ARLO ("ARLO", "we", "us") provides a tool that lets businesses connect their marketing platforms (Google Analytics, Search Console, Ads, YouTube, Business Profile, and others) to Claude Desktop via the Model Context Protocol (MCP). This policy explains what data we collect, why, and how we protect it.
1. Data we collect
Account data
- Your name, email address, and Google account ID when you sign in.
- Your business name, website URL, and any team members you invite.
Connection credentials
- OAuth access and refresh tokens for any third-party platform you connect (Google Analytics, Search Console, Google Ads, YouTube, Google Business Profile, and others as added). These tokens grant ARLO permission to read data from those platforms on your behalf.
- Tokens are encrypted at rest using AES-256 before being stored in our database.
- We never receive or store your account passwords for any third-party platform.
Usage data
- An audit log of every Model Context Protocol tool call made through your workspace — which tool was called, with which arguments, success/failure, and duration. This is used for billing, debugging, and to give workspace owners visibility into how their team uses the product.
- Standard web analytics (page views, referrers) on our marketing site.
2. How we use Google user data
ARLO's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically, when you connect a Google account, we request access to one or more of the following scopes — only the ones you grant — and use them strictly to fulfil the queries you (or Claude, acting on your behalf) send to ARLO:
- analytics.readonly — read-only access to your Google Analytics 4 properties to surface traffic, conversion, and user-behaviour data on your dashboard and answer questions in Claude.
- webmasters.readonly — read-only access to your Search Console properties to surface organic search performance.
- adwords — read-only access to Google Ads spend, conversions, and campaign performance.
- youtube.readonly + yt-analytics.readonly — read-only access to your YouTube channel performance.
- business.manage — read your Google Business Profile insights (Maps views, direction requests, calls, reviews). We do not modify your Business Profile.
We do not use Google user data for advertising, do not transfer it to third parties except to provide the service you requested, and do not allow humans to read it except (a) with your explicit consent, (b) as needed for security or to comply with law, or (c) when the data is aggregated and used for internal operations in a way that cannot identify you.
3. Sub-processors
We share data with these third parties only as required to operate the service:
- Convex — database and serverless backend hosting.
- Vercel — application hosting and edge delivery.
- Anthropic — when you connect your ARLO MCP URL to Claude Desktop, your queries (and the data ARLO returns to Claude) flow through Anthropic to generate responses. Anthropic's privacy policy applies to that interaction.
- Stripe — payment processing for paid plans.
4. Data retention & deletion
- You can disconnect any platform at any time from the Connections page; we immediately revoke and delete the stored tokens.
- You can delete your workspace at any time, which permanently removes all your data within 30 days.
- Audit logs are retained for up to 3 years depending on your plan (see your plan's details).
5. Security
- OAuth tokens are encrypted at rest with AES-256.
- All data transfer uses TLS 1.2+.
- We follow least-privilege access controls internally; no member of our team has direct production database access without a signed access request and audit trail.
6. Your rights
Depending on your jurisdiction (GDPR, CCPA, PIPEDA, etc.) you may have the right to access, correct, export, or delete the personal data we hold about you. Email hello@askarlo.app and we'll respond within 30 days.
7. Children
ARLO is not directed to children under 13 (or under 16 in the EEA) and we do not knowingly collect data from them.
8. Changes to this policy
We'll update this page when our practices change and revise the "Last updated" date at the top. For material changes, we'll notify active workspaces by email at least 30 days before the change takes effect.
9. Contact
Questions? Email hello@askarlo.app or write to ARLO, c/o Bryce Choquer, Canada.
See also our Terms of Service.