How we handle
your data.

Overview

Apex Consulting Group, LLC ("Apex", "we", "us") operates the APEX AI Co-Pilot Chrome extension ("the Extension"). We are committed to protecting your privacy and handling your data responsibly.

This policy applies solely to the Extension. It does not cover our general consulting services or website, which may have separate terms.

Data We Collect

The Extension collects the following categories of information:

Sheet data is only transmitted when you explicitly use the AI Assistant or manually sync a sheet. The Extension does not collect data passively in the background.

How We Use Your Data

We use collected data solely to provide and improve the Extension's features:

• Authenticating your account and maintaining your session
• Syncing your Smartsheet data to power AI queries and insights
• Passing conversation context to the AI service to generate responses
• Copying and pasting automation workflows between sheets
• Generating automated executive summary feeds (Dashboard Feeds feature)

We do not use your data for advertising, profiling, or any purpose unrelated to operating the Extension.

Storage & Security

Authentication tokens and session data are stored locally in Chrome's extension storage on your device. Sheet data synced for AI queries is transmitted to our backend server over HTTPS and stored in a PostgreSQL database hosted on Railway.

We implement industry-standard security practices including encrypted transport (TLS), JWT-based authentication, and access controls on our backend infrastructure. No passwords are stored in plaintext.

Data retention: Synced sheet data is retained only as long as necessary to provide the service. You may request deletion of your account and associated data at any time by contacting us.

Third-Party Services

The Extension interacts with the following third-party services:

• Smartsheet — sheet data is accessed via the Smartsheet API under your authenticated session. Smartsheet's own privacy policy governs their data handling.
• Anthropic (Claude API) — conversation messages and sheet context are sent to Anthropic to generate AI responses. Anthropic processes this data per their privacy policy.
• Railway — our backend infrastructure provider. Data is hosted within their platform per their privacy policy.

We do not sell, rent, or share your data with any other third parties.

Your Rights

Depending on your location, you may have rights regarding your personal data including the right to access, correct, or delete it. To exercise any of these rights, contact us at the address below.

You may disconnect the Extension from your Smartsheet account at any time by revoking OAuth access within Smartsheet's connected apps settings.

Children's Privacy

The Extension is intended for business use by adults. We do not knowingly collect personal information from individuals under the age of 13. If you believe a child has provided us with personal information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Continued use of the Extension after changes constitutes acceptance of the updated policy.

For material changes, we will make reasonable efforts to notify users through the Extension or via email.