At ThinkLoop, we build next-generation directory routing and workspace administration automation. We are committed to protecting your organization's data privacy and security. This Privacy Policy describes how we collect, use, process, and disclose information when you utilize our services and integrations.
1. Information We Collect
To provide our automated directory routing services, we collect and process several categories of information:
- Integration Credentials: Access tokens, authorization codes, and configuration parameters (such as connection identifiers, domain names, and integration slugs) that you establish when connecting external identity providers or platforms (e.g., Google Workspace, Okta) via our secure routing infrastructure.
- Directory Metadata: Basic administrative details necessary to manage users, such as administrator email addresses, organization profile metadata, user statuses, and group memberships.
- System Logs & Usage Data: IP addresses, browser types, log-in timestamps, routing event execution logs, API response codes, and system diagnostic actions performed to monitor platform health and debug integration issues.
2. How We Use Your Information
ThinkLoop processes data based on your organization's configuration and instruction. We use this information to:
- Provision, maintain, and secure the ThinkLoop platform services and backend routing engines.
- Authenticate and establish secure connections with your external SaaS directories (such as Google Cloud Admin SDK or Okta APIs) using short-lived tokens and credential management best practices.
- Execute authorized directory management tasks, including account status validation, directory synchronization, and access control compliance.
- Respond to support inquiries, run diagnostics, resolve runtime errors, and verify the performance of active integrations.
3. Security and Storage
We implement industry-standard security mechanisms to protect your credentials and metadata:
- Secure Transit: All data transmitted between your browser, our application servers, and external integrated services is encrypted using TLS 1.3 (Transport Layer Security).
- Credential Protection: Integration tokens and secret parameters are encrypted at rest and stored securely using isolated environment configurations and verified backend vaults.
- Token Minimalism: We fetch short-lived OAuth session tokens where possible to ensure that credentials expire automatically and reduce the window of exposure.
4. Third-Party Services and Integrations
ThinkLoop offers optional direct connections to third-party providers (such as Google Workspace APIs and Nango SaaS middleware).
When you authorize these integrations, you direct ThinkLoop to securely pass authorization tokens and commands on your behalf. We recommend reviewing the privacy statements and data policies of those third-party providers, as their usage of information is governed by their respective agreements.
5. Data Retention & Deletion
We retain integration parameters and logs only for as long as necessary to perform the directory sync services. If you disconnect an integration or close your account, we will purge connected authorization tokens and integration configurations from our live databases within 30 days of your request.
6. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our technology or compliance guidelines. If we make material changes, we will notify you by posting the updated policy on this page with a revised "Last Updated" date.
7. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our security practices, please contact our security team at: security@thinkloop.ai.