Effective June 07, 2026. Last Revised June 07, 2026.
Heirloom is a lightweight operating system for co-ops, shared-ownership teams, collectives, founder-support programs, and human-centered organizations. We collect information needed to provide, secure, maintain, and improve Heirloom.
a. Information you provide to us: We may collect your name, email address, profile information, organization or Loom information, messages, posts, tasks, proposals, comments, decisions, documents, files, support requests, and other content you submit through Heirloom.
b. Information we collect automatically: We may collect device and browser information, IP address, log data, pages viewed, feature usage, error reports, and cookie or similar tracking information used for authentication, security, analytics, and product improvement.
c. Information from third-party integrations: If you choose to connect a third-party service, including Google, we may collect or process information from that service only after you authorize the connection.
If you choose to connect your Google account to Heirloom, we may access or process Google user data only after you authorize access through Google OAuth. Heirloom only requests Google permissions needed to provide the user-facing Google integration features you choose to use.
Depending on the Google features you enable, Heirloom may access, collect, or interact with the following types of Google user data:
Heirloom's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
We use information to provide, maintain, secure, and improve Heirloom. This includes using information to:
We do not sell Google user data. We do not use Google user data for targeted advertising, retargeting, personalized ads, data broker services, credit-worthiness decisions, lending purposes, or unrelated marketing. We do not use Google user data to train generalized AI models.
We use reasonable administrative, technical, and organizational safeguards to protect information from unauthorized access, disclosure, alteration, or destruction.
Google OAuth tokens and integration credentials are stored securely and are used only to provide the Google integration features you authorize.
No system is perfectly secure, but we work to protect information using practices appropriate for the nature of the data and the size of the service.
We retain information for as long as needed to provide Heirloom, maintain security, comply with legal obligations, resolve disputes, and enforce agreements.
For Google user data:
You may request deletion of your account or personal information by contacting us at heirloom.connect@gmail.com. Some information may remain in backups, logs, security records, or legal records for a limited period where necessary for security, fraud prevention, compliance, or legitimate business operations.
You may control certain information and account settings through Heirloom or by contacting us.
Disconnecting a Google integration may limit or disable features that depend on that integration.
Heirloom is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete it. Where Heirloom requires users to be older than 13 or 18 for certain features, users must meet those requirements to use the service.
We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date and may provide additional notice through the service or by email. If we materially change how we use Google user data, we will update this Privacy Policy and obtain any consent required before using Google user data in a new way.
If you have questions about this Privacy Policy or want to request access, correction, deletion, or disconnection of your data, contact us at:
Heirloom
heirloom.connect@gmail.com