CS Agent by Alwaison
Alwaison, Inc. ("Alwaison," "we," "us," or "our") is a Delaware corporation that operates CS Agent, an AI-powered assistant for Customer Success Managers. CS Agent is available at cs-agent.app (the "Service").
This Privacy Policy describes how CS Agent collects, uses, stores, and protects your information when you use the Service. It applies only to CS Agent. If Alwaison operates other products in the future, each will have its own privacy policy specific to that product.
Your use of the Service is also governed by our Terms of Service.
By using CS Agent, you agree to the practices described here. If you do not agree, do not use the Service.
CS Agent collects the following categories of information. For each category, we describe exactly what is collected, where it comes from, and why.
What: Your email address, name, and a unique account identifier, managed through our authentication provider Clerk.
Source: Provided by you when you create an account, or by your Google sign-in if you use "Sign in with Google."
Why: To identify you, authenticate your sessions, and communicate with you about the Service.
CS Agent accesses the following data from your Google account, only with your explicit consent via Google's OAuth flow, and only within the scopes you approve.
| Google scope | What CS Agent accesses | What CS Agent stores |
|---|---|---|
gmail.readonly |
Gmail message metadata for threads involving your customer contacts: subject lines, sender and recipient addresses, timestamps, thread identifiers. We request this data using Gmail's metadata format, enforced in our code at product/signals/gmail.py. As a result, we do not access or receive email bodies. |
Thread identifiers, subject lines, sender/recipient email addresses, and timestamps are stored in our database to produce your daily digest, detect when customers have gone silent, and surface proactive alerts. Email bodies are never received and therefore never stored. |
gmail.send |
Permission to send email on your behalf. | The body of emails sent through CS Agent resides in your Gmail Sent folder per normal Gmail behavior. We retain a copy of the approved draft text within CS Agent for your reference and to improve personalization for your individual account (see Section 2.5). We do not store sent emails separately from your draft history. |
drive.meet.readonly |
Read-only access limited to Google Drive files created or edited by Google Meet (meeting recording artifacts only). CS Agent uses this scope solely to identify Meet transcript files that pair with calendar meetings you were invited to and that Google Meet generated artifacts for. CS Agent reads only the Meet artifact Docs your Google account already has access to. We do not list, search, or access any other Drive content. This restriction is enforced both by the drive.meet.readonly scope's API-layer boundary (Google's authorization) and by CS Agent's application code, which limits Drive API calls to Meet transcript artifacts. |
Transcript file metadata (file ID, modified time) is referenced at query time to locate the correct transcript Doc and is not stored in our database beyond what is needed for that lookup. |
documents.readonly |
Read-only access to Google Docs, used solely to read the body of Meet transcript Docs identified via the drive.meet.readonly scope above. CS Agent does not access, list, or read any Google Docs other than Meet transcripts identified by file_id from the Meet scope query. CS Agent's application code limits documents.readonly calls to file IDs returned by drive.meet.readonly. This boundary is reviewed during code changes that touch the Drive or Docs integration. |
Transcript content is accessed at the moment of use and processed in two paths with different data handling: For the daily digest: an excerpt of up to 200 characters per transcript is included in the AI model prompt as supporting context. The excerpt is not retained after the model call returns. For post-call recaps and timeline entries (generated immediately after a customer meeting via Calendar event detection): the full transcript text is included in the AI model prompt so the AI can produce an accurate recap. The transcript is not retained after the model call returns. Post-call recap accuracy requires the complete meeting context — a capped excerpt would systematically miss commitments and decisions made later in the conversation. In both paths, transcript content is never persisted to our database, never used to train AI models (our processor Anthropic prohibits training on user data under contract), and never shared beyond the AI model call. The AI-generated recap and drafted timeline entry that result from the model call are stored as part of your digest, alert, and draft history (subject to retention rules in Section 6); the source transcript is not. |
calendar.readonly |
Read-only access to events on your Google Calendar, used to identify upcoming customer meetings and inform your digest. | Event titles, attendee email addresses, start and end times, and meeting type classifications are stored to produce your daily digest and post-call nudges. We do not modify your calendar. Calendar write (creating or editing events) is on our roadmap as a future feature and will require you to grant additional permission at that time. |
CS Agent also requests the standard OpenID Connect scopes (openid, userinfo.email) at sign-in to identify your Google account. No other Google data is accessed via these scopes.
We do not access any Google data outside the scopes you approve. You can revoke these permissions at any time through your Google account's security settings at myaccount.google.com/permissions.
If you connect HubSpot or Gainsight to CS Agent, we access customer relationship data such as account names, contact names and email addresses, deal stages, renewal dates, health scores, and open tickets or CTAs. This data is accessed only with your explicit OAuth consent and only for the purpose of surfacing relevant information in your daily digest, chat interactions, and proactive alerts.
CSP & CRM data is stored in our database under the retention rules in Section 6.
We collect data about how you interact with CS Agent: which features you use, which drafts you approve or edit, which alerts you act on, and general usage metrics. This data helps us improve the Service and personalize your experience (see Section 3).
When you approve, edit, or dismiss drafts that CS Agent generates, we store both the original draft and your edited version. This is called an "edit delta." Edit deltas help CS Agent learn your communication style and preferences for your own use only. Edit deltas are associated with your individual account and are not used to train models that serve other users.
Billing is handled by Stripe. We receive from Stripe a customer identifier, subscription status, and billing events. We do not store your full payment card details; that data is handled by Stripe under Stripe's own privacy policy.
CS Agent uses a small number of first-party cookies strictly necessary to operate the Service. These include a session cookie set by our authentication provider Clerk to keep you signed in. We do not use advertising cookies, tracking pixels, or third-party analytics cookies that follow you across the web. The Service may set a session cookie for landing-page access control when applicable.
We operate CS Agent on a principle of data minimization: we access only the data required to deliver the features you see, and we store only what is necessary to make those features work reliably.
We use the information described in Section 2 for the following purposes:
CS Agent's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically, CS Agent complies with each of the four Limited Use commitments as follows:
1. We limit the use of Google user data to providing or improving user-facing features that are prominent in CS Agent. Every use of Gmail, Calendar, and Drive data described in this policy directly produces output that you see in the CS Agent interface: digests, alerts, chat answers, drafts. We do not use Google data for internal operations that are invisible to you, except to the minimum extent required for security, error handling, and retention management.
2. We do not transfer Google user data to others except in narrow, specified circumstances. We transfer Google-derived data only to the service providers listed in Section 7 (Sub-processors), and only to the extent necessary to operate CS Agent on your behalf. We do not sell or rent your data. We will transfer your data as part of a merger, acquisition, or sale of assets only with adequate notice to you and only subject to this Privacy Policy, or to comply with applicable law.
3. We do not use Google user data for advertising. CS Agent does not serve ads. We do not use your Google data for personalized, retargeted, or interest-based advertising. We do not share your data with advertising networks or third-party ad platforms.
4. We do not allow humans to read your Google user data except: (a) with your specific consent, (b) for security purposes (such as investigating abuse), (c) to comply with applicable law, or (d) where the data has been aggregated and anonymized for internal operations. Routine engineering work at Alwaison does not involve reading user data.
On machine learning. Your data is used to personalize CS Agent for your own account. We do not use your data to train shared models that benefit other users. The language model CS Agent uses to generate drafts and answers is provided by Anthropic under contract terms that prohibit Anthropic from using your data to train their models (see Section 7).
Your data is stored on infrastructure operated by Render, Inc., which hosts our application servers, database, and background workers.
In transit. All data exchanged between your browser and CS Agent is encrypted using HTTPS (TLS 1.2 or higher). API calls to Google, HubSpot, Gainsight, Anthropic, and Stripe are likewise made over HTTPS.
At rest. Data is stored in a managed PostgreSQL database provided by Render, which applies at-rest disk encryption and restricts network access to authorized application components. Uploaded files and logs reside on encrypted application disks managed by Render.
Access control. Only a limited number of Alwaison personnel can access production systems, and access is logged through Render's identity and access management. We do not permit routine human review of your data (see Section 4).
International data transfers. Alwaison operates from the United States and your data is processed on servers located in the United States. If you are located outside the United States, including in the European Economic Area or the United Kingdom, you understand that your data will be transferred to and processed in the United States. If required by applicable law for users outside the United States, we will rely on legally approved transfer mechanisms such as Standard Contractual Clauses to govern such transfers.
Security incident notification. If we become aware of a security incident that compromises the confidentiality or integrity of your personal data, we will investigate promptly and notify affected users without undue delay. Where required by law or where the incident creates a material risk to you, we will notify within 72 hours of confirming the incident. Notifications will describe what happened, what data was involved, and what steps we are taking.
We retain different categories of data for different periods, based on what each category is used for:
| Data category | Retention period |
|---|---|
| Signal cache (Gmail/Calendar signal metadata used for chat latency) | 30 days |
| Daily digest history | 90 days |
| Proactive alert history | 60 days |
| Edit deltas (personalization data) | Until summarized into a preference profile; fallback 180 days |
| Interaction log (usage patterns) | Until summarized; fallback 180 days |
| Context snapshots (cached CSP & CRM context for your account) | Continuously refreshed; one current snapshot per user |
| Account and billing information | As long as your account is active, plus a reasonable period after cancellation for legal and accounting purposes |
When you cancel your subscription or explicitly request data deletion, all data in the first six categories above is purged within 30 days.
We use a small number of service providers to operate CS Agent. Each receives only the data necessary to perform its specific function, under contract terms that require them to protect your data.
| Sub-processor | Purpose | What they receive |
|---|---|---|
| Anthropic | AI language model for generating digests, alerts, and drafts | Metadata derived from your Google and CSP & CRM data (subject lines, contact names, signal descriptions). Bodies of emails are never sent. Meet transcript content (an excerpt of up to 200 characters for the daily digest, or the full transcript text for post-call recaps and timeline entries) may be included in prompts at the moment of use and is not retained after the model call returns; it is not stored by CS Agent. Under our contract, Anthropic does not use your data to train their models. |
| Render, Inc. | Application hosting, database, and background job processing | All CS Agent data, as the infrastructure provider |
| Clerk | Authentication and account management | Your email address, name, and account identifier |
| Stripe | Payment processing and subscription billing | Your email address, billing information, and subscription events |
| Google (Workspace SMTP) | Transactional email delivery (digest notifications, alerts, receipts) sent from hello@alwaison.com | Your email address and the contents of system emails sent to you |
We maintain data processing agreements (DPAs) or equivalent contractual commitments with each sub-processor requiring them to protect your data, limit use to what is necessary to perform the service on our behalf, and delete or return data when no longer needed.
If we add a new sub-processor, we will update this list and, if the change materially affects how your data is handled, we will notify you.
You have the following rights with respect to your data in CS Agent:
Your right to deletion applies regardless of where you live, not only under specific regional privacy laws.
CS Agent is a business tool intended for adult professionals. We do not knowingly collect data from anyone under 18. If you believe a child has provided us with information, please contact us and we will delete it.
This Privacy Policy and any dispute arising out of or relating to it are governed by the laws of the State of Delaware, United States, without regard to its conflict-of-laws principles.
If we make material changes to this policy, we will notify you by email to the address on your account and post the revised policy at cs-agent.app/privacy with a new "Last updated" date. Your continued use of CS Agent after changes become effective means you accept the revised policy. If you do not agree, you can cancel your subscription and request deletion.
For questions about this policy, requests to access or delete your data, or any other privacy-related inquiry, contact us at:
Alwaison, Inc.