Effective July 15, 2026

Privacy Policy

This policy explains how Mouseover accesses, uses, stores, shares, and deletes information when you use our productivity assistant.

Information we collect

When you connect Google, we receive your basic Google account profile and email address for sign-in. With your permission, Mouseover reads recent Gmail message headers, bodies, thread identifiers, and labels, plus event details from your primary Google Calendar, including titles, times, descriptions, locations, status, and attendee count.

Mouseover currently analyzes Gmail from the previous seven days, excluding spam, trash, and promotions, and primary Calendar events from the previous seven days through the next fourteen days.

How we use Google data

We use Google data only to provide user-facing Mouseover features: finding requests, deadlines, meeting preparation, and follow-ups; building your prioritized task list and summary; preparing Gmail drafts for your review; and performing Gmail label, read-state, or archive changes that you explicitly confirm.

Mouseover does not sell Google user data, use it for advertising, determine creditworthiness, or use it to train general or shared artificial-intelligence models. Mouseover never permanently deletes Gmail messages and does not create, edit, or delete Google Calendar events.

AI processing and service providers

To create your task list and suggested drafts, Mouseover securely sends the limited recent Gmail and Calendar content needed for that request to Google Gemini. Google processes this data on our behalf to return the requested user-facing result. We also use Supabase for authentication and server-side request handling and Cloudflare for application hosting and delivery.

We require service providers to protect information, use it only to provide their services to Mouseover, and not use Google user data to train general or shared AI models.

Storage and retention

The Mouseover Google Workspace edge function processes Gmail and Calendar content in memory and does not persist raw message or event content in a Mouseover database. Generated task results are cached in your browser for up to thirty minutes to avoid unnecessary repeat processing. Google OAuth access and refresh tokens are stored in your browser for the current connection. Basic account information is retained while your Mouseover account remains active.

We retain information only as long as needed to provide the service, meet security and legal requirements, and resolve disputes.

Your controls and deletion

From Connections in Mouseover, you can clear locally cached generated Google data or disconnect Google. Disconnecting revokes Mouseover's Google authorization, removes locally stored Google tokens and generated task data, and stops future Gmail and Calendar access. Existing drafts and labels that you asked Mouseover to create remain in Gmail until you remove them there.

You can also revoke access from your Google Account permissions page. To request deletion of your Mouseover account or other information associated with it, email founders@mouseover.ai. We will verify and process valid requests as required by applicable law.

Security

We use encrypted HTTPS connections, authenticated server requests, access controls, and provider security controls designed to protect your data. No system is completely secure, and we will notify affected users as required if a security incident occurs.

Google API Services User Data Policy

Mouseover's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Changes and contact

We may update this policy as Mouseover changes. We will post the revised date here and provide additional notice when required. Questions or requests can be sent to founders@mouseover.ai.