Privacy Policy
Effective July 2, 2026
What Apex is
Apex is a managed workspace for licensed loan officers to manage workflow across their tech stack. Apex helps operators review business context, draft communications, and use approved connector tools in a seamless, cohesive fashion. Apex never takes borrower-facing or external account action without explicit approval by the licensed operator.
Information we collect
Apex may collect operator account information, workspace routing information, app-session records, connector status, audit logs, messages or records an operator asks Apex to review, and artifacts produced by Apex during normal use.
Apex uses this information to provide the managed workspace, route the operator to the correct Apex cell, maintain connector state, display work back to the operator, support auditability, debug issues, and improve product reliability.
Google user data
When an operator signs in with Google, Apex requests basic profile information only to authenticate the operator and route them to the correct managed workspace. Google sign-in does not give Apex access to Gmail.
When an operator separately connects Gmail, Apex requests Gmail read and send scopes so the operator can ask Apex to review relevant mailbox context, prepare draft communications, and send email only after the operator explicitly approves the exact action. Apex does not autonomously send Gmail messages, delete Gmail messages, archive Gmail messages, move Gmail messages, or mark Gmail messages without operator approval.
Apex stores only the tokens and operational records needed to keep the operator's Gmail connector working, show connector status, provide the requested workspace functionality, and maintain auditability. Apex may process Gmail message content only when needed to provide operator-requested workflow assistance, such as reading relevant mailbox context, finding likely mortgage leads, preparing draft communications, or executing an operator-approved send.
Apex does not use Google user data for advertising, does not sell Google user data, does not use Google user data to train generalized AI or machine-learning models, and does not transfer Google user data except as needed to provide and operate Apex, comply with law, or act with the operator's direction.
Apex's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
How information is protected
Apex is built around managed cells, approval gates, audit records, and restricted connector custody. Access to operational data is limited to authorized operators and maintainers who need it to provide, support, secure, and improve the product.
Retention and deletion
Apex keeps operational records only as needed to provide the product, support auditability, debug issues, and improve reliability. Operators may request access, correction, disconnection of Google access, or deletion by contacting support.
Contact
For privacy questions or data requests, contact george@always-invert.com.