Privacy policy
Privacy policy
Aidenly is designed so your raw email stays in Google. We store the intelligence needed to make the assistant useful, not a copy of your inbox.
Contact supportPlain-English summary
Aidenly uses Google's Apps Script to read your Gmail. The script runs in your Google account, not on Aidenly's servers. Aidenly stores derived data such as summaries, preferences, knowledge-map entries, and message metadata needed to support the product over time. We do not sell your data.
What we access
Aidenly accesses Google account identity data needed for login and account setup, plus the Apps Script deployment permissions needed to create and manage the per-user script that runs in your Google account. That Apps Script is what actually reads Gmail when you use the product.
What we store
Aidenly stores encrypted OAuth tokens, account and deployment metadata, derived intelligence such as AI summaries and memory entries, user-confirmed preferences, style guidance, and message metadata such as message IDs, labels, and timestamps. Aidenly does not store raw email bodies as persistent backend data.
Where your data lives
Your raw Gmail content remains in your Google account. The per-user Apps Script runs in the Google account you authorize. Aidenly stores derived data and account metadata in Supabase-backed application storage. Short-lived request processing happens in memory, and recent request results may be cached briefly for continuity.
Who can access it
Access is limited to you, Aidenly systems that need the data to provide the service, and service providers used to operate the product. Human access for support or operational investigation is limited to what is necessary for the request and should avoid raw content whenever possible.
Retention
Derived intelligence stored by Aidenly is retained until you delete it or request account deletion. Raw content fetched from Gmail is processed in memory for the duration of the request. Session cache data is short-lived, with a target lifetime of roughly 5 to 10 minutes.
Revocation and deletion
You can revoke Aidenly's Google access in your Google account permissions at any time. You can also email privacy@aidenly.ai to request deletion of stored derived data and account metadata. We respond to verified data access, deletion, or correction requests within 5 business days.
Email privacyGoogle API scopes used by Aidenly
Aidenly uses Google's Apps Script architecture to access Gmail. The OAuth consent screen requests only Apps Script and identity scopes; the per-user Apps Script proxy that Aidenly deploys to your Google account is what actually reads your Gmail. This means Aidenly's backend never directly holds Gmail-scope tokens. The Apps Script runs entirely within your Google account.
openidVerify your Google identity during sign-in.
emailRead the email address on your Google account to identify you.
profileRead your display name and basic profile info for account setup.
https://www.googleapis.com/auth/script.projectsCreate and manage the per-user Apps Script project that Aidenly deploys to your Google account. This project is the bridge that reads Gmail on your behalf, within your account.
https://www.googleapis.com/auth/script.deploymentsDeploy and manage the Apps Script project so Aidenly can activate the Gmail-reading bridge in your Google account.
Contact
This policy applies to Aidenly, Inc., a Delaware corporation (incorporation in progress). Privacy and data requests should be sent to privacy@aidenly.ai. Legal notices related to this policy should be sent to legal@aidenly.ai.
Email privacy