Legal

Privacy Policy

Effective date: 25 March 2026 · Tushen Tech LLC · Last updated: 7 April 2026

The short version: Saely connects to your Gmail, Google Calendar, Microsoft Outlook, and Microsoft Calendar to generate your morning brief and execute approved actions. We never read your full email bodies. We never sell your data. We never train AI on your data. You can export or delete everything at any time.

1. Who we are

Saely is a product of Tushen Tech LLC, a US registered company. When this policy says "Saely", "we", "us" or "our", it means Tushen Tech LLC. Our contact email is sonia@saely.app.

2. What data we collect

We collect only what is necessary to provide the service:

Account information — your name, email address, and business details you provide during onboarding
Email metadata (Gmail) — sender, subject line, and the first 100 characters of email snippets from your Gmail inbox. We never access full email bodies or attachments
Email metadata (Microsoft Outlook) — sender, subject line, and the first 100 characters of email snippets from your Outlook inbox when you connect a Microsoft 365 or personal Outlook account. We never access full email bodies or attachments
Calendar events (Google Calendar) — event titles, times, and attendees from your Google Calendar. When you approve a calendar action, Saely creates or updates events on your behalf
Calendar events (Microsoft Calendar) — event titles, times, and attendees from your Microsoft Outlook Calendar when connected. When you approve a calendar action, Saely creates or updates events in your Microsoft Calendar on your behalf
Usage data — which features you use, actions you approve or skip, and brief feedback scores
Memory data — preferences, patterns, and business context you share with Saely through conversations and onboarding
Payment information — handled entirely by Stripe. We never see or store your card details

3. How we use your data

Your data is used exclusively to provide and improve the Saely service:

Generating your personalised morning brief
Drafting email responses and actions in your voice
Building your memory layer so Saely learns your business over time
Sending approved emails from your Gmail or Outlook account on your behalf
Creating or updating calendar events in your Google Calendar or Microsoft Calendar with your approval
Detecting pipeline and relationship intelligence

We do not use your data for advertising. We do not sell your data. We do not share your data with third parties except the service providers listed in Section 5.

4. How your email and calendar data flows through our AI

This is important and we want to be completely transparent about it.

To generate your morning brief, email metadata — sender, subject, snippet — from either your Gmail or Microsoft Outlook inbox is processed by Anthropic's Claude API. Calendar event details from either Google Calendar or Microsoft Calendar are processed in the same way. This means your data passes temporarily through Anthropic's systems to generate the AI response.

Anthropic does not train their models on data submitted via the API, as confirmed by their API terms of service. Your email and calendar data is processed in real time to generate your brief and is not retained by Anthropic after processing completes.

Your full email bodies are never sent to any AI system. Only the metadata described in Section 2 is used.

When you approve an email action, the email is sent directly from your Gmail or Outlook account using the respective provider's API — Google's Gmail API or Microsoft's Graph API. Saely acts as the sender on your behalf only with your explicit approval.

When you approve a calendar action, the event is created or updated directly in your Google Calendar or Microsoft Outlook Calendar using the respective provider's API. No calendar changes occur without your explicit approval.

5. Third-party service providers

We use the following services to operate Saely:

Anthropic — AI model provider. Processes brief generation requests. Does not train on your data
Supabase — Database and authentication. Your data is stored in encrypted databases in their infrastructure
Stripe — Payment processing. Handles all card transactions. We never see your card details
Vercel — Application hosting. Serves the Saely web application
Resend — Transactional email delivery. Used to send system notifications to you
Google — OAuth authentication and Gmail/Calendar access. Governed by Google's own privacy policy
Microsoft — OAuth authentication and Outlook/Calendar access when connected. Governed by Microsoft's own privacy policy and the Microsoft Graph API terms of service. Saely's use of Microsoft user data complies with Microsoft's API terms, including requirements that data obtained from Microsoft APIs is used only to provide the features described in this service and is not transferred to third parties except as necessary to provide the service

6. Data storage and security

Your data is stored in encrypted databases hosted by Supabase. Access is controlled by Row Level Security policies — meaning your data is technically isolated from other users' data at the database level, not just at the application level.

Gmail, Google Calendar, Microsoft Outlook, and Microsoft Calendar access tokens are stored encrypted. We use these tokens only to fetch data for your brief generation and to execute approved actions. Tokens are refreshed automatically and revoked immediately if you disconnect your integrations.

7. Your rights and controls

You have full control over your data at all times:

Export your data — download everything Saely knows about your business from Settings at any time
Delete your data — permanently delete your account and all associated data from Settings. No waiting periods
Disconnect integrations — revoke Gmail, Google Calendar, Microsoft Outlook, or Microsoft Calendar access at any time from your Saely Settings page, or directly through your Google Account Permissions page or Microsoft account permissions page
Correct your data — update your profile, preferences, and memory instructions at any time
Data portability — request a complete export of your data in machine-readable format by emailing sonia@saely.app

For GDPR requests, please email sonia@saely.app with the subject line "GDPR Request". We will respond within 30 days.

7A. Microsoft 365 and Outlook data

When you connect a Microsoft 365 or personal Outlook account, Saely requests the following permissions via Microsoft's OAuth system:

Mail.Read — to read your Outlook inbox for email intelligence in your brief
Mail.Send — to send approved email actions from your Outlook account on your behalf
Calendars.Read — to read your Outlook Calendar for scheduling context in your brief
Calendars.ReadWrite — to create or update calendar events on your behalf when you approve a calendar action

These permissions are granted by you explicitly through Microsoft's consent screen. You can revoke them at any time from your Microsoft account at account.microsoft.com/privacy.

Saely's use of Microsoft user data complies with Microsoft's API terms of service. Data obtained from Microsoft APIs is used only to provide the features described in this service. It is not used for advertising, sold to third parties, or used for any purpose beyond operating the Saely service for you.

Microsoft access tokens are stored encrypted in your Saely account. They are refreshed automatically and revoked immediately when you disconnect the integration.

8. Data retention

We retain your data for as long as your account is active. If you delete your account, all personal data is permanently deleted within 30 days. Brief history and activity logs are deleted immediately on account deletion.

Email metadata used in brief generation is not stored permanently — only the generated brief output is stored in your account.

9. Cookies

We use essential cookies only — the session token required to keep you logged in. We do not use tracking cookies, advertising cookies, or analytics cookies that identify you personally.

10. Children's privacy

Saely is not intended for use by anyone under the age of 16. We do not knowingly collect data from children.

11. Changes to this policy

If we make material changes to this policy, we will notify you by email and update the effective date at the top of this page. Your continued use of Saely after notification constitutes acceptance of the updated policy.

12. Contact us

If you have any questions about this privacy policy or how your data is handled, please contact:

Email: sonia@saely.app
Support: support@saely.app
Legal entity: Tushen Tech LLC