1. Who we are
This Privacy Policy explains how [YOUR_NAME_OR_ENTITY] (“we”, “us”, “our”) handles personal information in relation to VidLab (“the Service”).
Contact: [CONTACT_EMAIL]
2. What VidLab does
VidLab is a private automation service built on n8n that lets authorised users connect third-party accounts
(for example, Google services) and run automated workflows (e.g., moving files, reading/writing spreadsheets, sending messages).
3. The personal information we collect
Depending on what you connect and what you authorise, we may collect and store:
- Account identifiers (e.g., your name, email address, basic profile info from the connected provider).
- OAuth authorisation data (e.g., access tokens/refresh tokens and related metadata required to keep the connection working).
- Workflow data you choose to process (e.g., file names, spreadsheet rows, email headers/content, calendar items) as permitted by the scopes you approve.
- Operational logs (e.g., timestamps, workflow names, error messages, request IDs, IP address) to troubleshoot and secure the Service.
4. How we collect information
- Directly from you when you configure connections or enter information into workflows.
- From connected services when you authorise VidLab via OAuth and the provider sends data back to us.
- Automatically via server logs and security telemetry when you use the Service.
5. Why we collect and use information
We use personal information to:
- Provide and operate the Service (run workflows you configure).
- Authenticate connections and maintain integrations (including token refresh).
- Monitor reliability, troubleshoot issues, and improve performance.
- Protect against misuse, fraud, and security incidents.
- Comply with legal obligations where applicable.
We aim to use the minimum data and scopes needed for the workflow features you enable.
6. Sharing and disclosures
We do not sell personal information.
We may share information only in these situations:
- Service providers that host or support VidLab (e.g., infrastructure/hosting, storage, monitoring).
- Connected providers (e.g., Google) as part of normal OAuth/integration operation.
- Legal and safety where required by law, or to prevent or investigate suspected wrongdoing or security issues.
7. Overseas disclosure
Our service providers (including cloud infrastructure) may store or process data outside Australia. Where we use overseas providers, we take reasonable steps to ensure appropriate safeguards are in place.
8. Security
We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure, including access controls and encryption in transit where supported.
9. Data retention
We keep information only as long as needed to operate VidLab and for legitimate operational or legal purposes. OAuth tokens are stored while the connection remains enabled. Operational logs are retained for [e.g., 30–90 days] unless a longer period is required for security or compliance.
10. Access and correction
You can request access to or correction of personal information we hold about you by contacting us at [CONTACT_EMAIL]. We will respond within a reasonable time.
11. Complaints
If you believe we have mishandled your personal information, contact us first so we can investigate and respond. If you are not satisfied with our response, you may be able to lodge a complaint with the Office of the Australian Information Commissioner (OAIC).
12. Changes to this policy
We may update this Privacy Policy from time to time. The updated version will be published on this page with a new “Last updated” date.