Latest AI News: OpenAI just released Agent Builder, making custom AI agents easier than ever. Now’s the time to automate your workflows; schedule your eleoro setup call and deploy your first agent in days, not months.


Privacy Policy (Interim Version)

Effective Date: 10/14/2025
Last Updated: 10/14/2025

Disclaimer: This Privacy Policy is provided for informational purposes only and does not constitute legal advice.

1. Who We Are

eleoro (“we,” “us,” or “our”) helps businesses deploy AI-powered workflow automations (“Agents”) built on trusted platforms such as OpenAI’s Agent Builder, Zapier, Make, n8n, and Workato. We operate primarily in the United States and the European Union, and we do not host, store, or resell customer data.

2. Our Role in Data Processing

eleoro acts as a service integrator rather than a data processor or controller. All customer data remains within the platforms you already use (for example: HubSpot, Salesforce, Shopify, QuickBooks, or Google Workspace).

  • We connect these tools using your chosen platform’s APIs.
  • Data flows through each system according to that platform’s own privacy and security controls.
  • We do not maintain permanent databases, backups, or analytics systems containing customer data.

Assumption: Each client has its own accounts with the platforms used in automation workflows. eleoro accesses them only for configuration and testing purposes.

3. Data We May Access

During setup and maintenance, eleoro may have temporary access to:

  • API keys or connection tokens (shared securely through platform interfaces).
  • Sample data for testing workflow accuracy.
  • Contact details for client representatives.

We use this information solely to configure and support your automations. Access is removed once setup or troubleshooting is complete.

4. Data Retention and Deletion

  • We do not store or log customer data beyond the configuration period.
  • All tokens, credentials, and temporary files are deleted after project completion or upon written request.
  • Each connected platform manages its own retention policies. See: Zapier, Make, n8n, Workato, OpenAI.

5. Security Practices

  • All integrations use HTTPS/TLS 1.2+ encryption in transit.
  • Credentials are stored, if at all, within platform-provided vaults or environment variables.
  • Role-based access is enforced; accounts are protected by multi-factor authentication where available.
  • Platforms maintain SOC 2 Type II, ISO 27001, or equivalent certifications.

6. Your Rights (GDPR and CCPA)

Because eleoro does not control or retain your data, requests such as data access, correction, or deletion should be directed to the platforms that store your information. If you contact us about a data concern, we will assist by verifying that we hold no residual data and guiding you to the relevant provider.

Contact: privacy@eleoro.com

7. Cookies and Tracking

eleoro’s website uses minimal analytics cookies to understand traffic and improve user experience. No advertising or remarketing cookies are used. You can disable analytics cookies in your browser settings at any time.

8. Data Transfers

All data transfers occur directly between your connected platforms. When we access tools from outside the EEA, we rely on the platform’s existing transfer mechanisms (e.g., Standard Contractual Clauses, US-EU Data Privacy Framework). eleoro does not independently transfer or export customer data.

9. Sub-Processors

The primary platforms used for configuration and support include:

  • OpenAI (Agent Builder): Model hosting and inference.
  • Zapier, Make, Workato, n8n: Integration and workflow automation.
  • Google Workspace, Slack: Communication and file sharing.

Each maintains its own privacy and security programs. Links to their policies are provided above.

10. Incident Response

If we become aware of any unauthorized access or potential data exposure within a workflow we configure, we will:

  1. Notify the client contact within 72 hours.
  2. Assist in identifying affected systems and recommend remediation steps.
  3. Provide documentation from the platform involved.

11. Changes to This Policy

We may update this interim policy to reflect process or legal changes. The latest version will always be available at eleoro.com/privacy. We encourage you to review it periodically.

12. Contact

eleoro Team
Email: eleoro@eleoro.com
Raleigh, North Carolina, USA

To-Do for Legal Review

  • Validate controller/processor role per jurisdiction.
  • Review DPA template for consistency with this policy.
  • Confirm GDPR Article 28 compliance for EU clients.
  • Verify incident-notification timelines match contracts.
  • Add arbitration and governing-law clauses after counsel review.