Privacy
Placeholder. A full privacy policy will replace this before public launch.
The short version: Remy stores your Google OAuth tokens and the working memory it builds from your conversations. Only you can see your data. We don't sell, share, or mine it.
What we store
When you sign in with Google, we store your OAuth access and refresh tokens encrypted at rest using AES-256-GCM. These tokens let Remy read your Gmail and Calendar to help you. They are never shared or transmitted in plaintext.
When you chat with Remy, we store the conversation so Remy can pick up where you left off. Remy also writes a compact knowledge graph of the people, companies, and decisions that come up, so it can help you better over time. All of this is scoped to your account.
Data isolation
We use Postgres row-level security. Every table that holds user data has a database-enforced policy that prevents any account from reading any other account's rows. It's not just an application check; the database itself refuses.
What we don't do
- We don't sell your data to anyone, ever.
- We don't train AI models on your private data.
- We don't send email, make calls, or write to your calendar without your explicit approval every single time.
Deletion
You can delete your account at any time. Deletion removes every row associated with your account from our database, including OAuth tokens, messages, and the knowledge graph.
Contact
Questions or concerns: support@hootventures.ai.