Proposing that GPT Experts using public APIs without collecting or handling user data should not be required to provide a privacy policy.
Hi OpenAI team and fellow builders,
as a GPT Expert developer, I’ve been thinking about ActionsGPT setups that only use public third-party APIs without involving any backend or storing any data.
In these cases:
- There is no personal backend
- No API keys are required
- The GPT Expert does not collect or store any data
- User inputs are sent directly to public endpoints
Requiring a privacy policy for such Experts seems excessive and may discourage creators from publishing lightweight, public-use tools
➤ Suggestion:
OpenAI could either:
- Exempt GPT Experts from needing a privacy policy when no data is collected or handled directly
- OR provide a default disclaimer/privacy note for these cases, such as:
“This GPT Expert does not collect or store any personal data. Some user input may be sent to public third-party APIs (e.g., OpenStreetMap, Open-Meteo). Please refer to the respective services for their privacy terms”
This would improve clarity for users while reducing unnecessary work for developers.
Looking forward to hearing what others think!