Last updated: May 23, 2026
When you create an account: email address, name, profile picture, and organization details.
We also collect usage and analytics data (pages visited, session duration, referring URLs) to understand how the product is used.
When you connect third-party services, we collect only what's needed for each integration:
| Service | Data Collected |
|---|---|
| Gmail | Email address, display name, and contact data (names, emails, phone numbers, job titles, addresses) for relationship management. We store records of emails sent through Sollo. |
| Google Calendar | Calendar names and event details (title, time, attendees, location), used to display your calendar and build your contact network from attendees. |
| Google Sheets | Spreadsheet names and IDs for sync. We read and write data you direct us to. |
| Google Docs | Document names and content for viewing and editing documents on your behalf. |
| Google Slides | Presentation names and content for viewing and editing presentations on your behalf. |
| Service | Data Collected |
|---|---|
| GitHub | Repository names, commits, and pull requests for syncing development activity into Sollo. |
| LinkedIn (limited) | We request basic profile access. This integration is currently in early development and does not yet support full functionality. |
| Slack | Workspace connection for sending notifications and automation actions. |
| IMAP | Email metadata, contacts, and email content from your configured mail server (e.g., Gmail IMAP, Outlook) using credentials you provide. These credentials are encrypted at rest and are never logged or exposed in API responses. |
| PostgreSQL | Data from external databases you connect, using credentials you provide. These credentials are encrypted at rest and are never logged or exposed in API responses. |
| Apollo.io | Contact enrichment data (names, emails, job titles, company information, LinkedIn URLs) retrieved via API key you provide. API keys are encrypted at rest and are never logged or exposed in API responses. |
| SaaS Custom Domains | Domain names and DNS configuration you provide, used to serve your Sollo landing pages under your own domain. |
| WhatsApp Business Platform | When a workspace connects WhatsApp: WhatsApp Business Account (WABA) ID, business phone number, and access token. Messages exchanged through the connected number (text, media references, timestamps, and sender phone numbers) are stored as part of your workspace conversation history. |
We also store OAuth tokens (encrypted at rest) to maintain your connections, and any files you upload (images, documents, videos — no executables or SVGs).
When a workspace uses WhatsApp to communicate with its own end customers, the workspace is the data controller for those conversations and is responsible for obtaining customer consent and providing its own privacy notice, in accordance with the WhatsApp Business Messaging Policy. Sollo acts as a processor on the workspace's behalf.
We do not sell or rent your data. We share it only with the service providers below, and only the minimum necessary for each to function:
| Provider | Data Shared | Purpose |
|---|---|---|
| Anthropic, OpenAI, Groq | Messages, context | AI assistant features |
| Supabase | Account & app data | Database & authentication |
| Vercel | Request logs, IP addresses, user uploads | Hosting & file storage |
| Stripe, PayPal | Billing data | Payment processing |
| Resend | Email addresses, email content | Transactional emails |
| Upstash | Session data, job metadata | Caching & queues |
| Pusher | Presence data, event notifications | Real-time features |
| Tavily | Search queries | Web search for AI features |
| Unsplash | Image search terms | Stock image search |
| GitHub | OAuth tokens, repository metadata | Development activity sync |
| Google Analytics | Usage data, IP addresses | Traffic & product analytics |
| Basic profile data (limited) | Early-stage integration | |
| Slack | Workspace connection, message content | Notifications & automations |
| Apollo.io | Contact data, search queries | Contact enrichment & email finding (when you connect this integration) |
| SaaS Custom Domains | Domain names, routing configuration | Custom domain management for landing pages |
| Meta Platforms (WhatsApp Business Platform) | Messages and phone numbers exchanged through your connected WhatsApp number | Delivering messages via the WhatsApp Business Platform Cloud API |
Each provider has their own privacy policy and security practices. We have data processing agreements in place where required.
We don't use customer data — including WhatsApp messages, email content, or any integration data — to train, fine-tune, or improve any AI or machine learning models. When this data is processed by AI services (Anthropic, OpenAI, Groq) to generate replies or extract context, it is solely to respond to real-time requests within Sollo.
Sollo's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
We retain your data for as long as your account is active. To delete data:
Contact records imported before disconnection are retained until you request account deletion. Logs are kept for up to 90 days for security purposes.
You may at any time: access, correct, or delete your personal data; disconnect any integration; export your data; or revoke Google access via your Google Account settings.
If you are located in the European Economic Area, UK, or California, you may have additional rights under applicable law (including GDPR and CCPA), such as the right to object to or restrict certain processing.
Contact us at privacy@sollo.so to exercise any of these rights.
We may update this policy and will post the new version here with an updated date.
For questions: privacy@sollo.so or sollo.so