Privacy

Workeros Cloud stores workspace data so workers, the workspace agent, and connected tools can operate across sessions. Data is scoped by workspace and authenticated user.

What is stored

• Workers and runs - worker definitions, inputs, run logs, tool calls, outputs, errors, schedules, approvals, and artifacts.
• Brain packs - files and notes added to workspace knowledge packs, plus version history where enabled.
• Connections and secrets - OAuth connection metadata, MCP server configuration, secret names, and encrypted secret values. Secret values are write-only through the browser.
• Workspace agent data - instructions, resolved prompts, conversations, channel wiring, and tool configuration.
• Product telemetry - page views, safe UI interaction events, error events, and coarse environment details such as viewport size and timezone. Telemetry is sanitized server-side: token-shaped strings, email addresses, and sensitive property keys are redacted before storage.

Where data is stored

Cloud workspace records are stored in Supabase with row-level workspace/user policies. Workers execute in E2B sandbox microVMs. Connected-tool actions may be brokered through Composio or MCP servers configured by the workspace.

Third parties

Workeros can send data to providers selected for a workspace, including model providers, E2B, Composio, OAuth providers such as Google or Slack, MCP servers, and transactional email providers when email is enabled. Those providers process data under their own terms.

Controls

• Telemetry preferences, export, and deletion are available through the telemetry API.
• Workspace API tokens are scoped to one workspace and can be revoked.
• Secrets can be deleted or rotated by the workspace owner.
• Workers, runs, approvals, and brain-pack files can be deleted from the app.

See also the Terms.