Terms of Use & Privacy Notice

Broo stays on your computer. We do not create accounts, we do not harvest usage data, and nothing leaves your device unless you explicitly request it.

Privacy Notice

Broo stores all conversations, documents, automations, and memories inside your user directory (for example ~/Broo). The app runs offline by default and does not send your data to Broo’s infrastructure.

What we collect

  • Website analytics: When you visit our public website pages (broo.ai/download/ and broo.ai/ref/), we use Firebase Analytics to track:
    • Download page: Which operating system installer was downloaded (macOS, Windows), whether the download was auto-detected or manual, mobile reminder interactions, and page views
    • Referral page: Which referral coupons are viewed and copied, to help creators understand their impact
    This helps us understand platform adoption and measure referral program success. No personal identifiers are collected - only aggregated usage patterns. The Broo app itself has zero analytics or telemetry.
  • Support conversations: if you contact us via email or form, we use the information you provide solely to answer.

What we never collect

  • No accounts, no telemetry, no analytics on how you use Broo.
  • No copies of your chats, documents, memories, or automations.
  • No logging of scripts or commands executed on your computer.

Model downloads & licenses

Broo ships with three local models — “Broo Iniciante”, “Broo Esperto”, and “Broo MUITO Esperto”. They are derived from the open-source Qwen project (Apache 2.0 license, Alibaba Cloud) and GPT-OSS (Apache 2.0 license, OSS community). Each model is downloaded from our CDN the first time you request it and then runs entirely on your hardware. We do not proxy inference through Broo’s servers and we do not offer cloud-hosted models inside the app.

WhatsApp Agent

The WhatsApp Agent runs on the same machine as Broo. Pricing tables, calendars, scripts, and conversation history are stored locally. When you connect Google Calendar/Sheets, the connection is established directly from your computer.

Google Services Integration

When you choose to connect Google Calendar or Google Sheets, Broo establishes a direct OAuth connection between your computer and Google's servers. Broo does not share, transfer, or disclose your Google user data with any third parties. Specifically:

  • Direct connection: All API calls to Google services originate from your local machine, not Broo's servers.
  • No intermediary storage: Your Google Calendar events, spreadsheet data, and access tokens are stored only on your computer.
  • No data sharing: Broo does not send your Google data to our infrastructure, analytics providers, or any third party.
  • User-controlled access: You select which specific files and calendars Broo can access using Google's file picker. Broo only accesses files you explicitly grant permission to.
  • Revocable at any time: You can revoke Broo's access to your Google account at any time through your Google Account permissions page.

Broo uses Google user data solely to provide the features you request (e.g., scheduling appointments via WhatsApp, reading pricing tables from sheets). This data remains on your device and is never transmitted to Broo's servers.

Google User Data Access

When you authorize Broo to access your Google account, the app requests the following OAuth 2.0 scopes:

  • Google Calendar (https://www.googleapis.com/auth/calendar): Read, create, update, and delete calendar events across all your calendars. This enables appointment scheduling through WhatsApp Agent, calendar reminders, and automation features. Broo can access all calendars in your Google account to check availability and manage events.
  • Google Drive - File Access (https://www.googleapis.com/auth/drive.file): Access only files and spreadsheets that you explicitly select using Google's file picker interface. Broo cannot browse your Drive or access files you haven't selected. This scope is used to read Google Sheets data (pricing tables, inventory lists) for WhatsApp Agent responses and automation workflows.

Important: Broo uses the restricted drive.file scope, not full Drive access. This means:

  • Broo can only access Google Sheets and files you choose via the file picker dialog
  • Broo cannot see, list, or access other files in your Google Drive
  • Each file must be individually authorized by you through Google's picker interface

All data access happens locally on your device through direct API calls to Google's servers. Broo does not collect, store, or transmit your Google user data to external servers.

Data Protection & Security

Broo implements the following security measures to protect your sensitive data, including Google user data:

  • Local-only storage: All Google OAuth tokens, calendar events, and spreadsheet data are stored exclusively on your device in your local user directory (e.g., ~/Broo on macOS/Linux or %USERPROFILE%\Broo on Windows). No data is transmitted to Broo's servers.
  • OAuth 2.0 security: Authentication with Google services uses industry-standard OAuth 2.0 protocol with localhost callback (http://localhost:7777). Broo never sees or stores your Google password.
  • Encrypted token storage: OAuth access tokens and refresh tokens are encrypted and stored using your operating system's secure credential storage (Keychain on macOS, Credential Manager on Windows, Secret Service on Linux).
  • HTTPS-only communication: All network requests to Google APIs use encrypted HTTPS connections (TLS 1.2+) to prevent interception.
  • No cloud sync: Your Broo data folder, including Google credentials, is never synchronized to cloud storage by the app itself. You have full control over backups.
  • Minimal permissions: Broo requests only the minimum scopes necessary to provide requested features. For spreadsheets, we use the restricted drive.file scope instead of full Drive access.
  • Token refresh mechanism: Access tokens are automatically refreshed using refresh tokens to maintain secure access without requiring frequent re-authentication.

Data Retention & Deletion Policy

Broo provides full control over your data retention and deletion:

  • Google user data retention: Calendar events and spreadsheet data fetched from Google are cached locally only temporarily for performance. Broo does not maintain long-term copies of your Google data. Cached data is refreshed on each request to ensure accuracy.
  • OAuth token storage: Access tokens and refresh tokens remain stored in your device's local storage only while the Google integration is active. Tokens expire based on Google's security policies (typically 1 hour for access tokens) and are automatically refreshed using the refresh token.
  • Complete deletion options: You can permanently delete all Google integration data through any of these methods:
    • Disconnect in Broo settings: Use the "Disconnect Google" option in Broo's settings to remove local OAuth tokens, cached calendar/spreadsheet data, and file selections from your device.
    • Revoke via Google Account: Visit Google Account permissions to revoke Broo's access. This immediately invalidates all OAuth tokens.
    • Delete Broo data folder: Manually delete the Broo folder from your user directory to erase all local data including Google credentials and cached content.
  • No server-side retention: Because Broo never transmits your Google user data to our servers, there is no server-side data to delete. All data exists only on your local device.
  • App uninstallation: Uninstalling Broo does not automatically delete your local data folder. To fully remove all data including Google credentials, manually delete the Broo folder from your user directory after uninstalling. You should also revoke Broo's access via Google Account permissions to invalidate tokens.
  • File picker selections: When you select Google Sheets via the file picker, Broo stores only the file ID and name locally in a SQLite database for quick access. You can remove these selections at any time through Broo's settings without affecting the original files in your Google Drive.

Your control

You decide if and when to back up, move, or delete the Broo data folder. Removing the folder permanently erases your information; Broo does not keep a copy.

Terms of Use

1. Acceptance

By installing or using Broo you agree to these Terms. If not, uninstall the application.

2. License

  • You receive a non-exclusive license to use Broo on your devices.
  • Do not redistribute the installer, repackage it, or remove Broo branding without permission.
  • You may back up your Broo data for personal or business continuity.

3. Your responsibilities

  • You control the prompts, files, and automations run by Broo.
  • Approve scripts before running them; automations execute locally under your account.
  • If you connect third-party services (e.g. Google Calendar/Sheets or WhatsApp Business) you must comply with their terms.

4. WhatsApp Agent subscription

  • The agent add-on costs US$11.99/month per workspace.
  • Cancellation stops future billing immediately; the agent keeps working until the end of the paid period.
  • You retain access to all local transcripts even after cancelling.

5. Updates

We ship updates to improve security, compatibility, and performance. Some updates may be mandatory — this is part of offering Broo as a free, local-first application and ensuring integrations like the WhatsApp Agent keep working correctly.

6. Disclaimer

Broo is provided “as-is”. We are not liable for data loss, business interruption, or damage arising from automations you approve. Keep backups of important information.

7. Governing law & contact

These Terms follow the laws of the State of Florida, USA. Legal questions? Visit our support portal.