Privacy Policy

Last updated: 2026-05-11

This application ("Emily Agent") uses Google OAuth 2.0 to access your Gmail and Google Calendar data solely on your behalf and at your direction. This policy describes how your data is handled.

Data We Access

With your explicit consent via Google's OAuth consent screen, we request access to:

• Gmail (modify): Read, compose, send, and manage your email (no permanent deletion bypassing trash)
• Gmail settings (basic): View and manage email filters and vacation responders
• Gmail settings (sharing): View send-as aliases, forwarding addresses, and delegates (read-only)
• Google Calendar: See, create, edit, and delete calendar events
• Identity: Your email address and OpenID identity (for authentication)

How We Use Your Data

All data access is performed exclusively in response to your direct instructions. We never:

• Store your email messages or calendar data outside the Google ecosystem
• Share your data with any third party
• Use your data for training, analytics, or any purpose other than executing your commands
• Retain access tokens after you revoke them

Data Storage

OAuth refresh tokens are stored locally in an encrypted file keyring on the server you control. No tokens are transmitted to any third party. Message content is processed ephemerally in memory and not persisted beyond your session.

Data Retention

We do not maintain a separate data store of your Google data. Your emails and calendar events remain in your Google account and are only accessed on demand. Logs of session activity (metadata only, not message content) may be retained for operational debugging.

Data Deletion

You can revoke access at any time via your Google Account permissions page. Revoking access immediately terminates the application's ability to read your data.

Contact

Changes to This Policy

If this policy changes, users will be notified via the application's release notes. Continued use after changes constitutes acceptance of the updated policy.