Privacy Policy

Last updated: May 30, 2026

What we collect

• Account info: when you sign in with Google, we receive your email address, name, and profile picture from Clerk (our authentication provider).
• Tasks and decisions: the items you create, complete, defer, or delete inside the app.
• Gmail data: if you connect Gmail, we access your email metadata (subject lines, sender/recipient addresses, timestamps, and thread IDs) and, when power mode is enabled, email body snippets. We use this data solely to surface actionable tasks in your OneThing dashboard. We do not store raw email bodies on our servers — only AI-generated summaries and action suggestions derived from your messages. Gmail data is never used for advertising and is never shared with third parties for purposes unrelated to operating the service. Gmail data is never used to train generalised or third-party AI/ML models.
• Google Calendar data: if you connect Google Calendar, we access your calendar event titles, times, attendees, and descriptions to identify time-sensitive tasks. This data is used only to power OneThing features and is not shared with third parties for unrelated purposes.
• Google Tasks data: if you connect Google Tasks, we read your task titles and due dates to merge them into your OneThing decision queue.
• Chats with the assistant: text and images you send to the in-app assistant (Ramble), which we forward to Anthropic (Claude) to generate a response. Voice sessions use OpenAI's Realtime API; spoken replies are converted to audio by ElevenLabs. We do not train models on your chat content.
• Basic technical data: app version, device platform, and error reports. We do not track you across other apps or websites.

Why we use it

To run the product: surface the next thing you should do, sync with the services you connect, and answer questions you ask the assistant. We do not sell your data and we do not use it for advertising or for any purpose other than operating and improving OneThing.

AI features and third-party AI processors

OneThing uses AI to help you focus. When you use the Ramble assistant, voice mode, or AI-powered task scoring, certain data is sent to third-party AI services. You will be asked to acknowledge this before any AI feature is used.

• Anthropic (Claude)— powers the Ramble text assistant and the AI task-scoring engine. Data sent: your messages, task titles, email subjects, calendar event titles, and any images you attach. Anthropic does not use this data to train their models. Anthropic's privacy policy: anthropic.com/privacy.
• OpenAI— powers the real-time voice assistant (Ramble voice mode). Data sent: your spoken audio, transcribed text, and the same task/email/calendar context described above. OpenAI does not use API data to train their models by default. OpenAI's privacy policy: openai.com/privacy.
• ElevenLabs— converts the assistant's text replies to spoken audio. Data sent: the assistant's response text (not your personal data). ElevenLabs's privacy policy: elevenlabs.io/privacy.

What is never sent to AI providers: full email bodies (only subjects and sender names), raw calendar descriptions, your Google OAuth tokens, or any data from sources you have not connected.

Google OAuth scopes we use

When you connect your Google account, we request the following permissions:

• openid, email, profile — to authenticate you and display your name and photo inside the app. Retained for the duration of your account.
• gmail.metadata — to read email subject lines, sender/recipient addresses, timestamps, and labels without accessing email bodies or snippets. Used to detect unanswered threads and surface action items. Metadata is cached for up to 6 hours and never written to persistent storage. Deleted immediately when you disconnect Gmail or delete your account.
• gmail.modify (optional, power mode only) — to read full email content and apply labels. Only requested when you explicitly enable power mode in Settings. You can revoke this at any time. Treated with the same retention limits as gmail.metadata.
• calendar — to read, create, update, and delete your calendar events when you issue commands through the app. Event data is cached for up to 6 hours and never written to persistent storage beyond that window. Deleted when you disconnect Calendar or delete your account.
• tasks — to read, create, complete, and delete your Google Tasks via swipe gestures and assistant commands. Task data is fetched on demand and not cached persistently. Deleted when you disconnect Tasks or delete your account.

Google API data — Limited Use

OneThing's use and transfer to any other app of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• We do not use Gmail, Calendar, or Tasks data to train generalised or third-party AI/ML models.
• We do not transfer Google user data to third parties except as necessary to provide the product, comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to users.
• We do not serve advertising based on Google user data.
• We do not allow humans to read Google user data except with your explicit consent for a specific support case, for security purposes, to comply with applicable law, or when data is aggregated and anonymised for internal operations.

How we protect your data

• Encryption in transit: all communication between your device and our servers uses TLS 1.2+ (HTTPS). OAuth tokens are transmitted exclusively over encrypted connections and never appear in logs or URLs.
• Encryption at rest: data stored in our database and cache (Vercel Postgres, Redis) is encrypted at rest using AES-256 by our infrastructure provider (Vercel). Google OAuth access and refresh tokens are stored server-side only, never embedded in client-side code.
• OAuth token storage: your Google OAuth tokens are stored in an encrypted server-side database, isolated per user. They are never embedded in client bundles, never logged, and never exposed to other users.
• Access controls: each user's data is isolated by user ID. Every server endpoint verifies your authenticated session before returning any data. No cross-user data access is possible by design.
• Minimal data retention for Google data: Gmail metadata and Calendar events are cached server-side for a maximum of 6 hours to reduce API call volume. Cached data is automatically purged on expiry. Raw email content (power mode) is never written to persistent storage — it is processed in memory and discarded after the response is sent.
• Deletion: when you disconnect a Google service from Settings, all cached data for that service is purged immediately. When you delete your account, all Google OAuth tokens are revoked via the Google API and all associated data is deleted within 30 days from active systems and within 90 days from backups.

Who processes data on our behalf

• Clerk — authentication and session management
• Vercel — hosting, database, and caching infrastructure
• Anthropic — AI text assistant and task scoring (Claude)
• OpenAI — real-time voice assistant
• ElevenLabs — text-to-speech for assistant replies
• Google — when you connect Gmail, Calendar, or Tasks via OAuth
• Todoist — when you connect your Todoist account
• Sentry — anonymised crash and error reporting

We do not allow these processors to use your data for their own purposes beyond what is necessary to provide the service.

Your rights and controls

• Delete your account: open Settings and tap Delete account. This permanently removes your account, tasks, and history from our systems.
• Revoke Google access: you can disconnect OneThing from your Google Account at any time from myaccount.google.com/permissions. Revoking access stops all future data reads; cached data is removed within 6 hours.
• Data export: email us to request a copy of your personal data.

Data retention

We keep your account data while your account is active. After deletion, data is removed within 30 days from our active systems and within 90 days from backups. Google OAuth tokens are revoked and deleted immediately upon account deletion or when you disconnect your Google account from Settings.

Children

OneThing is not intended for users under 13.

Changes to this policy

We will post any material changes to this page and update the “Last updated” date. Continued use of the app after changes constitutes acceptance.

Contact

Questions? Email mirresnelting@gmail.com.