Last updated: April 2026
Kobin AI (kobin.team) is an agency operating system built for founders and small teams. We are the data controller for information collected through our website and product. You can reach us at support@kobin.team.
We collect the following types of information:
We use the following third-party services to operate Kobin AI:
We do not sell your data to any third party.
Kobin AI only accesses Google user data when a user explicitly connects their Google account through the platform settings. All access is governed by OAuth 2.0 and limited to the scopes you explicitly grant.
Scopes we request and why:
https://www.googleapis.com/auth/drive.file — Allows Kobin AI to upload files to Google Drive only within folders that Kobin AI itself creates in your Drive. We cannot read, modify, or delete any existing files in your Drive that were not created through Kobin AI.https://www.googleapis.com/auth/calendar.events — Allows Kobin AI to read and create calendar events to power scheduling and pre-meeting briefing features.https://www.googleapis.com/auth/gmail.readonly — Only accessed if you explicitly enable Gmail analysis in Settings. Used to analyze email content in real-time for workspace intelligence (e.g. risk detection, task extraction). Gmail messages are never stored on Kobin AI servers.How this data is used: Google user data is used solely to provide Kobin AI features such as document management (Vault), workflow automation, task extraction, and pre-meeting briefs. We do not sell, share, rent, or use this data for advertising purposes. We do not use it to train AI models.
File permission model: The AI cannot access any file or folder in your Google Drive unless that folder was created by Kobin AI or you explicitly grant access. Files uploaded to Vault using the Google Drive integration are placed inside a Kobin AI-created project folder in your Drive. You retain full ownership and control of all Drive files at all times.
Gmail data: If you enable Gmail integration, email content is fetched and analyzed in real-time. Gmail messages, contact lists, and email metadata are never stored on Kobin AI servers. They are processed as a transient stream and the source data remains exclusively in your Google account. You may disable this integration at any time in Settings.
Limited Use Compliance: Kobin AI's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We only use Google user data to provide or improve user-facing features and do not use this data for advertising, profiling, or training generalized AI models.
Kobin AI uses Large Language Models (LLMs) provided by Groq to process text extracted from your files and workspace interactions. This data is used to generate semantic embeddings stored securely in Supabase to power features such as "Ask Vault" and intelligent search. We do not use your proprietary data to train AI foundation models. Kobin AI does not make autonomous decisions on behalf of users — all outputs are assistive and require human review before action is taken.
Kobin AI may improve its internal systems using aggregated and anonymised usage patterns, but never using identifiable or proprietary user content.
Access to user data within our systems is restricted to automated processes. Human team members do not access your workspace data or files except when strictly required for: (a) debugging a technical issue you have reported, (b) providing direct customer support, or (c) complying with a legal obligation. In all such cases access is logged and time-limited.
We use browser local storage (not cookies) to store your anonymous session ID, popup dismissal state, visit count, and referral link. We do not use tracking cookies for advertising purposes. Mixpanel may set first-party analytics cookies — you can opt out via your browser settings.
Waitlist and newsletter email addresses are retained until you request deletion. Anonymous analytics data is retained for up to 12 months.
Upon account deletion, all associated workspace data — including files, embeddings, CRM records, and metadata — are permanently deleted within 30 days, except where retention is required by applicable law. You will receive a confirmation email once deletion is complete.
You have the right to:
To exercise any of these rights, email us at support@kobin.team.
You can revoke Kobin AI's access to your Google account at any time by visiting myaccount.google.com/permissions. Upon revocation, Kobin AI will immediately lose access to your Google data and all associated features (Drive Vault, Calendar, Gmail analysis) will be disabled.
To request deletion of any Kobin AI-stored data derived from your Google account (such as embeddings generated from file content), email support@kobin.team with the subject line "Google Data Deletion Request". We will process your request within 30 days and confirm via email.
Files uploaded to Google Drive through Kobin AI remain in your Google Drive account. You can delete them directly from Google Drive at any time. Kobin AI does not store persistent copies of Google Drive files on its own servers outside of what is necessary for core functionality (such as temporary processing or semantic embeddings used for search).
We implement industry-standard security measures to protect user data, including encrypted data transmission (HTTPS), secure credential storage via Supabase Auth, private object storage with signed URLs, and access controls enforced at both the API and database levels. While no system is completely secure, we continuously work to protect your information from unauthorised access, loss, or misuse. If you discover a security vulnerability, please disclose it responsibly to support@kobin.team.
We may update this policy as Kobin AI grows. If we make material changes, we will notify active users by email. The date at the top of this page reflects the most recent update.
Questions about this policy? Email support@kobin.team and we will get back to you within 2 business days.