Turin
Get started

TURIN PRIVACY POLICY

Last Updated: February 23, 2026

This Privacy Policy explains how Oluwademilade Bickesteth and Oluwafimidaraayo Ayodele, doing business as "Turin" ("Turin," "we," "us," or "our") collects, uses, and shares information when you visit turin.cc or use Turin's products and services (collectively, the "Services").

If you do not agree with this Privacy Policy, do not use the Services.

1) SCOPE AND IMPORTANT ROLES (B2B)

Turin is primarily a business-to-business (B2B) service. When an organization (the "Customer") uses Turin, Turin processes information on behalf of that Customer.

  • "Customer Data" means information submitted to the Services by or on behalf of a Customer or its authorized users, including information accessed from connected third-party tools at the Customer's direction.
  • In most cases, the Customer is the "controller" (or similar legal role) for Customer Data, and Turin is the "processor" (or similar role). The Customer's agreement with Turin may further describe these roles.

This Privacy Policy does not apply to third-party applications or services that integrate with the Services ("Third-Party Services"). Those Third-Party Services have their own terms and privacy policies.

2) INFORMATION WE COLLECT

We collect information in the following categories:

A. Account and Profile Information

Name, email address, organization name, role, login credentials (or SSO identifiers), and account settings.

B. Customer Data (Content You Provide or We Access at Your Direction)

Depending on configuration, Customer Data may include:

  • Emails, messages, attachments, and metadata processed via connected accounts (e.g., Gmail/Google Workspace, Microsoft, Slack, CRM tools).
  • Calendar events, scheduling preferences, and meeting details.
  • Documents, SOPs, templates, policies, and examples uploaded to train or guide an AI employee within your workspace.
  • Tasks, workflows, outcomes, notes, and internal operational content.

C. AI Interaction, Memory, and Audit Data

Because Turin provisions AI employees with configurable autonomy and auditability, we may collect or generate:

  • Prompts/instructions you provide (including role definitions, constraints, and policies).
  • AI outputs (drafts, summaries, suggestions, decisions, action plans).
  • Memory entries and edits (what you store, remove, or modify in memory).
  • Approvals, overrides, escalations, exception handling events, and related control-plane actions.
  • Audit logs that record tool calls, actions, timestamps, and actors (human or AI employee) within the workspace.

D. Integration Data (Third-Party Services)

If you connect Third-Party Services, we receive data and permissions scopes you authorize (usually via OAuth tokens or similar). We do not receive your third-party account password in typical OAuth-based integrations.

E. Billing and Transaction Information

If you purchase paid Services, we (and our payment processors) collect billing contact details, payment method details, invoices, plan level, credits/usage, and transaction records.

F. Usage and Device Data

We automatically collect: IP address, device identifiers, browser type, operating system, timestamps, logs, pages/actions, diagnostics, and security events.

G. Cookies and Similar Technologies

We use cookies and similar technologies to operate and secure the Services, remember preferences, and understand usage. You can manage cookies through your browser settings and, where available, cookie preference tools.

3) GOOGLE API DATA (IF YOU CONNECT GOOGLE WORKSPACE)

If you connect Google Workspace (e.g., Gmail/Calendar/Drive), Turin's use and transfer of information received from Google APIs will comply with the Google API Services User Data Policy, including the Limited Use requirements.

In practice:

  • We use Google user data only to provide and operate the features you request (e.g., reading/sending emails you authorize, scheduling, drafting, and auditing actions).
  • We do not sell Google user data.
  • We do not use Google user data for advertising.
  • We limit human access to Google user data except as needed for support, security, or legal compliance (and only with appropriate authorization and controls).

4) HOW WE USE INFORMATION

We use information to:

  • Provide, maintain, and secure the Services.
  • Operate AI employees, including generating drafts, recommendations, and actions consistent with your workspace settings.
  • Enforce autonomy controls (e.g., recommend-only, approve-to-act, autopilot) and customer-configured policies/guardrails.
  • Provide audit logs, reporting, and workspace administration.
  • Provide customer support and respond to requests.
  • Prevent fraud, abuse, and security incidents.
  • Improve and develop the Services (including reliability, safety, and usability).
  • Send service notices (security updates, changes to Services) and, where permitted, marketing communications (you can opt out of marketing emails).

We may use aggregated or de-identified information for analytics and business purposes.

5) HOW WE SHARE INFORMATION

We may share information as follows:

A. Within Your Workspace

Customer Data and related metadata may be accessible to your organization's authorized Users and administrators, depending on permissions and settings.

B. Service Providers (Subprocessors)

We use third-party vendors to host infrastructure, provide analytics, payment processing, error monitoring, customer support tooling, and (where configured) AI model processing. These vendors are required to protect information under contractual obligations and appropriate security measures.

C. Third-Party Services (Integrations)

If you enable integrations, we share information with Third-Party Services as needed to perform the requested integration actions.

D. Legal, Safety, and Compliance

We may disclose information if required by law or legal process, or to protect rights, property, or safety of Turin, Customers, Users, or others.

E. Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction subject to appropriate protections.

F. With Consent

We may share information with your consent or at your direction.

6) DATA RETENTION

We retain information for as long as necessary to provide the Services and for legitimate business and legal purposes.

  • Plan-based retention: Retention for conversation history, audit logs, and workspace records may vary based on your plan and settings.
  • Deletion: Customers can delete certain content, memory, or workspace data through the Services or by contacting support, subject to technical and legal constraints.
  • After termination: Unless otherwise agreed, we retain Customer Data for a limited period to allow export and account recovery, then delete or de-identify it within a reasonable timeframe.

7) SECURITY

We use technical and organizational measures designed to protect information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

In the event of a data breach that affects your personal information, we will notify affected parties as required by applicable law. Where required, we will provide notice without undue delay and, where specific timeframes apply, within those timeframes.

8) INTERNATIONAL TRANSFERS

Information may be processed and stored in countries other than your own, including the United States. These countries may have data protection laws that differ from those in your country.

Where required by applicable law (including the EU General Data Protection Regulation / "GDPR"), we use appropriate safeguards for cross-border transfers, such as Standard Contractual Clauses approved by the European Commission or other recognized transfer mechanisms. If you are in the European Economic Area, United Kingdom, or Switzerland, you may contact us to request information about the specific transfer mechanisms we rely on.

9) CALIFORNIA RESIDENTS

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) may provide you with additional rights regarding your personal information.

Categories of personal information collected: We collect the categories described in Section 2 above, which may include identifiers, professional information, internet activity data, and inferences. We do not sell or share personal information for cross-context behavioral advertising.

Your California rights (subject to verification and applicable exceptions):

  • Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you, the sources, our business purposes for collection, and the categories of third parties we share it with.
  • Right to Delete: You may request deletion of personal information we hold about you, subject to certain exceptions.
  • Right to Correct: You may request correction of inaccurate personal information.
  • Right to Opt-Out of Sale/Sharing: We do not sell your personal information or share it for cross-context behavioral advertising.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights.

B2B note: For Customer Data processed on behalf of a business Customer, Turin typically acts on the Customer's instructions. If you are an individual User, please contact your organization's administrator to exercise rights related to Customer Data.

To submit a California privacy request, contact us at legal@turin.cc.

10) YOUR RIGHTS AND CHOICES

Depending on your location, you may have rights to access, correct, delete, or object to certain processing of your personal information.

B2B note: For Customer Data, Turin typically acts on the Customer's instructions. If you are a User and want to exercise rights regarding Customer Data, contact your organization's administrator. We will assist Customers as required by law and applicable agreements.

11) CHILDREN

The Services are not directed to children and are not intended for individuals under 13 (or a higher age if required by local law, such as 16 under GDPR). If you believe a child provided us information, contact us to request deletion.

12) CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. We will post the updated version on our website and update the "Last Updated" date. If changes are material, we will provide additional notice as required.

13) CONTACT US

Email: legal@turin.cc

Mailing Address (may change): 580 California Street San Francisco, CA 94104 United States

We may update our contact address by posting a new address on turin.cc or by responding from our official email addresses.