Legal

Privacy Policy

How we collect, use, and protect your data. Plain-language summary first, formal text below.

Last Updated: 9 April 2026

1. Plain-language summary

GloriaMundo is an AI workflow automation platform run by GloriaMundo Ltd, a small UK company. You describe automations in plain English; we turn them into workflows that connect to your existing tools (Gmail, Slack, Google Calendar, and hundreds of others).

To do this, we need some of your data. When you sign in with Google, we get your name, email, and profile picture. When you connect third-party services, your OAuth tokens are stored by Composio (a US-based service), not by us. When you type a message or upload a document, that content is sent to AI providers (Anthropic, Google, and others via OpenRouter) for processing, and in some cases to Graphlit for document indexing or E2B for code execution. Your workflows are orchestrated through Inngest. We use PostHog for product analytics and Sentry for error tracking. All traffic passes through Cloudflare.

Most of these services are based in the United States. Our own infrastructure runs on Google Cloud Platform in the UK (London region), but data does leave the UK when it reaches our sub-processors. We rely on appropriate transfer safeguards where they are in place.

We keep your data while your account is active. You can delete individual workflows and projects yourself. We do not currently have a self-service account deletion button; if you want your account deleted, email us and we will process it manually within 30 days. Some categories of expired data are not yet subject to automated cleanup. We retain billing records for 7 years to comply with HMRC requirements.

You have rights under UK data protection law: access, correction, deletion, restriction, portability, objection, and the right to complain to the ICO. Email [email protected] to exercise any of them.

We do not sell your data. We do not use it to train AI models.

This summary is not a legal substitute for the formal text below.

2. Who we are

GloriaMundo is operated by GloriaMundo Ltd, a company registered in England and Wales (Company Number: 16729892).

Registered office: 21 Deacon Gardens, Seaton Carew, Hartlepool, England, TS25 1UU

Data protection contact: [email protected]

We are the data controller for the personal data described in this policy. Where we use third-party services to process data on our behalf (sub-processors), we remain responsible for how your data is handled.

3. What information we collect

3.1 Account information

When you sign in with Google, we receive your email address, name, and profile picture. We use these to identify your account and personalise the interface.

3.2 Billing information

When you purchase a subscription or credits, Stripe (our payment processor) collects your billing address, payment card details, and tax identification if provided. We never see or store your full card number.

3.3 Content you provide

  • Conversations: messages you send and AI responses
  • Workflows: automation workflows you design and save
  • Uploaded files: documents (PDF, DOCX, TXT) and images you share for the AI to read
  • Soul and skills documents: custom instructions and context you configure for your agent

3.4 Third-party integration data

When you connect third-party services (Gmail, Slack, Google Calendar, and others) via OAuth, we store a reference linking your GloriaMundo account to the connection. The actual OAuth tokens are stored by Composio, a US-based third party that manages integrations on our behalf. Composio currently supports approximately 1,000 integrations. Your tokens remain in Composio's infrastructure until you disconnect the integration, at which point they are revoked.

3.5 Automatically collected data

  • Usage data: features used, models selected, workflow executions (collected via PostHog)
  • Device information: browser type, operating system, screen resolution
  • Log data: IP addresses, access times, pages viewed (stored in Google Cloud Logging)

3.6 Memory system (optional)

If you enable the Memory feature, we store facts and preferences you share across conversations to personalise your experience. This data is held by Zep, a US-based memory service. Memory is opt-in and can be disabled at any time in your account settings.

4. Why we use your information and our lawful basis

Under UK GDPR, we need a lawful basis for each way we use your personal data. Here is how each purpose maps to a legal basis:

Purpose Lawful basis
Providing the service (processing AI requests, executing workflows, managing your account) Performance of contract (Art. 6(1)(b))
Processing payments and maintaining billing records Performance of contract (Art. 6(1)(b))
Product analytics and service improvement Legitimate interests (Art. 6(1)(f)): understanding how people use the service so we can improve it
Error tracking and debugging Legitimate interests (Art. 6(1)(f)): maintaining service reliability
Security and fraud prevention Legitimate interests (Art. 6(1)(f)): protecting users and the platform
Sending marketing and lifecycle emails Consent (Art. 6(1)(a))
Memory feature (storing preferences across conversations) Consent (Art. 6(1)(a))
Retaining billing and transaction records Legal obligation (Art. 6(1)(c)): HMRC tax record-keeping requirements

5. Who we share your data with

We use third-party services (sub-processors) to help deliver GloriaMundo. For a complete list with purposes, data categories, processing locations, and links to each provider's privacy notice, see our Sub-processors page.

Below is a summary of the key data flows you should understand:

5.1 OAuth tokens for connected services

When you connect a third-party service (Gmail, Slack, Google Calendar, etc.), your OAuth tokens are stored by Composio, a US-based integration provider. We do not store OAuth tokens ourselves. Disconnecting an integration in GloriaMundo revokes the token at Composio.

5.2 Documents and file uploads

Documents you upload (PDF, DOCX, TXT, web pages) are sent to Graphlit, a US-based service, for ingestion, indexing, and semantic retrieval. Graphlit stores the content of your documents, not just metadata.

5.3 Code execution

Code generated by workflows runs in sandboxed virtual machines operated by E2B, a US-based service. This code may process data fetched during earlier workflow steps.

5.4 AI providers

Your messages, conversation context, and workflow prompts are sent to language model providers for inference. We use Anthropic's API directly for certain calls and route other requests through OpenRouter to models from Google, Anthropic, and other providers. We have contractual commitments from these providers that your prompt content is not used to train their models.

5.5 Workflow orchestration

Workflow payloads are processed by Inngest, a US-based orchestration service. These payloads include user identifiers, step definitions, and step results, which may contain personal data fetched from your connected accounts (for example, email content or calendar events).

5.6 Analytics and error tracking

PostHog receives product analytics events, including user identifiers and feature usage data. Sentry receives error reports, which may include stack traces, request metadata, and user identifiers. Both services are US-based.

5.7 Traffic and infrastructure

All HTTP traffic to GloriaMundo passes through Cloudflare for CDN delivery and DDoS protection. Cloudflare sees IP addresses, request URLs, and headers.

5.8 Email

Marketing and lifecycle emails are sent through Loops. Transactional notifications (such as error alerts) may be sent through SendGrid (a Twilio subsidiary). Both services receive recipient email addresses and message content.

5.9 Image generation

Image generation requests are sent to Google Vertex AI (Imagen). Prompts may contain user-provided creative descriptions.

5.10 Web search and extraction

When your workflows include research steps, search queries and extraction requests may be sent to Serper, Tavily, Firecrawl, or BrightData depending on the task. Search queries may contain personal data from your workflow context. If you do not use research workflows, your data is not sent to these services.

5.11 Other disclosures

We do not sell your personal data. We may disclose your information if required by law, court order, or to protect the rights, property, or safety of GloriaMundo, our users, or others.

6. International transfers

Our primary infrastructure runs on Google Cloud Platform in the United Kingdom (europe-west2, London region). However, most of our sub-processors are based in the United States, and some data necessarily leaves the UK when it reaches them. BrightData is headquartered in Israel.

When personal data is transferred outside the UK, we rely on appropriate safeguards including UK International Data Transfer Agreements (UK IDTA), the UK Addendum to EU Standard Contractual Clauses, or adequacy decisions where applicable.

We are a small team and are working to ensure that formal transfer mechanisms are documented for every sub-processor. Where a specific mechanism is not yet fully documented, we assess the transfer risk and rely on the sub-processor's own data protection commitments and standard contractual terms. See our Sub-processors page for the processing location of each service.

7. How long we keep your data

We want to be honest about what happens to your data, including the gaps:

Data Retention Deletion mechanism
Account data (email, name, profile) While your account is active No self-service account deletion currently exists; email us to request erasure
Conversations and chat history Until you delete them No automated cleanup; individual deletion available in-app
Workflows Until you delete them Hard-deleted when you delete a workflow
Projects and uploaded documents Until you delete the project Project hard-deleted; documents queued for deletion at Graphlit
Connected service tokens (OAuth) Until you disconnect the integration Hard-deleted locally; token revoked at Composio
Memory facts (if enabled) Until you disable the feature Soft-deleted; underlying data at Zep may persist until manual cleanup
Billing and transaction records 7 years from the transaction date Retained to comply with HMRC requirements
Error tracking data (Sentry) Per Sentry's default retention (typically 90 days) Managed by Sentry
Analytics data (PostHog) Per PostHog's default retention settings Managed by PostHog
Application logs (Cloud Logging) Per Google Cloud Logging retention settings Managed by Google
Expired session and workflow state data Indefinite (see note below) Cleanup functions exist but are not currently run on a schedule

A note on expired data: Some categories of expired data (such as abandoned session state and orphaned workflow records) are not currently subject to automated deletion and may persist until you request erasure or we run a manual cleanup. We are working to close this gap by connecting our existing cleanup functions to a scheduled process.

If you ask us to delete your data, we will process your request within 30 days. Because we do not currently have a unified account-deletion endpoint, erasure requires manual coordination across our systems and sub-processors. We will confirm deletion once complete.

8. Your rights and how to exercise them

Under UK data protection law, you have the following rights:

  • Right of access: you can ask us for a copy of the personal data we hold about you.
  • Right to rectification: you can ask us to correct inaccurate data.
  • Right to erasure: you can ask us to delete your personal data. We will do so unless we have a legal obligation to retain it (for example, billing records). Because we do not currently have a self-service deletion tool, this requires manual processing.
  • Right to restrict processing: you can ask us to limit how we use your data while a concern is being resolved.
  • Right to data portability: you can ask us to provide your data in a structured, machine-readable format. We do not currently have a self-service export tool, so we process these requests manually.
  • Right to object: you can object to processing based on legitimate interests. We will stop unless we have compelling grounds that override your interests.
  • Right to withdraw consent: where we rely on consent (marketing emails, memory feature), you can withdraw it at any time. For marketing, use the unsubscribe link in any email. For memory, disable it in your account settings.

To exercise any of these rights, email [email protected]. We will respond within 30 days. If your request is complex or we receive many requests at once, we may extend this by a further 60 days, but we will tell you within the first 30 days if that is the case.

Right to complain: if you believe your data protection rights have been violated, you have the right to lodge a complaint with the Information Commissioner's Office (ICO). You can do so at ico.org.uk/make-a-complaint or by calling 0303 123 1113.

9. Cookies and similar technologies

We use the following cookies and tracking technologies:

Technology Provider Purpose Can you disable it?
Session cookies GloriaMundo Authentication and CSRF protection No (essential for the service to work)
Analytics cookies and JavaScript tracking PostHog Product analytics: page views, feature usage, user identifiers Via browser settings or ad-blockers
Performance and security cookies (__cf_bm, __cflb) Cloudflare Bot detection, load balancing, DDoS protection No (required by our CDN infrastructure)
Payment security cookies Stripe Fraud detection on checkout pages Only present on payment pages

We do not currently operate a cookie consent banner. This is on our roadmap. In the meantime, you can manage cookies through your browser settings.

10. Security

Here is what we do to protect your data:

  • Encryption in transit: all connections use TLS.
  • Encryption at rest: sensitive credentials in our vault are encrypted with AES-256-GCM, with keys derived via HKDF-SHA256.
  • Authentication: OAuth 2.0 via Google Sign-In with secure session management.
  • Infrastructure: hosted on Google Cloud Platform managed services (Cloud Run, Cloud SQL with managed PostgreSQL, Memorystore with managed Redis) in the europe-west2 (London) region.
  • Code sandboxing: workflow code execution runs in isolated E2B virtual machines, separate from our main infrastructure.
  • Input sanitisation: we redact secrets from workflow payloads before they reach orchestration services, and we redact PII patterns from error reports.

No system is perfectly secure. If you discover a security vulnerability, please report it to [email protected].

11. Children

GloriaMundo is not intended for anyone under 18 years of age. We do not knowingly collect personal data from anyone under 18. If we learn that we have collected data from someone under 18, we will delete it. If you believe a child has provided us with personal data, please contact us at [email protected].

12. Changes to this policy

We may update this policy from time to time. For material changes, we will give at least 30 days' notice by email or through the service before the changes take effect. Your continued use of GloriaMundo after the effective date constitutes acceptance of the updated policy. We will always keep the current version available at this URL.

13. Contact

If you have questions about this policy or want to exercise your data protection rights:

Email: [email protected]

Post:
Data Protection Contact
GloriaMundo Ltd
21 Deacon Gardens
Seaton Carew
Hartlepool, England
TS25 1UU

Related Documents

Terms of Service

The legal agreement governing your use of GloriaMundo.

Sub-processors

The third-party services that process your data on our behalf.