Privacy Policy
Privacy
Effective May 2026
Your data is yours. This page explains exactly what that means — what we collect, why, how we protect it, and how you stay in control.
Our principles
Four commitments we don't break.
We don't train on your data
Your information is never used to improve our models. Your patterns, preferences, and history belong to you — not our training pipeline.
We don't sell it
No data brokers. No ad networks. No "anonymized" datasets sold to third parties. Your subscription is our business model.
We don't share it
No partner integrations that leak your information. No analytics vendors that receive PII. What's yours stays yours.
You can delete everything
One click. Full account deletion. All data purged within 30 days — no hidden archives, no backups we conveniently forget about.
What we collect
We only collect what's necessary to make each module work. Here's a complete breakdown by category.
Message content, metadata, labels/folders, contact frequency. Gmail via gmail.modify scope; Outlook via Microsoft Graph mail scopes.
Inbox triage, draft generation, priority ranking, label/folder management
Active account + 30 days after deletion
Events, attendees, scheduling patterns. Google via calendar.events scope; Outlook via Microsoft Graph calendar scopes.
Conflict detection, meeting prep, schedule optimization
Active account + 30 days after deletion
Transaction data, balances, account metadata (via Plaid)
Spending tracking, anomaly detection, bill reminders
Active account + 30 days after deletion
Task names, deadlines, status updates
Deadline tracking, workload analysis, nudges
Active account + 30 days after deletion
Thread metadata, message content across platforms
Conversation summaries, response drafting
Active account + 30 days after deletion
Itineraries, bookings, loyalty program IDs
Trip management, price monitoring, document storage
Active account + 30 days after deletion
Sleep, steps, activity data (from connected devices)
Pattern tracking, gentle nudges, weekly summaries
Active account + 30 days after deletion
Free-form text, voice transcriptions
Searchable archive, prompt generation, reflection
Active account + 30 days after deletion
How we protect it
Encryption everywhere
All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Your information is unreadable without the decryption keys, which are managed through a dedicated key management service.
Audited cloud infrastructure
Our infrastructure and processes are audited annually by an independent third party. We meet the Trust Services Criteria for security, availability, and confidentiality.
Read-only financial access
Financial connections use Plaid with read-only permissions. We can see transaction data but can never move money, initiate transfers, or modify your accounts.
Infrastructure
Hosted on secure, isolated cloud infrastructure with restricted access and full audit logging. Network-level isolation, automated vulnerability scanning, and 24/7 monitoring. No data ever leaves secure, audited environments.
Your controls
Granular permissions
Every module can be connected or disconnected independently. Revoke access to any data source at any time — the associated data is deleted within 24 hours.
Full data export
Request a complete export of your data in standard, portable formats at any time. No lock-in. No proprietary formats. Your data leaves when you do.
One-click account deletion
Delete your account and all associated data with a single action. Everything is permanently purged within 30 days. No archives, no backups, no "we'll keep it just in case."
Google user data
Wingmnn's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Scopes we request
- gmail.modify — read, compose, send, and modify your Gmail messages and labels so Wingmnn can triage your inbox, draft replies on your behalf, and organize threads.
- calendar.events — read and write events on your Google Calendar so Wingmnn can detect conflicts, prepare you for meetings, and adjust your schedule when you approve it.
- userinfo.email — identify your account.
How we use Google user data
Only to provide and improve user-facing features inside Wingmnn — inbox triage, draft generation, calendar conflict detection, scheduling, and cross-module context for features you've explicitly connected. Nothing else.
What we never do with Google user data
- We do not use it to train, develop, or improve generalized AI or machine learning models.
- We do not use it for advertising of any kind.
- We do not sell it.
- We do not transfer it to third parties except as necessary to provide the service you requested, to comply with applicable law, or as part of a merger or acquisition with equivalent privacy protections.
Human access
No human at Wingmnn reads your Google user data, except: (a) with your explicit consent for support; (b) to investigate abuse or security incidents; (c) to comply with a legal obligation; or (d) when the data has been aggregated and anonymized so it cannot be linked to you or any individual.
Revoking access
You can disconnect Wingmnn from your Google account at any time from your Wingmnn settings, or directly from your Google Account permissions page. Once revoked, Wingmnn deletes the associated data within 24 hours.
Third parties
We work with the minimum number of third parties necessary to operate.
Plaid
Used exclusively for the Finances module. Read-only bank account connections. Plaid maintains its own audited security infrastructure and is the industry standard for financial account connectivity.
Cloud infrastructure
Isolated hosting infrastructure. Data encrypted at rest and in transit. No PII is shared with the provider beyond what's required for hosting.
No ad networks. No analytics vendors that receive PII. No data brokers. No social login providers that track you. The list above is complete.
Contact
Questions about your data or this policy? We respond to every inquiry.
hello@wingmnn.com