Privacy Policy

Last updated: March 7, 2026

Overview

BriefMe ("we", "our", or "us") helps you prepare for meetings by generating a one-page AI brief from your Google Calendar, Gmail, and Google Drive. This policy explains what data we access, how we use it, who we share it with, and how you can control it.

By using BriefMe, you agree to the practices described in this policy.

Data We Access

When you sign in with Google, BriefMe requests read-only access to the following:

Google Account (profile)

Your name, email address, and profile picture. Used to identify your account and display your profile in the app.

Google Calendar (calendar.readonly)

Your upcoming calendar events: titles, times, locations, descriptions, and attendee email addresses. Used to show your meetings on the dashboard and generate context-aware briefs.

Gmail (gmail.readonly)

Email threads exchanged with meeting attendees over the last 30 days. Used to surface relevant conversation history in your brief. We never read emails unrelated to your meeting attendees.

Google Drive (drive.readonly)

Documents shared with meeting attendees. Used to include relevant shared files and their content summaries in your brief. We only access files that are already shared with the people in your meeting.

BriefMe uses Google APIs strictly within the scope of generating your meeting briefs. We do not access, read, or store any Google data beyond what is described above.

How We Use Your Data

  • To generate one-page AI meeting briefs on your request
  • To display your upcoming meetings on your dashboard
  • To track your brief generation usage (free tier: 5 briefs/month)
  • To send you product updates if you subscribe to our waitlist (optional)

We do not use your Google data for advertising, profiling, or any purpose unrelated to generating your meeting briefs.

AI Processing (OpenAI)

Meeting brief content — including email summaries, attendee context, and document references — is sent to OpenAI (GPT-4o) to generate your brief. This means a subset of your Google data (email threads with attendees, relevant document excerpts, calendar event details) is transmitted to OpenAI for processing.

OpenAI processes this data according to their Privacy Policy. We use OpenAI's API with data processing agreements that prohibit them from using your data to train their models.

Third-Party Services

Supabase

Our database and authentication infrastructure. Your Google OAuth tokens are stored encrypted using AES-256. Supabase is SOC 2 Type II compliant and hosted on AWS.

Stripe

Handles subscription billing for Pro accounts. We never store your payment card details — Stripe processes and stores all payment information under PCI DSS compliance.

Vercel

Our hosting platform. Hosts the BriefMe web application and processes web requests. No user data is stored by Vercel beyond standard server logs.

Data Storage & Security

  • Google OAuth tokens are encrypted at rest using AES-256 and only decrypted server-side to make API calls on your behalf
  • Your Google token data is never exposed to the browser or to client-side code
  • Generated briefs are stored in your account and only accessible to you
  • All data is transmitted over HTTPS/TLS
  • We do not sell, rent, or share your personal data with third parties except as described in this policy

Data Retention

  • Generated briefs are retained for as long as your account is active
  • Google OAuth tokens are retained until you disconnect your Google account or delete your account
  • Usage data (brief count) is retained for billing and quota purposes
  • On account deletion, all your data including tokens, briefs, and profile information is permanently deleted within 30 days

Your Rights & Controls

  • Revoke Google access: Visit myaccount.google.com/permissions and remove BriefMe at any time. This will stop all Google API access immediately.
  • Request data export: Email us at privacy@briefme.wtf to request a copy of your data.
  • Request account deletion: Email us at privacy@briefme.wtf to request complete deletion of your account and data.
  • Opt out of waitlist emails: Use the unsubscribe link in any email we send.

Google API Limited Use Disclosure

BriefMe's use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Google data to provide the meeting brief feature you requested
  • We do not use Google data for advertising
  • We do not allow humans to read your Google data unless you explicitly request support and give consent
  • We do not transfer your Google data to third parties except to OpenAI solely for AI processing of your brief request, and to infrastructure providers (Supabase, Vercel) as necessary to operate the service

Changes to This Policy

We may update this policy from time to time. When we do, we'll update the "Last updated" date at the top. If changes are significant, we'll notify active users by email.

Contact

Questions about this policy or your data? Email us at privacy@briefme.wtf.