🔒 Security & Trust

Your Security Is
Our Foundation

Every Build My Agent deployment is built on principles of privacy, isolation, and transparency. We believe you deserve to know exactly what we can and cannot access — and why.

Transparency First

What We Access — And Why

We only request access to what's needed for your specific agents. Nothing more. Here's exactly what we might ask for:

📧

Gmail / Email access

So your email triage agent can read and categorise your inbox. Read-only by default. Write access only if you want agents to send or archive on your behalf.

Scoped
📅

Calendar access

So your scheduling agent can check your availability and book meetings without back-and-forth email chains.

Scoped
📊

CRM access

So your CRM updater agent can log call notes, update deal stages, and keep your pipeline accurate automatically.

Scoped
💬

Slack / communication tools

So agents can post summaries, alerts, or updates to relevant channels. Read-only or specific channels only.

Scoped

🚫 We Never Access

Bank accounts or payment systems
Personal files outside the agreed scope
Social media accounts (unless specifically requested and scoped)
Accounts we haven't been explicitly granted access to
Any system not documented in your onboarding agreement

Architecture

Your Private Server

Every client gets their own dedicated server. Your data never touches shared infrastructure.

✅ How YOUR setup works

Your Business Data
(Gmail, CRM, Calendar)
Your Private VPS
(dedicated to you only)
Your AI Agents
(running only for you)

All communication is encrypted end-to-end. Nothing leaves your server.

❌ How most SaaS AI tools work (NOT us)

Your Data
Shared Cloud
(thousands of tenants)
AI Processing
(mixed with others)
3rd Party Risk
🔒

Dedicated Environment

Your server is only accessible by you. No other client data ever touches it.

📍

Data Residency

Choose your server region. Your data stays in Australia (or wherever you need it).

👁️

Full Audit Logs

Every action your agents take is logged, timestamped, and reviewable by you.

Clear Boundaries

What We Can and Cannot Do

Honest and unambiguous. No vague disclaimers.

✅ We CAN do

Read and send emails on your behalf (when configured)
Update your CRM records
Create and accept calendar events
Generate reports from your data
Post to Slack channels you specify
Log call notes and action items
Summarise documents and emails
Trigger workflows in connected tools

❌ We CANNOT do

Transfer or withdraw money
Access accounts we haven't been given explicit access to
Store your data on our systems
Share your data with third parties
Make purchases on your behalf
Access anything outside the agreed scope
Act without audit trails
Override your human approval when required

You're in Control

Your Rights

You have complete control over your agents and your data. Always.

🔌

Revoke Access Anytime

You can revoke any agent's access in seconds. Here's how:

  1. 1Go to your Google Account → Security → Third-party apps
  2. 2Find 'My AI Workforce' and click Remove Access
  3. 3Email us at toby@MyAIWorkforce.ai to confirm shutdown
  4. 4We confirm all agent processes are stopped within 1 hour
🗑️

Request Data Deletion

Request full deletion of all your data at any time. We complete it within 30 days and send written confirmation.

Request deletion → toby@MyAIWorkforce.ai
📋

View Audit Logs

Every action your agents take is logged with a timestamp, action type, and outcome. You can request a full export of your logs at any time via your dashboard or by emailing us.

📦

Export Your Data

Request a full export of all data associated with your account in JSON or CSV format. We deliver it within 7 days. Your data, your format, your choice.

Security Questions — Answered Honestly

🛡️

Still Have Questions?

Security is too important to leave to FAQs. Book a free 30-minute security briefing call with Toby — no pitch, just honest answers to every question you have about how we protect your data.

Book a Security Briefing Call →Email Your Questions

Or read our Privacy Policy and Terms of Service