← Back to app

Privacy Policy & Cookie Information

Privacy Policy

This Privacy Policy describes how we collect, use, and protect your personal information when you use our AI Assistant application.

We are committed to protecting your privacy and ensuring the security of your personal data.

Information We Collect

We collect the following types of information to provide and improve our service:

  • Authentication credentials (hashed or encrypted and stored securely)
  • Session information to maintain your login state
  • Integration credentials for Google Calendar, Google Tasks, Notion, and Fitbit (encrypted OAuth tokens)
  • Connected-service data you explicitly request, such as calendar events, tasks, Notion pages, and Fitbit data (e.g., activity, sleep, heart-rate metrics, profile) limited to the scopes you approve
  • Conversation data, file/attachment metadata, and tool call results needed to operate the AI assistant

Google User Data

When you connect your Google account, we access the following data based on your approved permissions:

Google Calendar

  • Calendar events (titles, times, descriptions, attendees)
  • Calendar metadata and settings

Google Tasks

  • Task lists and individual tasks
  • Task details (titles, due dates, notes, completion status)

How we use Google data:

  • Display your calendar and tasks within the app interface
  • Enable the AI assistant to help manage your schedule through conversation
  • Create, update, or delete calendar events and tasks at your request

We do NOT use Google API data to:

  • Train, improve, or develop AI/ML models
  • Serve advertisements or sell to third parties
  • Any purpose not explicitly disclosed in this policy

Google Data Retention:

  • OAuth tokens are encrypted and stored only while your account is connected
  • Google Calendar and Tasks data is fetched on-demand and may appear in conversation logs
  • Disconnecting Google removes all stored tokens; you may request deletion of conversation data containing Google information

Google API Services Compliance

Kratic's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Fitbit Data & Permissions

We access Fitbit User Data only via Fitbit's OAuth flow and the scopes you grant. We do not scrape, circumvent, or use alternative authentication methods.

What we may access (scope-dependent):

  • Activity, steps, exercises, sleep, readiness, and basic profile details
  • Heart-rate and related wellness metrics where you have granted permission
  • Any additional Fitbit datasets only if you explicitly authorize them for a feature

How we use Fitbit data:

  • To answer your prompts, summarize trends, or combine Fitbit data with other tools you enable
  • To troubleshoot and secure the integration (limited technical logs only)
  • Never for ads, resale, or public display; we do not share Fitbit data with third parties

Storage, retention, and deletion:

  • Fitbit OAuth tokens are encrypted at rest; we request the minimum scopes needed
  • Fitbit data is fetched just-in-time and is not persistently stored beyond what is captured in your conversations or outputs you ask us to save
  • You can disconnect Fitbit in settings (once enabled) or revoke access from your Fitbit/Google Account; we then stop all Fitbit API calls and delete stored Fitbit tokens
  • If you request removal of Fitbit-derived content from conversation history, contact us and we will delete associated Fitbit data and tokens

Research and marketing:

  • We do not use Fitbit data for advertising or sell Fitbit data
  • We do not use Fitbit data for research without your explicit consent; any future research use would be de-identified and consented

Conversation Logging & Service Improvement

To ensure reliable service delivery and continuous improvement, we maintain logs of your interactions with the AI assistant. This helps us:

  • Debug issues and resolve technical problems quickly
  • Understand how the service is used to enhance functionality
  • Improve AI response quality and accuracy over time
  • Maintain service reliability and performance

What We Log

Our logging system captures the following information for each conversation:

  • Conversation content: Your messages and the AI assistant's responses to maintain conversation context and improve responses
  • System configuration: Which AI model and tools were used, along with system prompts, to understand service behavior
  • Tool usage: Information about tools called (like calendar or task management) and their results, to ensure integrations work correctly
  • Performance metrics: Response times and token usage to optimize service speed and efficiency
  • Error information: Technical errors and their context to quickly identify and fix issues
  • Attachment metadata: Information about files you share (file names, types, sizes) while omitting the actual file content from logs

Data Protection in Logging

We take steps to protect your privacy in our logs:

  • Large file attachments are not stored in logs—only metadata is retained
  • All logged data is stored securely in our local database with the same encryption standards as your other data
  • Logs are used exclusively for service improvement and technical support
  • We do not share logged conversation data with third parties

This logging is essential for maintaining a reliable, high-quality AI assistant service. All data is stored securely and used only for the purposes described above.

How We Use Your Information

We use your information solely for the purpose of providing the AI Assistant service, including:

  • Authenticating and maintaining your session
  • Integrating with Google Calendar, Google Tasks, Notion, and Fitbit (permitted scopes only)
  • Providing AI-powered assistance based on your connected services and conversation context
  • Ensuring the security, reliability, and functionality of the application

Cookie Policy

We use cookies to provide essential functionality for our application. All cookies we use are strictly necessary for the operation of the service.

Essential Cookies

These cookies are necessary for the website to function and cannot be switched off. They are usually only set in response to actions made by you, such as logging in.

auth_session

Purpose: Maintains your authentication session so you stay logged in.

Duration: Session cookie (expires when you close your browser) or persistent cookie (expires after a set period of inactivity).

Type: Essential / Functional

auth_mfa

Purpose: Tracks your multi-factor authentication status to ensure secure access.

Duration: Session cookie (expires when you close your browser).

Type: Essential / Functional

We do not use analytics cookies, advertising cookies, or any third-party tracking cookies.

Data Security

All sensitive data, including authentication tokens and integration credentials (Google, Notion, Fitbit), are encrypted before storage. We use industry-standard encryption methods to protect your information.

Your Rights

Under GDPR and other privacy regulations, you have the right to:

  • Access your personal data, including conversation logs
  • Request correction of inaccurate data
  • Request deletion of your data, including conversation history
  • Withdraw consent at any time
  • Export your data in a portable format

You can manage your data and exercise these rights through the application settings or by contacting us. You may revoke Fitbit access at any time from your Fitbit or Google Account settings; revocation stops data access and removes stored Fitbit tokens on our side.

Contact & Requests

For data access, correction, deletion, or Fitbit-specific removal requests, contact developer@kratic.com.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

Last updated: January 15, 2026

See also: Terms of Service