Security, Privacy & Data Controls
Connecting your inbox requires trust. WorkPilot is built for business teams that need human review, compliance scanning, and clear data boundaries.
Trust
Built for Business Communications
Reduce email access objections with transparent permissions, Guardian compliance, and explicit human approval on every outbound action.
You Stay in Control
Nothing sends without your approval. WorkPilot drafts, scores, and recommends โ you decide what leaves your inbox.
Guardian Risk Scanning
Built-in Guardian scans outbound content for legal exposure, regulatory flags, PII, and ethical risks before you reply.
Least-Privilege Access
Email integrations request only the scopes needed to read, analyze, and draft. You can disconnect anytime from settings.
No Model Training on Your Mail
Your connected email content is processed to deliver your results. It is not used to train public foundation models.
Audit-Ready Workflows
Business and Enterprise plans support exportable activity history and admin controls for compliance-sensitive teams.
Enterprise-Grade Infrastructure
Hosted on Google Cloud with Firebase Auth, encrypted transport, and role-based access for teams and organizations.
Permissions
What WorkPilot Accesses โ and Why
We ask for the minimum access required to analyze, draft, and automate your workflows. Every integration can be revoked instantly.
Gmail
Read and analyze messages you choose to process. Draft replies in your account. Send only after explicit user action.
Microsoft 365
Connect Outlook mailboxes with Microsoft identity. Same human-review model โ analysis and drafts, never silent send.
Calendar (Optional)
Optional calendar access for meeting context and daily brief enrichment. Disabled unless you enable it.
Data Policy
How We Handle Your Data
WorkPilot processes the content you connect โ email, documents, and workflow inputs โ to generate analysis, drafts, reports, and recommendations for your account.
We retain data needed to run your workflows and show history inside the product. Retention and export options expand on Business and Enterprise plans.
For procurement and security reviews, contact us for our security overview, subprocessors list, and DPA availability.
FAQ
Security Questions
Does WorkPilot send email automatically?
No. WorkPilot prepares drafts and recommendations. A human must review and approve before anything is sent.
Do you train AI models on my email?
No. Your mailbox content is used to generate your results and is not used to train public AI models.
Where is my data processed?
WorkPilot runs on Google Cloud infrastructure. Data is encrypted in transit and access is authenticated per user and organization.
Can I disconnect my mailbox?
Yes. Disconnect Gmail or Microsoft 365 anytime from WorkPilot settings. You can also request account deletion through support.
What is Guardian?
Guardian is WorkPilot's compliance layer. It scans drafts and imported messages for risk signals before you act on them.
Questions About Security?
Talk to our team about permissions, data handling, Guardian controls, or enterprise security review.