← Back to Home

Privacy Policy

Last updated: February 10, 2026

1. Introduction

Green Monkey (“we”, “our”, “us”) operates the Green Monkey platform at app.greenmonkey.dev. This Privacy Policy explains how we collect, use, and protect your information when you use our service.

2. Information We Collect

Account Information

When you create an account, we collect your email address for authentication purposes. We use magic link email authentication — we do not store passwords.

Connected Services (Google APIs)

When you connect Google services (Gmail, Google Calendar, Google Drive), we request access through Google's OAuth 2.0 system. We store:

  • OAuth access tokens and refresh tokens (encrypted at rest)
  • Token expiration timestamps
  • The list of scopes you granted

We access your Google data only to perform actions you explicitly request or approve through the dashboard. Specifically:

  • Gmail: Reading recent emails, sending emails on your behalf (only when you approve an agent action)
  • Google Calendar: Reading calendar events, creating or modifying events (only when you approve an agent action)
  • Google Drive: Reading file metadata, searching files, uploading or downloading files (only when you approve an agent action)

AI Agent Configuration

We store your agent configurations, including identity settings, system prompts, tool configurations, and conversation history. This data is associated with your account and used solely to operate your agents.

LLM Provider API Keys

If you connect LLM providers (OpenAI, Anthropic, etc.), your API keys are stored encrypted. We use them only to make API calls on your behalf. We never share your API keys with third parties.

3. How We Use Your Information

We use your information to:

  • Authenticate you and maintain your session
  • Operate your AI agents as configured by you
  • Execute approved actions on connected services
  • Display relevant data in your dashboard
  • Process subscription payments via Stripe

We do not use your connected service data (emails, calendar events, files) for advertising, training AI models, or any purpose other than providing the service you requested.

4. Human-in-the-Loop & Action Approvals

Green Monkey uses a human-in-the-loop approval system. When an AI agent proposes an action that affects your connected services (sending an email, creating a calendar event, etc.), the action is queued for your explicit approval. No action is executed on your connected accounts without your consent.

5. Data Storage & Security

  • Data is stored in a PostgreSQL database hosted on Neon with SSL encryption in transit
  • OAuth tokens and API keys are encrypted at rest
  • Sessions are server-side and secured
  • The application is served over HTTPS

6. Data Sharing

We do not sell, rent, or share your personal data with third parties except:

  • Stripe: For payment processing (email and subscription data only)
  • LLM Providers: Your prompts and conversation data are sent to whichever LLM provider you configure (using your own API key)
  • Vercel: Our hosting provider processes web requests

7. Data Retention & Deletion

You can disconnect any connected service at any time from the dashboard, which deletes the stored tokens. You can request full account deletion by contacting us at privacy@greenmonkey.dev. We will delete all your data within 30 days of the request.

8. Google API Services User Data Policy

Green Monkey's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We only use Google user data to provide and improve user-facing features that are visible and prominent in the application's user interface.

9. Your Rights

You have the right to:

  • Access the data we hold about you
  • Disconnect any connected service at any time
  • Export your agent configurations
  • Request deletion of your account and all associated data
  • Revoke Google access at any time via Google Account Permissions

10. Changes to This Policy

We may update this policy from time to time. We will notify users of significant changes via email or a notice in the dashboard.

11. Contact

For privacy questions or data requests, contact us at privacy@greenmonkey.dev.