Back to Daybriefer

Privacy Policy

Last updated: May 30, 2026

1. Who we are

Daybriefer is a product of Studio Pi & Pi BV (KBO/VAT BE0439165619), a company incorporated in Belgium, with its registered office at Kartuizerlaan 32, 9000 Gent, Belgium. Studio Pi & Pi BV is the data controller for personal data processed through Daybriefer.

For any privacy question, request, or complaint, contact us at ask@daybriefer.com. You also have the right to lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit) at www.gegevensbeschermingsautoriteit.be.

2. What this product does

Daybriefer connects to your Gmail and Google Calendar with your explicit consent, processes the content needed to produce a daily brief — priorities, drafted replies, meeting conflicts — and shows it to you. It does not send email or accept meetings on your behalf without your explicit click.

3. Google account data we request and why

To work, Daybriefer requests the following Google OAuth scopes when you connect your account. We request only what is strictly necessary for the features you see in the product.

  • gmail.modify  (https://www.googleapis.com/auth/gmail.modify): one consolidated Gmail scope that covers everything Daybriefer needs to do in your inbox — (a) read messages so we can prioritise the inbox, extract action items, and summarise threads; (b) draft AI replies for you to review; (c) send a reply or meeting confirmation only after you click Approve / Send on it — never in the background, never on a schedule; (d) trash-mirror, so when you delete a message in Daybriefer the same message is moved to Gmail's trash (recoverable for 30 days). We use a single scope rather than four because Google asks us to request the minimum- necessary set, and gmail.modify is the smallest scope that authorises all of them. We never permanently delete, and never modify labels other than UNREAD, INBOX, and the trash label (for the read, archive, and delete actions you trigger).
  • calendar.events  (https://www.googleapis.com/auth/calendar.events): read your events and write a new event only when you explicitly accept a proposed time inside Daybriefer. We do not read or write any other data on your calendar.
  • calendar.freebusy  (https://www.googleapis.com/auth/calendar.freebusy): check whether you are free at a proposed meeting time so we can flag conflicts. Returns busy/free intervals only — never event titles, attendees, or descriptions.
  • userinfo.email & userinfo.profile: your name and email address so the app can show who is signed in.

Scopes Daybriefer does NOT request:

  • https://mail.google.com/ — we never request the broadest Gmail scope. Daybriefer cannot permanently delete messages (trashed messages remain in Gmail's trash for 30 days), and cannot read or modify spam/all-mail outside your inbox.
  • https://www.googleapis.com/auth/calendar — we cannot read or write calendar settings, ACLs, or events outside the ones we created.

Deleting an email inside Daybriefer removes it from Daybriefer's database only — the message stays in your Gmail.

Daybriefer's use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. For a standalone, scope-by-scope disclosure (the version Google reviewers reference during OAuth verification), see our dedicated Google API Services User Data Disclosure.

4. What we actually store, and for how long

We are deliberately specific about this so you can match it to the schema if you ask. The following is stored at rest in our Supabase Postgres database, encrypted at rest by the provider (AES-256) and in transit (TLS 1.2+):

  • Account & OAuth tokens: your Google email, Google access & refresh tokens (scoped to the permissions above), token expiry, granted scopes.
  • Email metadata: Gmail message ID, thread ID, sender, subject, snippet, headers, received-at timestamp, and our internal status (e.g. "Urgent", "Needs Reply").
  • Email body text (30-day rolling cache): we cache a copy of the message body so the brief renders quickly without re-fetching from Google on every page load. Bodies are auto-purged after 30 days by a nightly cron job. Quoted-reply chains are stripped before AI processing. After purge, the metadata and AI-generated summary remain so your brief history is still searchable, but the raw body is gone from our database — Daybriefer would have to re-fetch it from Gmail (with your already-granted read scope) to show it to you again.
  • AI-generated summaries: short bullets and extracted action items produced by our AI provider (see §5). These are derived from your email content and are stored alongside the source email.
  • Draft replies and proposed meetings: drafts you create in Daybriefer, plus the conflict-check results we run against your calendar.
  • Writing-style samples (optional, on by default): to make AI-drafted replies sound like you instead of like a generic assistant, Daybriefer scans your recent SENT mail and keeps at most five short excerpts (typically 60–120 words each) of your own writing. Quoted-reply chains, signatures, and "Sent from my iPhone" footers are stripped before storage, so the excerpts contain only your own words — never the other party's content. These excerpts are fed into the AI prompt as style exemplars (tone, sentence length, sign-off habits); they are not used to train any third-party model. You can turn this feature off, see exactly what is stored, or delete all samples at any time from Settings → Writing style.

Retention — by data type:

  • Email body text: cached for up to 30 days only so the brief can render quickly. A nightly purge deletes raw email bodies older than 30 days.
  • Email metadata, AI-generated summaries, and extracted action items: may remain while your account is active so your brief history stays searchable.
  • OAuth tokens and account data: kept while your account is active; revoked and removed when you disconnect or delete your account.
  • Writing-style samples: kept while the feature is enabled. You can delete them at any time from Settings → Writing style → Forget my samples. They are also wiped on full account deletion.

On account deletion (see §7): all of the above is permanently removed from Postgres within 30 days, including row-level cascading deletes on bodies, summaries, drafts, and conflict checks. Database backups (which Supabase retains on a rolling 7-day window) age out within 7 days of deletion.

Hosting region. Our Postgres database is hosted on Supabase in the European Union (Frankfurt). The Next.js application that serves daybriefer.com runs on Railway; Railway processes web traffic in its US-West region (Oregon, USA) — no email content is persisted there, requests are proxied in-memory to the EU database. Outbound email is handled by Resend in their EU region. The only routine cross-border data transfer is to OpenAI in the United States (see §5), governed by Standard Contractual Clauses.

5. Sub-processors (third parties we share data with)

We use a small set of trusted sub-processors. Each one receives only the minimum data needed for its task.

  • Supabase (Supabase Inc., EU region) — managed Postgres + auth. Hosts the application database.
  • Railway (Railway Corp., USA) — Next.js application hosting in the US-West (Oregon) region. Receives requests in transit; does not persist email content.
  • OpenAI (OpenAI, L.L.C., USA) — language models used to classify emails and generate summaries + draft replies. We send email content via OpenAI's API, which by default does not use API inputs/outputs to train OpenAI's models (per OpenAI's API data usage policy as of the date of this policy). We do not enable any opt-in training.
  • Resend (Drop In Logic Inc., EU region) — sends transactional email from us to you (welcome, onboarding, security notices). Resend never receives your Gmail content.
  • Google LLC — Gmail and Calendar APIs. Your account already has a relationship with Google; Daybriefer simply reads/writes through the scopes you granted.
  • Stripe (Stripe Inc.) — only if and when you upgrade to a paid plan. Stripe handles card data; we never see card numbers.

A current list of sub-processors is available on request at ask@daybriefer.com. Business customers can request a Data Processing Agreement (DPA) by writing to the same address.

6. What we will never do with your data

  • We do not sell your personal data, your Gmail content, or any derivative of it.
  • We do not use your data for advertising, profiling for ads, or audience targeting.
  • We do not train machine-learning models on your data, and our AI provider does not either (see §5).
  • Daybriefer staff do not read your emails. The only exception is when you explicitly grant written consent to share a specific message for bug investigation, in which case access is logged and revoked immediately afterwards.
  • We do not auto-send email and do not auto-accept meetings. Every outbound action requires your click.

7. Your rights and how to exercise them

Under EU GDPR you have the right to access, rectify, erase, restrict, port, and object to processing of your personal data. You can also withdraw your Google connection at any time:

  • Disconnect Google: from Settings → Connected accounts inside Daybriefer. You can also revoke access directly at myaccount.google.com/permissions.
  • Delete your account & all data: email ask@daybriefer.com from the address associated with your account, with the subject line "Delete my account". We will confirm and then permanently delete your account and associated data within 30 days, with backup expiry within 7 days after that.
  • Export your data: request a machine-readable export (JSON) at the same address.
  • Turn off or wipe writing-style learning: from Settings → Writing style you can pause sample collection (existing samples are kept but no longer used) or click Forget my samples to delete every stored excerpt immediately. No email required.

8. Security

We use industry-standard practices: TLS 1.2+ everywhere, encryption at rest on the database, OAuth 2.0 for Google access (no password sharing), least-privilege scopes, and row-level security in Postgres so a user can only see their own rows. No security regime is perfect; if you discover a vulnerability, please report it to ask@daybriefer.com.

9. Children

Daybriefer is not directed at children under 16. We do not knowingly collect personal data from children under 16; if you believe we have, contact us and we will delete it.

10. Changes to this policy

If we make material changes, we will update the date above and notify active users by email at least 14 days before the change takes effect. Continued use after that date constitutes acceptance.

11. Contact

Studio Pi & Pi BV
Kartuizerlaan 32, 9000 Gent, Belgium
KBO/VAT BE0439165619

General: ask@daybriefer.com
Privacy / data subject requests: privacy@daybriefer.com
Security disclosures: security@daybriefer.com