GME AI is an AI workspace operated by GME Technical Services Pte. Ltd. ("GME AI", "we", "us", or "our"). This policy explains what information we collect, how we use and protect it, and the choices you have. It applies to the GME AI website (gme-ai.com), the portal application, and related services (collectively, the "Service").
A dedicated section below describes exactly how we handle data you authorize us to access through Google APIs (your Google account profile and Gmail sending), in accordance with the Google API Services User Data Policy, including its Limited Use requirements.
1. Information we collect
We collect only what we need to provide the Service:
Information you provide
- Account details — your name and email address when you register or sign in.
- Content you create — prompts, chats, documents, workflows, video projects, knowledge-base files, and other content you upload or generate inside the Service.
- Billing information — if you subscribe to a paid plan, payment is handled by our payment processor; we receive subscription status and invoices, not your full card number.
Information collected automatically
- Usage and device data — log records such as IP address, browser type, pages visited, and timestamps, used to operate, secure, and improve the Service.
- Cookies — a session cookie to keep you signed in and remember preferences. We do not use third-party advertising cookies.
Information from connected accounts
- Google account — if you choose to connect Google, we receive the data described in Section 3. Connecting Google is optional and only happens when you click “Connect”.
2. How we use information
- To provide, maintain, and operate the Service and its features.
- To authenticate you and keep your account secure.
- To send transactional and account messages you request or that are needed to run the Service.
- To respond to support requests.
- To detect, prevent, and address abuse, fraud, and security incidents.
- To comply with legal obligations.
3. Google user data
When you connect your Google account to GME AI, Google asks for your explicit consent on a Google-hosted screen before any access is granted. We request the minimum scopes needed:
| Scope requested | What it allows | Why we need it |
|---|---|---|
| openidemailprofile | Your basic Google profile: name, email address, and profile picture. | To identify your connected account and show you which Google account is linked. |
gmail.send |
Send-only. Lets GME AI send email on your behalf from your Gmail address. | So emails you compose or trigger inside GME AI (for example, an outreach or notification you choose to send) are delivered from your own address. |
What we do — and do not — do with this access
- The
gmail.sendscope cannot read, search, delete, or modify your emails. It can only send messages you initiate through GME AI. We never request read access to your inbox. - We send a message only when you trigger it (you compose or approve it in the Service). We do not send email autonomously without your action.
- We store the content of messages you send through the Service only as needed to deliver them and to show you your own sending history.
- No humans read your Google data, except: with your explicit consent; where needed for security or to investigate abuse or a support request you raised; or where required by law.
Revoking Google access
You can disconnect Google at any time inside the Service (Integrations → Disconnect), or revoke access directly from your Google Account at myaccount.google.com/permissions. Revoking immediately stops all further access and invalidates the stored tokens.
4. How we share information
We share personal information only in these limited cases:
- Service providers (subprocessors) — vetted vendors who host our infrastructure, process payments, or deliver email on our behalf, bound by contract to protect your data and use it only to provide their service to us.
- Legal and safety — when required by law, regulation, legal process, or to protect the rights, property, or safety of GME AI, our users, or the public.
- Business transfers — in connection with a merger, acquisition, or sale of assets, with notice to you and continued protection under this policy.
We never sell your personal information or your Google user data.
5. Data storage & security
- Connections are encrypted in transit using TLS/HTTPS.
- OAuth tokens and other sensitive secrets are encrypted at rest (AES-256-GCM) and isolated per account; they are never exposed in logs or to other users.
- Access to production systems is restricted, authenticated, and logged.
- While no system is perfectly secure, we work to protect your information and to promptly address any issues. You can report a security concern to security@gme-ai.com.
6. Data retention & deletion
- We keep your account data while your account is active and as needed to provide the Service.
- You may delete your content within the app at any time.
- On account closure, or on a verified deletion request, we delete or de-identify your personal data and revoke connected-account tokens, except where we must retain limited records to meet legal, accounting, or security obligations.
- To request deletion of your account or specific data, email hello@gme-ai.com.
7. Your rights & choices
Depending on where you live, you may have the right to access, correct, export, or delete your personal data, to object to or restrict certain processing, and to withdraw consent. To exercise any of these, contact us at hello@gme-ai.com; we respond within a reasonable period and in line with applicable law.
Children
The Service is not directed to children under 16, and we do not knowingly collect their personal data. If you believe a child has provided us data, contact us and we will delete it.
International transfers
We are based in Singapore and may process data in other countries. Where data is transferred across borders, we apply appropriate safeguards consistent with applicable law.
Changes to this policy
We may update this policy from time to time. Material changes will be posted on this page with a new “Last updated” date and, where appropriate, notified to you in the Service.
8. Contact us
GME Technical Services Pte. Ltd. (operating as GME AI)
- General & privacy: hello@gme-ai.com
- Security: security@gme-ai.com
- Website: https://gme-ai.com