What we collect, and what we don't.

The Boring Workflows is a personal project. It is not a registered company. It is operated by a private individual (referred to as “the operator”, “I”, or “we” below — used interchangeably). You are using a service provided by a person, not an organisation.

Contact: anandlahoti.work@gmail.com.

When you sign up

• Your email address (so you can sign in and get notified)
• Your name, if you provide one
• The organisation you sign in for, and which teammates you invite

When you use the product

• The prompts you type into the chat
• The workflow definitions drafted on your behalf
• The submissions teammates fill in against published workflows
• Files you upload as attachments to a workflow (stored via UploadThing)
• Basic product usage events (which features you open, when, how often) — captured via PostHog

Stuff that is NOT collected

• Your contacts
• Other documents on your device
• Anything from your filesystem unless you explicitly upload it
• Cross-site tracking of any kind

• To actually run the service — your workflows are stored so you can come back to them
• To figure out which features are useful and which are broken
• To occasionally email you about your account, billing, or material service changes

To draft your workflows, prompts and conversation context are sent to AI providers. Currently:

• Google Gemini (operated by Google LLC)
• Groq
• OpenRouter (acting as a gateway to additional model providers)

These providers process the prompts to generate a response and return it. They each have their own privacy policies. None are paid to use your prompts to train their general-purpose models.

The full list of third-party processors:

• Clerk — authentication and organisation management
• PostHog — product analytics
• UploadThing — file uploads
• Langfuse — LLM call tracing and debugging
• The AI providers listed above

Your data is not sold and is not shared with anyone else for advertising or training purposes.

Application data is stored on servers in the United States and the European Union. Backups are encrypted at rest.

You can ask the operator to:

• Show you what is stored about you and your organisation
• Export your workflows and submissions as JSON or .docx
• Delete your account, your workflows, and your submissions
• Correct any account details that are wrong

Email anandlahoti.work@gmail.com and you’ll get a response within a few business days.

Just enough cookies to keep you signed in, remember which organisation you’re in, and run analytics. No advertising cookies. No third-party cookies for tracking.

This is beta software run by one person. Reasonable care is taken to keep data safe (passwords are hashed by Clerk, files are encrypted at rest), but no system is bulletproof. Please don’t put anything in here that would be catastrophic if it leaked. Use the beta with content you’d be comfortable losing or having seen by the operator while debugging an issue.

If anything material changes, you’ll see a notice the next time you sign in, and the “Last updated” date at the top of this page will change.