Privacy Policy — Leo
Leo is a personal assistant mobile app. This policy describes what information Leo collects, why, where it is sent, and the choices you have about it. We have written it in plain language; if anything is unclear, email us at the address above.
1. What Leo collects and why
Leo only collects what it needs to do the work you ask of it. Each item below is requested at the point of use, and you can revoke it at any time.
| Data | When collected | Why |
|---|---|---|
| Email address and name | When you sign in with Google or Microsoft | To identify your account |
| Email message content and metadata (Gmail or Outlook) | Only if you grant mail access in the Connections screen | So Leo can summarize incoming mail and surface things worth doing |
| Calendar events (Google Calendar or Microsoft Calendar) | Only if you grant calendar access | So Leo can answer scheduling questions and propose calendar invites |
| Device contacts (name, phone, email) | Only if you grant the Contacts permission | Used locally on the device to prefill recipients in draft messages. Contacts are not uploaded to our servers in bulk; only the specific recipient you approve for a message is sent. |
| Approximate location (latitude/longitude) | Only if you grant Location permission | Used once to show local weather in the morning brief; we do not track continuous location. |
| Voice recordings | Only when you tap the microphone | Transcribed on-device by Android’s SpeechRecognizer and discarded after the recognizer returns text. No audio is sent to our servers or any third party. |
| Notification content from other apps (e.g. SMS, WhatsApp) | Only if you enable Notification Access | So Leo can draft replies to incoming messages on your behalf. |
| Push-notification token (FCM) | Automatically when you sign in | So we can deliver the morning brief and action notifications. |
| Subscription status | When you subscribe via Google Play | So we know whether to enable Pro features. |
| Support form submissions | When you submit feedback or report a bug | Routed to our issue tracker or support inbox. |
We do not collect: precise location, advertising identifiers, biometrics, financial account numbers, browser history, files outside the data you explicitly share, or data from other apps beyond enabled notifications.
2. Who we share data with
We use a small number of vendors to operate the app. Each one only receives the data it needs to do its specific job.
- Anthropic (anthropic.com) — Receives messages, voice transcripts (text only — audio is transcribed on your device and never leaves it), and email/calendar context required to generate Leo’s responses. Before any content reaches Anthropic, our backend automatically redacts (i) email addresses, phone numbers, payment-card numbers, and government-ID-format strings, and (ii) the names of your contacts (display names, aliases, and unambiguous first names matched against your contact list). Each is replaced with an abstract token; the original values are reconstructed in your view before you see Leo’s reply. Anthropic does not train models on the data we send per their API terms.
- Google (google.com) — Receives the OAuth scopes you grant for Gmail and Google Calendar; delivers push notifications via Firebase Cloud Messaging; processes payments via Google Play Billing. If you sign in with Google, also receives the OpenID identifier we use to verify your sign-in.
- Microsoft (microsoft.com) — Receives the OAuth scopes you grant for Outlook mail and Microsoft Calendar via the Microsoft Graph API. If you sign in with Microsoft, also receives the OpenID identifier we use to verify your sign-in. Leo connects to personal Microsoft accounts only (Hotmail, Outlook.com, Live); work or school Microsoft 365 accounts are not supported.
- RevenueCat (revenuecat.com) — Receives subscription events from Google Play to update your entitlements.
- Resend (resend.com) — Sends transactional email (e.g. support replies). Receives only the recipient address and message body.
- Railway (railway.app) — Hosts our backend infrastructure; data is stored in encrypted Postgres.
We do not sell personal information. We do not share data with advertisers or data brokers.
3. Google user data — Limited Use disclosure
Leo’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Which Google scopes Leo requests and how each is used
| Scope | What it grants | How Leo uses it |
|---|---|---|
openid, userinfo.email, userinfo.profile |
Stable identifier, email, name, avatar URL | Identifies your account at sign-in; shown in the app header so you know which account is active. |
gmail.readonly |
Read access to your Gmail messages and metadata | Summarizes incoming mail in the morning brief; extracts action items (RSVPs, bill payment links, follow-up nudges) and proposes them as action cards you approve before anything happens; reads the List-Unsubscribe header when you tap Unsubscribe on a marketing email. |
gmail.send |
Permission to send mail from your account | Sends replies, follow-up messages, and one-line unsubscribe emails that you have explicitly approved by tapping Send on an action card. We never send automatically. |
calendar |
Full read/write on your Google Calendar | Reads upcoming events for scheduling answers and the morning brief; creates / updates events you approve on an action card. |
Leo does not request, and does not have access to, Gmail’s modify scopes (label, archive, trash) or any other Google API beyond the ones above.
Affirmations (verbatim from the Google API Services User Data Policy)
- Prominent UI use only. We only use Google user data to provide or improve user-facing features that are prominent in Leo’s user interface — the chat thread, action cards, morning brief, and tasks list.
- No advertising. We do not use Google user data — including mail content, calendar events, profile data, or any derived signal — to serve advertisements, build advertising profiles, or enable any advertising network.
- No human review of Google user data except (i) with your affirmative consent, when you explicitly send a specific message in a support request or bug report; (ii) for security purposes when investigating suspected abuse; (iii) to comply with applicable law; or (iv) for aggregate, anonymized internal operations.
- No third-party transfers of Google user data except as strictly necessary to operate Leo’s user-facing features — the only such transfer is to Anthropic for AI response generation, and only after personal identifiers have been redacted on our backend (see section 2).
- No data sale. We do not, and will not, sell Google user data to any party for any purpose.
- No AI/ML model training. We do not use Google user data — mail content, calendar events, or anything derived from them — to develop, train, or improve generalized or non-personalized AI or machine-learning models. Google user data is sent to Anthropic solely to generate the specific response you see, and Anthropic does not train its models on it per their API terms.
How long Leo retains Google user data
- Raw Gmail and Calendar API responses (message bodies, full event payloads): never persisted to disk. Each request fetches just-in-time and discards after the response is generated.
- Agent-generated summaries in action cards (titles + short snippets) and the morning brief: retained only while the user-facing feature uses them. Specifically: action-card body / event description / attendee fields are stripped 7 days after the card is resolved (accepted, declined, or expired); morning briefs are deleted after 90 days; closed follow-up reminders are deleted 30 days after they’re marked done or dismissed.
- Source pointers (Gmail message IDs, Calendar event IDs, processed-message ledgers): kept until account deletion or up to 30–60 days for the dedupe ledgers, whichever comes first. These are identifiers, not content.
- OAuth tokens (Google access + refresh tokens): stored encrypted in our database. Explicitly revoked with Google (
oauth2.googleapis.com/revoke) within seconds of account deletion. - No bulk inbox or calendar copy. Leo does not mirror your mailbox or calendar to our servers. Every read is just-in-time.
4. How long we keep data
- Account data: until you delete your account, then up to 90 days more (see section 5).
- Conversation history (chat messages): until you tap “Clear chat” or delete your account.
- Action cards: retained while pending; long-form Google/Microsoft-derived fields are stripped 7 days after the card is resolved; the card metadata itself (kind, status, short title) is kept until account deletion as a history trail.
- Morning brief payloads: 90 days, then deleted.
- Closed follow-up reminders (done / dismissed): 30 days, then deleted.
- Raw email/calendar API responses: not persisted (used during the active request only).
- Voice recordings: not retained — transcription happens on-device; audio never leaves the phone.
- Logs: up to 30 days for debugging and abuse prevention. Logs do not include message bodies, calendar contents, contacts, or any redacted personal identifier — only request metadata, error traces, and rate-limit counters.
5. Your rights
You can:
- Access the data Leo holds about you: email support@valdrium.com.
-
Delete your account in either of two ways:
- In the app: Settings → Delete account. Takes effect immediately.
- On the web at https://www.valdrium.com/delete-account: works even if you can no longer sign in. Submit the email address associated with your account; we send a one-time confirmation link to that address; clicking the link within 24 hours completes the deletion. Same end state as the in-app path, typically within seconds of clicking the link.
Either path: you are signed out, your push notifications stop, and any Google and/or Microsoft access/refresh tokens we hold for you are explicitly revoked with the provider within seconds (
https://oauth2.googleapis.com/revokefor Google). Your account row and all associated data — messages, contacts, follow-ups, action cards, OAuth tokens, cached mail snippets, calendar pointers, and every other owned record — are permanently erased no later than 90 days from the deletion request. The 90-day window exists so you can email support@valdrium.com to restore the account if you change your mind; after 90 days the deletion is irreversible and the rows no longer exist in our database. - Revoke any single permission (Gmail, Outlook, Google Calendar, Microsoft Calendar, Contacts, Location, Notifications) at any time in the Connections screen or your device settings.
- Export your data: email support@valdrium.com.
Residents of California (CCPA), the European Economic Area, and the UK (GDPR) have additional rights including the right to object, restrict processing, and lodge complaints with a supervisory authority. To exercise these rights, email support@valdrium.com.
6. Children
Leo is not directed at children under 13 (under 16 in the EEA/UK) and we do not knowingly collect data from them. If you believe a child has provided us with personal information, email us and we will delete it.
7. Security
We follow industry-standard practices to protect your data:
- Encryption in transit. All data is transmitted over HTTPS / TLS 1.2 or higher — between the app and our backend, and between our backend and every third-party service we use (Google, Microsoft, Anthropic, RevenueCat, Resend).
- Encryption at rest. The production database (Postgres on Railway) is encrypted at rest. OAuth refresh tokens, JWT signing keys, and third-party API keys are stored as environment variables managed through Railway’s secrets system; they never appear in source control or logs.
- Access control. Access to the production database is restricted to a small number of named operators using audited credentials. Application code accesses the database via a separate, least-privilege role.
- On-device storage. On the phone, your authentication token is stored in EncryptedSharedPreferences, backed by an AES-256 key in the Android Keystore. Voice audio and your contact list never leave the device.
- Hardening. Rate limits on every authentication-adjacent endpoint; security headers on every response; structured logging without personally identifiable information; third-party dependencies are reviewed for known vulnerabilities before each release.
- Breach notification. If we discover a breach affecting your data, we will notify affected users within 72 hours of confirming it, and notify Google directly when Google user data is involved.
- Independent assessment. Because Leo uses a Restricted Google API scope (Gmail read access), we undergo an annual Cloud Application Security Assessment (CASA) by a Google-approved third-party assessor.
No system is perfectly secure, but we work to keep Leo’s surface small and its data flows narrow.
8. International transfers
We are based in the United States and our backend runs in U.S. data centers. If you use Leo from outside the U.S., your data will be transferred to and processed in the U.S. By using Leo you consent to this transfer.
9. Changes to this policy
If we make material changes, we will notify you in the app and update the effective date at the top. Continued use after a change means you accept the updated policy. Prior versions are available on request.
10. Contact
Questions, requests, or complaints: support@valdrium.com.
© Valdrium. Leo is a product of Valdrium.