Privacy Policy

Last updated: April 12, 2026

1. Introduction

BAT (Brand Autopilot Terminal), operated by Blackwing Agency ("we", "us", "our"), provides an AI-powered brand strategy and marketing platform accessible at usebat.ai. This Privacy Policy explains how we collect, use, and protect your information.

2. Information We Collect

Account Information: Email address, name, and company name provided during registration.

Google Sign-In (optional): If you choose to sign in or sign up with Google, we receive your Google account email, display name, profile picture URL, and a stable Google user identifier (the OpenID sub claim). We use this information only to create your BAT account and to sign you in on subsequent visits. We do not receive or store your Google password, and we do not request access to any Google service data (Drive, Gmail, Calendar, etc.) through the sign-in flow — those are separate, opt-in integrations with their own consent screens.

Workspace Data: Brand information, content strategy, social media profiles, and competitor data you provide or connect to the platform.

Connected Services: When you connect LinkedIn, SharePoint, Google Drive, or other integrations, we access data you explicitly authorize through OAuth consent screens. We only request the minimum permissions necessary.

Google Drive Data: If you connect Google Drive, we access (a) folder and file metadata (names, types, modification dates) to display a folder browser, and (b) the content of files within the folder you select, so our AI can analyze your documents for brand strategy purposes. We request read-only access and do not modify, delete, or share your Drive files.

Usage Data: Chat interactions, feature usage, and session metadata to improve the service.

3. How We Use Your Information

  • Provide and improve the BAT platform and AI-powered features
  • Generate strategy documents, content recommendations, and analytics
  • Sync and analyze your connected social media data
  • Read and analyze documents from your connected Google Drive folder to generate brand strategies
  • Maintain workspace memory and conversation continuity
  • Send service-related communications

4. Data Sharing

We do not sell your personal information. We share data only with:

  • AI providers (Anthropic, OpenAI) to process your requests — your data is sent to generate responses and is subject to their data processing agreements
  • Infrastructure providers (Vercel, Railway, Cloudflare) for hosting and delivery
  • Connected services (LinkedIn, Microsoft, Google) only as authorized by you

5. Data Security

We use encryption in transit (TLS) and at rest for sensitive data including OAuth tokens and credentials. Access to production systems is restricted to authorized personnel.

6. Data Retention

Your workspace data is retained for the duration of your account. Chat history and generated documents are preserved within your workspace. You may request deletion of your account and associated data at any time.

7. Your Rights

You may access, correct, or delete your personal data by contacting us. You may disconnect any connected service (including Google Drive) at any time through the Integrations tab, which immediately revokes our access to that service. You may export your workspace data upon request.

8. Google Drive Integration

BAT's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

When you connect Google Drive, BAT requests the following permissions:

  • drive.metadata.readonly: Used to list and display your folders and files in a browser interface so you can select a content folder.
  • drive.readonly: Used to read file content from your selected folder so our AI can analyze your documents for brand strategy generation.

BAT does not store copies of your Google Drive files. File content is read on demand, processed by our AI, and not retained beyond the active session. You can disconnect Google Drive at any time from the Integrations settings page, which immediately revokes all access.

9. Cookies

We use essential session cookies for authentication. We do not use third-party tracking cookies or advertising pixels.

10. Contact

For privacy inquiries, contact us at [email protected].