ferrule

Privacy Policy

Effective date: March 19, 2026

Ferrule ("we", "us", "our") operates a multi-tenant MCP (Model Context Protocol) gateway that connects your third-party service accounts to AI assistants. This Privacy Policy describes what data we collect, how we use it, and your rights regarding that data.

1. Information We Collect

Account Information

When you create a Ferrule account, we collect your email address and a hashed password. If you enable multi-factor authentication, we store TOTP secrets and/or WebAuthn credential identifiers.

OAuth Tokens

When you connect a third-party integration (e.g., PracticePanther, Lawmatics, Zoom Phone, Zoom Users, CallRail, QuickBooks Online, Slack, Google Search Console, Google Analytics, Notion, Google Drive, Google Calendar, Google Docs, Google Sheets, Box), we store the OAuth access and refresh tokens required to call those APIs on your behalf. All tokens are encrypted at rest using AES-256-GCM. Tokens are never logged or exposed in plaintext.

API Keys

If you generate a Ferrule API key for programmatic access, we store a SHA-256 hash of the key. The plaintext key is shown once at creation and is never stored.

Third-Party Data Accessed via Integrations

Ferrule acts as a pass-through gateway. When an AI assistant calls a tool through Ferrule, we forward the request to the connected service and return the response. We do not persist, index, or cache the data returned by third-party APIs.

Website Analytics (ferrule.io)

The ferrule.io marketing site uses Google Analytics 4 with Google Consent Mode v2. Until you accept the cookie banner, the analytics_storage, ad_storage, ad_user_data, and ad_personalization signals are all set to denied. In that state, Google Analytics receives only anonymous, cookieless pings — no _ga cookie is written and no persistent identifier is stored. If you accept the banner, we store a ferrule-consent=accepted cookie and Google Analytics switches to full measurement with the _ga and _ga_* cookies. If you decline, we store a ferrule-consent=declined cookie and Google Analytics remains in cookieless mode. You can change your choice at any time by clearing the ferrule-consent cookie in your browser.

2. QuickBooks Online Integration

The Ferrule QuickBooks Online integration provides read-only access through 67 tools covering find, get, and report operations. These tools access data including but not limited to:

  • Invoices, estimates, sales receipts, and credit memos
  • Customers, vendors, and employees
  • Bills, bill payments, and purchase orders
  • Payments and payment methods
  • Accounts, items, and tax codes
  • Journal entries, deposits, and transfers
  • Financial reports (profit & loss, balance sheet, etc.)
  • Company information and preferences

No create, update, or delete operations are performed. Ferrule does not modify your QuickBooks data.

3. Google API Integrations

Ferrule integrates with the following Google services via OAuth:

  • Google Search Console — Ferrule accesses your Search Console data (search queries, impressions, clicks, indexing status, and site performance metrics) to surface this information through AI assistant tools.
  • Google Analytics (GA4) — Ferrule accesses your Analytics data (page views, sessions, user metrics, traffic sources, and event data) to surface this information through AI assistant tools.
  • Google Drive — Ferrule accesses your Drive data (file metadata, folder structure, file content, shared drive information) and can upload files, create folders, and move or rename files on your behalf.
  • Google Calendar — Ferrule accesses your Calendar data (events, calendars, attendees, scheduling information) and can create events on your behalf.
  • Google Docs — Ferrule accesses your Docs data (document content, text, formatting) and can create and edit documents, insert text, and update styles on your behalf.
  • Google Sheets — Ferrule accesses your Sheets data (spreadsheet values, cell ranges, sheet metadata) and can create spreadsheets, update values, and append data on your behalf.

Google Drive, Google Calendar, Google Docs, and Google Sheets are personal-scope integrations — they access data associated with the authenticated user's Google account only, not organization-wide data.

Ferrule accesses Google user data only to provide and improve the Ferrule gateway service. Ferrule does not use Google user data for any other purpose. Ferrule acts as a pass-through and does not persist, cache, or store data returned by Google APIs beyond the duration of the request.

Ferrule's use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements.

4. Box Integration

Ferrule integrates with Box via OAuth. Ferrule accesses your Box account data including:

  • Files, folders, file metadata, collaborations and shared links, tasks, comments, file versions
  • Write operations: uploading files, creating folders, managing collaborations, creating tasks and comments

Box is a personal-scope integration — it accesses data associated with the authenticated user's Box account only.

Ferrule acts as a pass-through and does not persist, cache, or store data returned by the Box API beyond the duration of the request.

5. How We Use Your Information

  • To authenticate you and manage your account
  • To forward API requests to connected third-party services on your behalf
  • To refresh expired OAuth tokens so integrations remain connected
  • To enforce organization-scoped data isolation (each organization's integrations are separate)

6. Data Sharing

We do not sell, rent, or share your personal information or third-party data with any parties. Data retrieved through Ferrule is only sent to the AI assistant or client that initiated the request through your authenticated session or API key.

We do not transfer or disclose Google user data to third parties for purposes other than providing the Ferrule service. Specifically, Google user data is never used for:

  • Targeted, personalized, retargeted, or interest-based advertising
  • Selling to data brokers or information resellers
  • Determining credit-worthiness or for lending purposes
  • Building databases unrelated to the Ferrule service
  • Training AI or machine learning models

7. Data Security

  • OAuth tokens are encrypted at rest with AES-256-GCM using a dedicated encryption key
  • Passwords are hashed and never stored in plaintext
  • API keys are stored as SHA-256 hashes
  • Multi-factor authentication (TOTP and WebAuthn) is supported
  • All connections use TLS encryption in transit

8. Data Retention and Deletion

We retain your personal information only for as long as necessary to provide the Ferrule service and fulfill the purposes described in this policy. Specifically:

  • Account data — retained for the duration of your active account
  • OAuth tokens — immediately deleted when you disconnect an integration
  • Third-party API data (including Google user data) — not persisted; exists only in memory for the duration of each request

If you delete your account, all associated data (account information, integrations, API keys) is permanently removed. You may request deletion of your data at any time by contacting [email protected].

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you
  • Correction — request that we correct inaccurate or incomplete personal data
  • Deletion — request that we delete your personal data
  • Portability — request a machine-readable copy of data you have provided to us
  • Restriction — request that we restrict processing of your personal data
  • Objection — object to our processing of your personal data
  • Withdraw consent — where processing is based on consent, withdraw that consent at any time

To exercise any of these rights, contact us at [email protected]. We will respond to your request within 30 days. You also have the right to lodge a complaint with your local data protection authority if you believe your rights have not been respected.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email.

11. Contact

If you have questions about this Privacy Policy, contact us at [email protected].