest.
• Right to withdraw consent at any time.
• Right to lodge a complaint with your local data protection authority.

Additional rights for California residents (CCPA):

• Right to know what personal information is collected and how it is used.
• Right to delete personal information.
• Right to opt-out of the sale of personal information. We do not sell your personal information.
• Right to non-discrimination for exercising your privacy rights.

To exercise any of these rights, contact us using the contact form on our website.

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (TLS), secure cloud infrastructure, and access controls. However, no method of electronic transmission or storage is 100% secure.

10. Children's Privacy

The Service is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11. Cookies

Our website does not use cookies or tracking technologies. No analytics or advertising scripts are loaded.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the Service after changes constitutes acceptance of the revised policy.

13. Contact

For privacy-related inquiries or to exercise your rights, please use the contact form on our website.