Privacy Policy

Last updated: 23 May 2026

DiveDesk is a guest communications assistant for dive operators. This policy explains how we collect, use, and protect information when operators use our service.

1. What DiveDesk Does

DiveDesk connects to a dive operator's Gmail inbox and WhatsApp Business number. It reads incoming guest messages, generates responses using the operator's knowledge base, and sends replies on the operator's behalf. When a message requires human attention, DiveDesk alerts the operator directly.

2. Google User Data

DiveDesk requests access to a dive operator's Gmail account using the gmail.modify scope. This access is used solely to:

DiveDesk does not read, store, or process any email content unrelated to guest inquiries. Access tokens are stored securely on our server and are used only to perform the functions described above. We do not sell, share, or transfer Gmail data to any third party. We do not use Gmail data to serve advertising.

Our use of Google user data complies with the Google API Services User Data Policy, including the Limited Use requirements.

3. Information We Collect from Operators

When an operator sets up DiveDesk, we collect:

4. Information Processed on Behalf of Operators

When DiveDesk processes guest messages, it handles:

This information is processed in real time to generate replies. We do not store guest message content beyond what is necessary to complete each response.

5. Third-Party Services

DiveDesk uses the following third-party services to operate:

6. Data Security

OAuth access tokens are stored on an encrypted persistent disk. We use HTTPS for all communications. We do not log email content beyond what is required for the immediate processing of a response.

7. Data Retention

OAuth tokens are retained until an operator disconnects their account or requests deletion. We do not retain guest message content after a response has been sent or a draft has been created.

8. Your Rights

Operators may request deletion of their account and all associated data at any time by contacting us at evan@divedesk.app. Operators may also revoke Gmail access at any time via their Google account settings at myaccount.google.com/permissions.

9. Changes to This Policy

We may update this policy as the service evolves. Changes will be posted at this URL with an updated date. Continued use of DiveDesk after changes are posted constitutes acceptance of the updated policy.

10. Contact

For questions about this privacy policy or how we handle your data, contact:
Evan Foster
DiveDesk
evan@divedesk.app
divedesk.app