1. What this policy covers
This policy applies to ArchaOS System and the AssystEM workspace, including chat, app windows, optional connected services, approval workflows, audit logs, local workspace tools, and ObsidianHalo+ memory/reference support.
2. Information we may process
- Account information, such as username, email address, profile name, and authentication status.
- Workspace activity, such as opened apps, chat requests, file actions, approval states, and audit events.
- User-provided content, such as messages, prompts, files, notes, reports, and references you upload or create.
- Connected-app metadata, such as Gmail or Google Drive connection status when you authorize an integration.
- ObsidianHalo+ reference data, such as approved summaries, workspace notes, task history, and local memory context.
3. How information is used
Information is used to operate the workspace, authenticate users, maintain app state, run requested tools, provide chat context, store approved references, support auditability, and improve workflow reliability.
4. Connected services
If you connect Gmail, Google Drive, or another provider, ArchaOS may use that connection to complete actions you request. OAuth permissions are controlled by the provider consent screen. Do not connect accounts you do not own or are not authorized to use.
5. ObsidianHalo+ memory and references
ObsidianHalo+ is treated as a workspace reference layer. It may store approved notes, summaries, task context, reports, and memory used to help AssystEM respond consistently. Do not store passwords, API keys, private keys, recovery codes, or sensitive credentials in notes or memory.
6. Approval queue and audit logs
Sensitive actions may be routed through approval checks and audit logging. This may include write operations, remote commands, deployments, connected-service actions, and other higher-risk workspace operations.
7. Security
ArchaOS is designed around workspace guards, approval checks, and audit logs. No system is perfectly secure. Users should avoid submitting unnecessary secrets and should review important actions before approval.
8. Sharing
AssystEM should not sell personal data. Information may be shared with connected services only when needed to complete user-requested actions, or when required for operational, legal, or security reasons.
9. Retention
Workspace data, uploaded files, chat context, audit logs, and ObsidianHalo+ references may remain available while needed for workspace operation and traceability. Remove data you no longer want retained.
10. Contact
Use the User Dashboard help/contact option to report privacy questions, bugs, access issues, or data handling concerns.