BACK TO HOME

Privacy Policy

How we handle your data and protect your privacy

Last updated: October 13, 2025

What Data We Access

We only access data from services you explicitly connect. All integrations use read-only access where possible.

Google Services

  • Drive—Files and folders you select, including content, names, and metadata

  • Gmail—Email content, subjects, and sender information (read-only)

  • Calendar—Event details, participants, and scheduling information (read-only)

Microsoft Services

  • SharePoint—Documents from libraries and folders you authorize

  • Outlook—Email content and metadata (read-only)

Communication

Slack—Channel messages and threads from channels you authorize (read-only)

File Storage

Dropbox & Box—Files and folders you explicitly select during configuration

Development Tools

  • GitHub—Repository code, commits, and pull requests (read-only)

  • Confluence—Pages, spaces, and attachments you authorize (read-only)

How We Use Your Data

  1. Intelligent Search

We index and analyze your connected sources to enable semantic search. Entities like people, organizations, and dates are extracted for better relevance.

  1. Summarization

We generate summaries from documents, emails, and messages to help you quickly understand large volumes of information.

  1. Contextual Responses

Your data provides context for answering queries. Relevant documents are retrieved based on your questions. No data is shared with other users.

Processing Infrastructure

Content is indexed using Weaviate, LlamaParse, and AWS. All data is encrypted in transit (TLS) and at rest.

What We Don’t Do

  • Sell your data to third parties

  • Share data with other users or organizations

  • Use your data to train AI models for others

  • Access data you haven’t connected

  • Modify or delete your original data

  • Provide your data to advertisers

Data Retention

Active feeds

Indexed while active

Feed deletion

Removed within 30 days

Account deletion

Permanently deleted within 30 days

OAuth tokens

Deleted on disconnect

Your Rights

  • Disconnect any service at any time

  • Delete specific feeds without disconnecting entirely

  • Revoke access through Google, Microsoft, etc.

  • Request data deletion or export

  • View indexed data through the Documents panel

Third-Party Services

We use SOC 2 compliant services for infrastructure:

  • Weaviate — Vector database

  • LlamaParse — Document parsing

  • AWS — Cloud infrastructure

  • Supabase — Database & auth

Compliance

  • GDPR Compliant

  • OAuth 2.0

  • Minimal Permissions

  • Explicit Consent

We may update this policy to reflect new features or legal requirements. Material changes will be communicated via email.