Privacy Policy
sarahAI (“we,” “our,” or “us”) is committed to protecting the privacy of users (“you,” “your”) who interact with our AI executive assistant platform across WhatsApp, voice, and integrated tools such as Gmail and Google Calendar. This Privacy Policy describes how we collect, use, store, and share your personal information.
1. Information We Collect
We collect the following categories of personal information:
Name, phone number, and email address during account sign-up or communication.
Voice recordings or messages via WhatsApp or phone calls.
Tasks, reminders, calendar events, and messages that you share with SarahAI.
When you connect third-party services (e.g., Google), we may access:
Gmail metadata and email content to extract tasks or generate summaries.
Google Calendar events and availability to assist in scheduling and reminders.
Device information (e.g., browser, OS)
Interaction logs (e.g., timestamps, errors)
IP address and general location
2. How We Use Your Information
We use your data solely to provide and improve the SarahAI user experience. This includes:
Creating, managing, and updating tasks and calendar events.
Summarizing emails and meetings.
Sending proactive reminders and well-being nudges.
Enhancing voice and chat-based interactions.
Debugging, system performance monitoring, and analytics.
3. Use of Google API Services
sarahAI uses Google APIs to access Gmail and Google Calendar to provide productivity support. Our use of this data is governed by the Google API Services User Data Policy and strictly complies with the Limited Use requirements.
We only access Gmail and Calendar data to deliver user-requested services: summaries, event creation, follow-ups, and reminders.
We request only the minimal scopes necessary to fulfill your use case.
We do not access the full content of emails unless required to fulfill specific user instructions.
We do not:
Use your data for advertising or analytics unrelated to core features.
Sell or transfer user data to third parties.
Use your data to determine creditworthiness or for lending purposes.
We may share data only:
With your explicit consent.
To comply with legal obligations.
For security investigations (e.g., abuse or system integrity).
Humans will never read your Gmail or Calendar data unless:
You provide affirmative consent (e.g., requesting a human assistant to intervene).
It is required for legal compliance or debugging a specific issue.
The data is fully anonymized and aggregated for product improvement.
To ensure full compliance with Google’s Workspace API Policy Protections for Generative AI, we confirm the following:
We do not use Gmail or Google Calendar data to train, fine-tune, or improve any generalized or non-personalized AI/ML models.
We do not retain or use your Google Workspace data to improve model performance across other users or services.
We do not transfer your data to third-party AI tools for training or analysis purposes.
4. Data Security
We implement strong security practices to protect your data:
End-to-end encryption for all messages and data in transit.
Encryption at rest using AWS standards.
Access controls and audit logs to monitor all interactions with sensitive data.
OAuth 2.0 for secure third-party integrations.
As required, sarahAI will undergo annual security assessments via an authorized third-party auditor.
5. Data Storage and Retention
Your data is stored on secure AWS servers within compliant regions.
Task and calendar data is retained until you delete it or your account is closed.
Email summaries, transcripts, and logs are retained temporarily and periodically purged.
6. User Controls
You have the right to:
Access and update your information at any time.
Revoke Google API permissions via your Google account settings.
Delete your sarahAI account and all associated data.
Contact us for a copy or deletion request of your personal data.
7. Data Sharing
We do not share your personal information with third parties except:
To service providers strictly under contract for infrastructure and support services.
As required by law, regulation, subpoena, or legal process.
8. Children’s Privacy
sarahAI is not intended for individuals under 18. We do not knowingly collect personal data from minors.
9. International Users
If you access sarahAI from outside the United Arab Emirates, your information may be transferred to and processed in UAE and other jurisdictions where we or our service providers operate.
9. International Users
If you access sarahAI from outside the United Arab Emirates, your information may be transferred to and processed in UAE and other jurisdictions where we or our service providers operate.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes through email or our platform.
11. Contact Us
If you have questions about this Privacy Policy or wish to make a request, contact email at