Privacy Policy

Last updated: July 2, 2026

Froots, Inc. (“Froots,” “we,” “us”) builds a local-first desktop application for running AI agents and managing your personal workspace. This Privacy Policy explains what information the app handles, how it is used, and the choices you have. It applies to the Froots desktop app and the froots.ai website.

Froots is local-first: your workspace and the data you connect are stored and processed on your own device by default. We operate only the limited cloud services described below (optional sync, payments, and real-time coordination).

Information we handle

  • Account & billing information. If you subscribe to cloud sync, we process your email address and manage your subscription through our payment processor, Stripe. We do not receive or store your full card number.
  • Google account data (Gmail and Google Calendar). If you choose to connect a Google account, Froots requests your permission to access your Gmail messages and Google Calendar events so it can show your inbox and calendar inside the app and let you triage mail and manage events. See the dedicated section below.
  • Workspace content. Notes, tasks, contacts, agent configurations, and memory files you create in the app. This lives on your device and, if you enable sync, in your private cloud database.
  • Model provider keys.API keys you supply for AI providers (e.g. Anthropic, OpenAI, Google, or a local model) are stored in your operating system’s secure keystore on your device. We never receive them.

How Froots uses Google user data

When you connect a Google account, Froots requests these permissions (scopes), and uses them only for the features described:

  • Gmail (read and modify). To display your inbox in the app, open individual messages, send replies you compose, and triage mail (mark as read, archive, label). Message content is fetched to your device on demand.
  • Google Calendar (events). To display your calendar and let you create, edit, and delete events from within the app.
  • Basic profile (openid, email). To identify which Google account is connected.

Google data is processed on your device to power these features. If you explicitly ask an in-app AI agent to act on your mail or calendar (for example, “summarize this thread”), the relevant content is sent to the AI provider you configured with your own API key, and is handled under that provider’s terms. Froots does not send your Google data to any other destination.

Limited Use — Google API Services User Data Policy

Froots’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, Froots:

  • uses Google user data only to provide and improve the features you request;
  • does not sell Google user data;
  • does not use or transfer Google user data for advertising;
  • does not use Google user data to train, develop, or improve generalized or non-personalized AI or machine-learning models; and
  • does not allow humans to read your Google user data, except with your affirmative agreement for specific messages, when necessary for security purposes (such as investigating abuse), to comply with applicable law, or where the data has been aggregated and anonymized.

Optional cloud sync

Cloud sync is off by default. If you turn it on, your workspace content is replicated to a private database provisioned for your account (hosted on Turso) so it stays consistent across your devices. Data is transmitted over encrypted connections (TLS). Gmail message bodies are fetched on demand and are not stored in the synced database; however, if you or an agent save email-derived content into your notes or memory, that saved content syncs like any other workspace content you create.

How we store and protect data

  • Google OAuth tokens are stored in your device’s secure OS keystore.
  • Local workspace data resides in your user application-support directory.
  • Synced data is transmitted over TLS to your private database.
  • We retain synced data for as long as your account is active.

Your choices and controls

  • Disconnect Google.Remove a connected Google account at any time in the app’s Settings; this deletes the stored tokens on your device.
  • Revoke at Google.You can revoke Froots’s access directly at myaccount.google.com/permissions.
  • Delete your data. Turn off sync to keep data only on your device, or contact us to delete your account and synced data.

Third-party services

Froots relies on a small number of third parties to operate: Google (for the Gmail and Calendar features you connect), the AI providers you configure with your own keys, Stripe (payments), and Turso (sync database). Each processes data under its own privacy terms.

Children

Froots is not directed to children under 16, and we do not knowingly collect their data.

Changes to this policy

We may update this policy as the product evolves. Material changes will be reflected here with an updated date above.

Contact

Questions about this policy or your data? Email hello@froots.ai. Froots, Inc.