Privacy Policy

Pomelo Labs ("we", "our", or "us") operates the AI Marketing Team platform at https://www.pomelolabs.ai. This Privacy Policy explains how we collect, use, and protect your information when you use our service. By using Pomelo Labs, you agree to the practices described here.

• To provide and improve the Pomelo Labs platform
• To generate AI-powered marketing insights, content, and recommendations tailored to your business
• To display your website analytics data within your personal dashboard
• To send product updates and service notifications (you may opt out at any time)
• To detect and prevent fraud or abuse

We do not sell your personal data. We do not use your Google Analytics or Search Console data for any purpose other than displaying it back to you within your dashboard.

Pomelo Labs' use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• We only access Google data that you explicitly authorize
• We use Google data solely to provide features within the Pomelo Labs dashboard
• We do not transfer Google user data to third parties except as necessary to provide the service
• We do not use Google data for advertising or to train AI/ML models
• Humans at Pomelo Labs do not read your Google Analytics or Search Console data

You can revoke access at any time by visiting Google Account Permissions and removing Pomelo Labs.

We use the following third-party services to operate our platform:

Your data shared with these services is governed by their respective privacy policies. We only share the minimum data necessary for each service to function.

Your account data is stored on Supabase infrastructure hosted in the United States. We implement industry-standard security measures including encryption in transit (TLS), encrypted storage, and row-level security policies ensuring users can only access their own organization's data.

Google OAuth tokens are stored encrypted and used solely to make authorized API calls on your behalf. Tokens are automatically refreshed and revoked when you disconnect.

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal purposes.

Google OAuth tokens are deleted immediately when you disconnect your Google account from Pomelo Labs.

You have the right to:

• Access — request a copy of the data we hold about you
• Correction — update inaccurate or incomplete data
• Deletion — request deletion of your account and associated data
• Portability — receive your data in a machine-readable format
• Opt-out — unsubscribe from marketing communications at any time
• Revoke Google access — disconnect Google at any time via Settings or Google Account Permissions

To exercise any of these rights, contact us at privacy@pomelolabs.ai.

Pomelo Labs is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by displaying a notice within the app. Continued use of the service after changes constitutes acceptance of the updated policy.

If you have any questions about this Privacy Policy, please contact us: