Legal
Privacy Policy
Effective July 8, 2026
Fidant.AI ("we," "us," or "the Service") is an AI assistant with persistent memory for executives, available as a web application and as native iOS and Android apps. This Privacy Policy explains what data we collect, why, how we use and store it, and the choices you have. By using Fidant.AI, you agree to the practices described here.
00Trust Architecture
Before the legal detail, a plain summary of how we think about your data:
- User-visible memory — your memory is presented to you as files on your Google Drive that you can view, edit, export, or delete at any time. As of our June 2026 architecture update, the authoritative copy of your structured memory is stored in our database, and the Drive files are a synchronized, user-controlled projection of it.
- Source transparency — every fact Fidant remembers is linked to the message, note, document, or sync that produced it. Inside the product you can open the source, mark a fact wrong, hide it, or forget it entirely.
- Scoped Google access — we request the minimum Google scopes necessary:
drive.file(limits us to files the application itself creates on your Drive) andcalendar.events.readonly(read-only access to your calendar events, used for briefings and meeting preparation). We do not list, read, or modify any other files on your Drive, and we never modify your calendar. - Sovereign Trust Gate (roadmap) — a stricter storage mode for cases where even our servers should not hold encryption keys. Not available today; we will publish details before any user-visible change.
We do not describe Fidant as "zero-knowledge" or promise we can "never see anything." As detailed in Sections 06 and 07, the authoritative copy of your memory is stored on our servers in plaintext to operate the product; our optional encryption feature protects the copy written to your Google Drive. Our servers process plaintext to generate responses.
01Information We Collect
Account Information
You can sign in with Google or with Apple (Sign in with Apple). From Google we receive your name, email address, and profile picture. From Apple we receive your name and email address on first sign-in only; if you choose Apple's Hide My Email, we receive and store a private-relay address (@privaterelay.appleid.com) instead of your real email. We store a Google or Apple identity subject to recognize you on return, and — for Google — an encrypted refresh token so we can maintain access to your Drive and Calendar. When you sign in or connect Google, we also process short-lived security records to complete the flow (for example, a browser-binding token and, briefly, your email and provider identifier); these are transient and expire within minutes. We do not collect or store your Google or Apple password.
Google Drive Data
Fidant.AI creates a dedicated folder on your personal Google Drive to store your memory files. We access Drive solely to read and write files within this folder (drive.file scope). We do not access, read, or modify any other files on your Drive.
Google Calendar Data
If you grant Calendar access, we use the calendar.events.readonly scope to read event fields (title, start/end time, location, description, attendees, your response status). We use this to generate briefings, prepare pre-meeting context, and surface follow-ups. To power meeting preparation, attendee names, email addresses, event summaries, and times are extracted and stored server-side in our database (associated with the people and companies in your memory). We never write to, modify, create, or delete calendar events. We do not use Calendar data to train AI models, and we share it only with the AI provider generating your response.
Conversation Data
Your conversations and the structured memory extracted from them are stored in our database (the authoritative store) and projected as JSON and Markdown files to your Google Drive folder for your direct access and control.
Voice Input
If you use voice input in chat, audio is sent to OpenAI's Whisper API for transcription, processed in real time, and not stored by us. Separately, if you record or upload a meeting, the audio is stored on our object storage, transcribed via OpenAI Whisper, and the transcript is retained in our database and analyzed to produce meeting summaries (see Meetings below). On mobile, spoken AI replies may be synthesized via OpenAI's text-to-speech.
Meetings
When you use meeting features, raw meeting audio is stored on our object storage, transcribed (OpenAI Whisper), and the transcript, speaker labels, and participants are stored in our database and analyzed by our AI provider to produce summaries. You can delete meetings; recordings are subject to retention limits.
Uploaded Documents & Files
You may upload or import documents (PDF, DOCX, XLSX, RTF, TXT, MD, CSV, JSON; up to 10 files of 10 MB each) via onboarding, smart import, chat attachments, or document import. Extracted text is processed by our AI providers and stored as memory in our database; some extracted text is held on our object storage.
Wearable & Health Data
You may optionally connect Whoop, Oura, or import Apple Health data. For Whoop/Oura we store OAuth access and refresh tokens, encrypted at rest (AES-256-GCM), and retrieve health metrics (recovery, sleep, heart rate, HRV, SpO2, workouts, body measurements). Structured health and clinical facts (including lab results and biomarkers) are stored in our database, and raw lab-report text you upload is stored on our object storage. This is sensitive health data; we treat it accordingly.
Messaging Integrations
If you connect Telegram, we store your Telegram chat ID and settings and process the message text, voice, documents, and photos you send through your AI providers (see Section 17). If you use your Fidant email address, forwarded email bodies and attachments are stored on our object storage and parsed into memory (see Section 17).
Server-Side Data
We store the following on our servers: account records (name, email, profile picture); your Google refresh token (encrypted); a reference to your Google Drive folder ID; the content of your memory (facts, decisions, commitments, observations, and related structured records); structured health, financial, identity-document, and relationship data derived from your inputs; meeting transcripts; uploaded documents and extracted claims; calendar-derived attendee and event data; object-storage blobs (inbound email and attachments, meeting audio, raw lab-report text); usage event logs (message counts, model selection, feature interactions) with metadata; billing reference (managed by Stripe); wearable device tokens (encrypted); and encryption keys if you enable the Drive-encryption feature. Structured identifiers such as passport, account, or card numbers are stored only as a masked last-4 plus a one-way hash, never in full.
Usage & Device Data
We automatically collect standard telemetry: IP address, browser type, device and mobile-session metadata (platform, app version and build, OS version, device model, last-seen), and interaction patterns, to maintain service quality and diagnose issues (see Section 11).
02How We Use Your Data
We use the information we collect to:
- Provide, maintain, and improve Fidant.AI, including building and updating your persistent memory layer.
- Send your messages and relevant context to the AI model provider you select (Anthropic, OpenAI, or Google) to generate responses.
- Run internal operations — memory extraction, deduplication, synthesis, morning briefings, meeting analysis, suggestions, and report generation — on Google (Gemini). These run on models you do not directly select.
- Generate vector embeddings of your context via OpenAI to enable semantic search and deduplication.
- Transcribe voice via OpenAI's Whisper API; synthesize spoken replies via OpenAI text-to-speech on mobile.
- Retrieve health data from connected wearables (Whoop, Oura, Apple Health) to include in your AI context.
- Read Google Calendar events (with your authorization) for briefings, meeting preparation, and follow-ups.
- Process the documents, emails, and messages you send to us.
- Authenticate your identity, manage your account, process payments via Stripe, communicate with you, and ensure security and fraud prevention.
03Google API Services User Data Policy
Fidant.AI's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. This applies to Google Drive data (drive.file) and Google Calendar event data (calendar.events.readonly).
- We access Drive only to create, read, and update files within the Fidant.AI folder the application itself created.
- We access Calendar only to read events for briefing, meeting preparation, and follow-up features. We never write to, modify, create, or delete calendar events.
- We do not use Google user data for advertising.
- We do not transfer Google user data to third parties except as necessary to provide the Service (sending context to the AI provider you select, and to OpenAI for embeddings/voice) or as required by law.
- We do not use Google user data to train AI models.
- Humans do not read your Google user data unless you give explicit permission for support, or we are required to for security or legal compliance.
04Data Sharing with AI Providers & Service Providers
AI model providers. To generate responses, we send your messages and relevant context (messages, recent history, your memory, and — where relevant — authorized Calendar events) to the AI provider you select:
- Anthropic (Claude models) — subject to Anthropic's usage policy.
- OpenAI (GPT models; also Whisper transcription, text-to-speech, and embeddings) — subject to OpenAI's usage policy.
- Google (Gemini models) — subject to Google's API terms. Google (Gemini) also processes our internal operations described in Section 02.
We access these providers via their APIs (not consumer products). Under their standard API terms, these providers do not use API-submitted data to train their models. We send only the data necessary for each operation.
Other service providers. We also share limited data with:
- PostHog (product analytics and error monitoring) — see Section 11.
- Stripe (payments) — your email, account identifier, and plan tier.
- Postmark (transactional and inbound email) — see Section 17.
- Telegram (if you connect it) — see Section 17.
- Whoop / Oura (if you connect them) — for retrieving your health data.
05Shared Conversations
You may optionally share a conversation by generating a unique link. A snapshot of the conversation is then stored on our servers and is accessible to anyone with the link; it displays your name and the conversation content. You can revoke a shared link at any time, which immediately removes public access.
06Encryption
Fidant.AI offers an optional feature that encrypts the memory files written to your Google Drive using AES-256-GCM. When enabled, your key is generated and stored server-side; encryption and decryption are performed server-side. This protects the Drive copy at rest but is not end-to-end encryption. It does not encrypt the authoritative copy of your memory stored in our database, which is retained in plaintext to operate the product. All data in transit is protected by TLS 1.2+.
07Data Storage & Security
Your memory is stored authoritatively in our PostgreSQL database hosted on Railway, and projected to your personal Google Drive for your access. Larger content blobs — inbound email and attachments, meeting audio, and raw lab-report text — are stored in our S3-compatible object storage. Server-side data is encrypted in transit (TLS 1.2+); tokens and sensitive identifiers are encrypted or masked at rest as described in Section 01. Access to production systems is restricted to authorized personnel. While no system is impervious, we implement industry-standard safeguards and continuously review our posture.
08Data Retention
Your memory is under your control: you can view, edit, or delete any item at any time through the Fidant.AI interface, and the Drive projection directly via Google Drive.
Server-side account data is retained while your account is active. Upon account deletion, we delete your server-side records — database content (memory, health, financial, identity, meeting, and relationship data), object-storage blobs (inbound email and attachments, meeting audio, raw lab-report text), wearable and identity tokens, encryption keys, and shared-conversation snapshots. We cancel your subscription and delete your Stripe customer record, and we request deletion of your analytics profile from PostHog. Database records are deleted immediately as part of an atomic operation; propagation across all stores completes within 30 days.
By default, your Google Drive files are left under your control and not deleted with your account; you may optionally choose permanent deletion, which irreversibly deletes the Fidant.AI Drive folder as well. Account deletion is available on the web and in the mobile apps (which also clear tokens stored on your device).
09Your Rights & Choices
Depending on your jurisdiction, you may have rights including Access, Correction, Deletion, Portability (your memory files are already on your Google Drive in Markdown and JSON), and Withdrawal of consent (revoke Drive or Calendar access via your Google Account). To exercise any right, contact us at hello@fidant.ai; we respond within 30 days.
10Revoking Access
Revoke Fidant.AI's access to your Google Account at any time at myaccount.google.com/permissions. This immediately stops our access to your Drive and Calendar; your files and calendar remain untouched. You can disconnect Whoop, Oura, or Telegram from your settings at any time, which deletes the stored tokens or connection from our servers.
11Analytics, Cookies & Tracking
We use PostHog for product analytics and error monitoring. On the web, PostHog automatically captures page views, clicks and interactions, and errors; it sets a first-party cookie, links analytics to your account identifier, and receives your IP address and device metadata. We use this to improve the product and diagnose issues — not for advertising — and we do not participate in cross-site advertising networks or use an advertising identifier. We also keep first-party usage logs on our servers.
Cookies we use: the authentication session cookie (essential), the PostHog analytics cookie (non-essential), and short-lived security cookies during mobile sign-in (essential). We are implementing a consent mechanism for users in the EU/UK; until it ships, you can disable analytics cookies via your browser controls.
12Children's Privacy
Fidant.AI is not directed at individuals under 18. We do not knowingly collect personal data from minors and will delete it promptly if discovered.
13International Data Transfers
Fidant.AI operates globally and our service providers (including Anthropic, OpenAI, Google, PostHog, Stripe, and Postmark) are based primarily in the United States; your data may be processed there. If you connect Telegram, message content is processed via Telegram's international infrastructure. We ensure appropriate safeguards are in place regardless of where data is processed.
14Changes to This Policy
We may update this policy from time to time. For material changes we will notify you by email or through the Service before they take effect. The most recent material change (July 8, 2026) updated this policy to reflect our current architecture: server-side storage of memory content, native mobile apps and Sign in with Apple, the full list of AI and service providers, analytics, messaging and email integrations, and expanded data-retention and deletion practices.
15Contact
Questions, concerns, or requests: hello@fidant.ai.
16Mobile Applications
Our iOS and Android apps let you sign in with Apple or Google. After sign-in, the app holds Fidant-issued access tokens in the device's secure storage (iOS Keychain / Android Keystore); we never store your Google or Apple provider tokens on your device. Optional biometric checks (e.g. Face ID) are performed entirely on-device — no biometric data is collected or transmitted. The apps request microphone access for voice input, and camera and photo-library access only when you choose to attach an image to a chat message; attached images are uploaded and processed like other uploaded files (see Section 01). We collect per-session device metadata (platform, app version/build, OS version, device model). You can delete your account from within the app.
17Messaging & Email Integrations
Telegram. If you connect Telegram, message text, voice notes, documents, and photos you send are received via Telegram's API and processed by our AI providers (transcription, classification, summarization, and — for images — visual analysis). Extracted information is stored as memory.
Email. We provide a personal forwarding address. Email you forward — sender, recipient, subject, body, and attachments — is stored on our object storage and in our database and parsed into memory. Transactional email we send you (recipient address and content) is delivered via Postmark.
18Note on "no training"
We access AI providers via their APIs, under terms that do not permit training on API-submitted data. If we ever engage a provider whose terms differ, we will update this policy and this section before routing your data to them.
© 2026 Fidant.AI. All rights reserved.