Privacy Policy

A. User-Selected Email Data (Core Functionality)

We access only the currently open email when the user explicitly runs task extraction. We do not scan or collect emails in the background without user action.

• Processed items when task extraction is run: The current email subject, body, and sender information.
• Purpose: To summarize content and recommend tasks using AI models.
• Stored metadata: Task title, notes, due date, priority, email, thread, and task identifiers, plus limited email metadata such as subject, sender, and received time for UI display and multi-device sync.
• Retention: Active data stays during service use and is destroyed on account deletion. Dismissed or deleted data is soft-deleted immediately, with only minimal sync tombstones kept for up to 30 days.

B. Created Task Data

This is data related to tasks confirmed by the user from AI suggestions.

• Collected items: Task title, notes, due date, priority, and status metadata needed for synchronization.
• Purpose: To synchronize Google Tasks status and provide convenience features inside the Service.
• Storage: The Service stores only the minimum synchronized copy needed for UI display and multi-device sync. Google Tasks remains the original source of truth.

C. Account and Authentication Information

• Items: Email address used as the account ID.
• Purpose: User identification, settings synchronization, and usage statistics for tier management.
• Google OAuth tokens are not stored on the server. Authentication is performed client-side through the Chrome Identity API.

A. AI Models (Email Analysis)

• Recipients: Google Cloud (Vertex AI / Gemini) or OpenAI (GPT series).
• Purpose: Natural-language task extraction.
• Provided items: The current email subject, body text, and sender information to the extent needed for task extraction.
• Protection: Provided data is used only within the scope needed for task extraction and is not sold or used for advertising.

B. Usage Analytics (PostHog)

The Service uses PostHog to understand feature usage patterns and improve the product.

• Recipient: PostHog, Inc. (posthog.com).
• Purpose: Product analytics and service improvement.
• Provided items: Anonymized user identifier (one-way SHA-256 hash of email address, not reversible), browser type, and anonymized interaction events (e.g., panel opened, task saved).
• Your email address is never transmitted to PostHog. Only a non-reversible cryptographic hash is used as an identifier.
• PostHog Privacy Policy: https://posthog.com/privacy

A. Data Retention

• Email body: Processed only when the user runs task extraction and not permanently stored as a general service record on the server.
• Task and sync metadata: Stored in a secured database only as needed for UI display, service stability, and synchronization.

B. Security Measures

• All data transmission uses HTTPS (TLS) encryption.
• Database access rights are granted only to the minimum necessary administrators and are strictly controlled.