Privacy Policy
Effective date: 2026-06-17
Last updated: 2026-06-17
This Privacy Policy describes how Galileo OS ("Galileo", "we", "us") handles information when you use the Galileo software.
1. Who we are
Galileo OS is an open-source (Apache 2.0) AI marketing infrastructure product operated by Galileo Systems operated under registered business Expedience Groups. The source code is available at https://github.com/MannyAmah/GalileoOS.
Contact: emmanuel@expediencegroups.com
2. The short version
- Galileo runs locally on your computer. Your account credentials and brand data are stored on the device where you install Galileo. They are not uploaded to a central Galileo server.
- We do not collect, store, or process your TikTok, Meta, or other platform data on our servers. Galileo communicates directly between your computer and the platforms you connect.
- Every action that touches your connected accounts requires your explicit approval. Galileo's architecture makes autonomous publishing structurally impossible.
3. What information Galileo accesses
When you connect a platform (e.g., TikTok, Meta, Instagram, X, Google Drive) to Galileo, Galileo accesses only the minimum information needed for the connected feature. Specifically:
TikTok (when connected):
- Profile information (via
user.info.profile): Galileo reads your TikTok username and display name to confirm which account is connected and to show it in Galileo's user interface. No additional profile data is read. - Video publish capability (via
video.publish): Galileo can publish videos to your TikTok account, but only after you have explicitly approved each video in Galileo's interface.
Meta and Instagram (when connected): equivalent scope-by-scope, documented in-app at connect time.
Google Drive (when connected): read-only access to specific folders you point Galileo at for brand-material ingestion.
Galileo never accesses any other platform data without your explicit connection.
4. Where information is stored
All connected-platform data Galileo processes — including OAuth tokens, brand materials, drafted content, approval records, and AI-generated drafts — is stored locally on the computer where you installed Galileo. The data is held in an encrypted local database. It is not transmitted to any Galileo-operated server.
5. What we do not do
- We do not maintain a central database of your platform credentials, brand data, or content.
- We do not sell, share, or rent any data to third parties.
- We do not use your data to train AI models.
- We do not run analytics on your TikTok, Meta, or other platform activity beyond what is needed to display approval cards to you.
- We do not access your platform accounts when Galileo is not running on your computer.
6. Third-party services
Galileo communicates with the following third parties on your behalf, only when you have connected the corresponding platform and only to perform actions you have approved:
- TikTok (https://www.tiktok.com): OAuth authentication and content publishing under scopes you have explicitly granted.
- Meta / Instagram (https://www.meta.com): OAuth authentication and content publishing under scopes you have explicitly granted.
- Google (https://www.google.com): OAuth authentication for Google Drive when connected.
- Anthropic (https://www.anthropic.com) and/or OpenAI (https://www.openai.com): AI model inference for content drafting. Drafted content may be sent to these providers under their respective enterprise terms. No platform credentials are sent.
7. Data retention and deletion
- All Galileo data lives on your computer. You can delete it at any time by uninstalling Galileo or removing its local data directory.
- You can disconnect any platform at any time from Galileo's settings; doing so revokes Galileo's access token and deletes Galileo's local copy of the connection.
- Approval records (showing which videos / posts / actions you approved or rejected) are retained locally for audit purposes for as long as Galileo is installed; they are deleted with the rest of Galileo's data on uninstall.
8. Your rights
Because Galileo stores data locally on your device, you have direct control over it:
- Access: all data Galileo holds about you is in Galileo's local data directory.
- Deletion: remove the local data directory or uninstall Galileo.
- Portability: Galileo provides an export function under Settings → Export Data.
- Disconnect: revoke any platform connection from Galileo's settings.
If you have any question about your data that the above does not answer, contact us at emmanuel@expediencegroups.com.
9. Children
Galileo is a business tool, not directed at children. We do not knowingly process data of users under 13 (or under 16 in jurisdictions where that is the threshold). If you believe a child has used Galileo, contact us at emmanuel@expediencegroups.com and we will help you delete any related data.
10. Security
Galileo encrypts locally stored credentials at rest using AES-256-GCM with a key derived from a private key file stored locally on your machine (specifically, the Ed25519 keypair Galileo generates at install time). The key file lives in Galileo's local data directory; the security of your encrypted credentials is bounded by the security of your machine. We are evaluating moving the master key into your operating system's secure keychain in a future release; until that lands, the local-file approach is the correct trust boundary for the local-machine deployment model.
11. International users
Galileo is software you download and run; it does not transfer your data internationally on its own. The third-party services Galileo connects with (TikTok, Meta, Google, AI providers) may transfer data internationally per their own policies.
12. Changes to this policy
We may update this policy. Material changes will be announced in the Galileo repository (https://github.com/MannyAmah/GalileoOS) and via in-app notice. The "Effective date" at the top of this page reflects the current version.
13. Contact
Galileo Systems operated under registered business Expedience Groups
Email: emmanuel@expediencegroups.com