Home
Features
Memory
Relationship Health
Risk Alerts
Commitments
Autopilot
Meeting Briefs
Ask AI
Insights
Team Memory
Solutions
Founders & ExecsSales LeadersAgenciesInvestors
IntegrationsPricing
Security & privacy

It reads your email. That demands receipts.

A product like this earns trust with specifics, not badges. Here is exactly how your data is handled — and the hard limits that don't move.

Your email is never used to train AI modelsContent is processed to serve you — drafts, briefs, risk checks — and never used to train any model, ours or a vendor's. It works for you, not on you.
Personal email is excluded in codeNot a setting. Not a toggle. Personal conversations are structurally untouchable, and that rule cannot be configured away — by you or by us.
Credentials are encrypted at restWe never see your password — sign-in is Google OAuth only. Access tokens are encrypted (Fernet) before they touch a database, which itself encrypts at rest. All transport is TLS.
Tenant isolation at the database layerEvery row of your data carries your user id, enforced with row-level security. Your memory is yours alone — there is no cross-customer pooling of any kind.
The specifics

Fair questions, straight answers.

What exactly do you store?

Work-email metadata and content needed to serve you, plus what the AI derives from it: facts, commitments, and relationship signals — each with its source and date. It lives in our cloud database (hosted in Japan) isolated to your account; the full list of processors that touch it is in our Privacy Policy. You can browse all of it in the Memory view; nothing is hidden.

What about information concerning my contacts?

Memories are derived from correspondence you already possess, stored privately in your account, and used only to assist you. Deleting your account deletes every memory referencing every contact, immediately and cascade-complete. If a contact asks you for removal, deleting their contact entry removes their derived memories — or write to us and we'll handle it.

Can I leave with my data — or wipe it?

Both, in one click each. Export downloads everything as JSON. Delete permanently removes your account and every derived row — memories, scores, commitments, drafts, logs — in a single cascading operation. No retention games, no 30-day limbo.

What stops the AI from sending something it shouldn't?

Four hard limits: it starts draft-only and autonomy is granted by you per category; every send has an undo window; any active agreement-risk flag freezes sending on that thread entirely; and sends respect your working hours. The first and third are enforced in code, not preferences.

Which providers can connect today?

Google Workspace / Gmail and Google Calendar are live. Microsoft 365 / Outlook is on the roadmap — we know Google-only is a constraint, and reducing single-provider dependency is planned engineering, not a maybe.

Compliance posture?

GDPR-aligned by construction: data minimization, full export, cascading deletion, EU-standard processing terms. SOC 2 is on the roadmap as we move upmarket; security review questionnaires are welcome — ask and we'll answer honestly, including about what isn't built yet.

Trust it with a look first.

Start in draft-only mode. Watch what it catches. Grant autonomy only when it has earned it.

Start free — connect Gmail

Questions first? Talk to us — security questionnaires welcome.