Privacy Policy

Effective July 17, 2026

The short version: OpenWorker runs on your computer. Your conversations, files, model API keys, and connector tokens stay on your device — they are never stored on our servers. Signing in to the optional OpenWorker Cloud shares only your sign-in identity, the minimum connection metadata needed to route your connected apps, and content-free usage counts you can turn off.

1. Who we are

OpenWorker ("we," "us") provides the OpenWorker desktop application (open source, published at github.com/andrewyng/aisuite), this website, and the optional OpenWorker Cloud service (sign-in, a gallery of ready-made agent setups, and one-click connections). Questions about this policy: privacy@openworker.com.

2. Where your data lives

On your device — always

OpenWorker Cloud — only if you sign in

The app works fully signed out. If you create an account, our servers hold:

3. How connections work

For one-click connections, our broker participates in the OAuth handshake only to pass the resulting token through to your device. Tokens are processed in transit and are not stored on our servers. For real-time connectors (such as Slack messages or GitHub mentions), events pass through our relay solely to be delivered to your device; we do not use them for any other purpose or retain them beyond what delivery requires. You can always skip our broker entirely and paste your own tokens.

4. Your model provider

OpenWorker sends conversation content directly from your device to the model provider you configure (such as Anthropic, OpenAI, or Google), under your own API key and your agreement with that provider. There is no OpenWorker server between your device and your model provider. If you use Ollama, models run entirely on your machine and no content leaves it.

5. Google user data

If you connect Gmail, Google Calendar, or Google Drive, OpenWorker accesses that data on your device, only to do what you ask — for example reading messages you ask it to summarize, drafting email for your approval, or checking your calendar. Google user data is:

OpenWorker's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including its Limited Use requirements. You can revoke OpenWorker's access at any time at myaccount.google.com/permissions or by disconnecting the account in the app.

6. Other connected services

The same model applies to every connector: content from Slack, HubSpot, Notion, GitHub, Microsoft and others is processed on your device, sent only to your configured model provider at your direction, and is not stored on our servers. Your use of each connected service remains governed by that service's own terms and policies.

7. Sharing

We do not sell personal information, and we do not share it for advertising. The service providers that process the limited data described above on our behalf are Amazon Web Services (hosting, United States), Auth0 by Okta (sign-in), and GitHub (application downloads and updates). Each is bound by its own data processing terms. We may disclose information if required by law, or to protect the security of the service — and because we do not store your content, there is very little to disclose.

8. Retention and deletion

Account and connection metadata are kept while your account is active. Usage counts are retained in aggregate. To delete your account and its data, email privacy@openworker.com from your sign-in address; we will delete your sign-in record and cloud-side metadata within 30 days. Uninstalling the app removes all local data from your device (your files remain yours, where you saved them).

9. Your rights

Depending on where you live (including the EU/UK under GDPR and California under CCPA), you may have rights to access, correct, delete, or export your personal data, and to object to or restrict certain processing. Given our design, nearly all of your data is already in your hands, on your device. For anything cloud-side, contact privacy@openworker.com and we will respond within the legally required time. EU/UK users: our servers are in the United States; transfers rely on our providers' standard contractual clauses, and you may lodge a complaint with your local supervisory authority.

10. Children

OpenWorker is not directed to children under 16, and we do not knowingly collect personal information from them.

11. Changes

We will post any changes to this policy here and update the effective date. For material changes, we will provide notice on this site or in the app before they take effect.

12. Contact

privacy@openworker.com