Privacy Policy

Last updated: July 8, 2025

1. Introduction

Cyberbrain.sh ("we," "us," "our") provides a platform for users to organize and interact with their personal data through structured spaces and conversational interfaces. This Privacy Policy explains how we collect, use, share, and protect your data, including Gmail data where applicable.

2. Data We Collect

a. Authentication Data

We use Clerk.com for authentication. When signing in with Google OAuth, authentication data is processed by Clerk.

b. User-Generated Content

We store the content you create within our platform, including:

  • Spaces and blocks
  • Chat messages and interactions
  • Uploaded files or notes

c. Connected Accounts

If you link third-party accounts, we may access:

  • Telegram: Information shared with connected bots
  • Twitter: Public tweets and profile metadata
  • Gmail: Email content and metadata (see Section 4)

d. Gmail Scopes Used

We request access to your Gmail account using the following OAuth scope:

  • https://www.googleapis.com/auth/gmail.readonly – used strictly to read your Gmail messages and metadata for classification and chat purposes. No emails are modified or sent.

3. How We Use Your Data

We use your data—whether provided through the app, Telegram, Twitter, or Gmail—only for the following purposes:

  • Service Operation: To authenticate, store, and organize your content
  • Classification & Analysis: Your data is sent to OpenAI and Gemini to categorize content, extract insights, and enhance search and summarization
  • RAG Chat Features: We send data to Gemini to power retrieval-augmented-generation (RAG) chat experiences in our user interface

These uses apply to all data you connect to or create within our platform, including Gmail data if linked.

We do not use your data—including Gmail—for:

  • Advertising or marketing
  • Analytics or third-party profiling
  • Financial scanning
  • Selling or reselling to any parties

4. Additional Disclosures for Gmail Data (if connected)

Gmail data is accessed only after you explicitly grant permission during the Google OAuth login process. You are in full control of the data you share and may choose to disconnect at any time.

If you connect your Gmail account, we access email content and metadata strictly for the use cases outlined above (Classification, RAG).

We comply with Google's Limited Use Policy:

  • Gmail data is only shared with OpenAI and Gemini for processing related to internal classification and chat features
  • We do not use Gmail data for advertising, analytics, profiling, or any unrelated secondary purpose
  • We never sell or transfer Gmail data to other parties

Gmail data is treated with the same technical and organizational security protections as all other user data.

Our use of information received from Gmail APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

5. Data Sharing

We only share data with trusted service providers, strictly limited to operational needs:

Recipient Purpose
OpenAI Classification, summarization, insight generation
Gemini Retrieval-augmented chat and AI-driven processing

We do not share data—including Gmail—with any other third parties.
We do not sell user data or disclose it for marketing, surveillance, or profiling.

6. Data Security

  • All data is encrypted in transit (TLS) and at rest
  • Access is restricted to authorized personnel
  • Gmail data is protected with the same encryption and access controls as all user content

7. Data Retention & Deletion

We store your Gmail data until you either:

  • Manually remove it via your account settings, or
  • Request account deletion via support.

Gmail data is removed within 30 days of such a request.

Self-Service Data Management: You can manually remove integrations and delete imported emails through our user interface.

You can revoke Gmail access at any time using:

8. Cookies

We use only essential cookies to support authentication via Clerk.
No analytics, marketing, or tracking cookies are used.

9. Changes & Consent

Any changes to how we collect or use data will be:

  • Communicated via email or in-app message
  • Subject to renewed consent, if required

10. Your Rights

You may:

  • Access your personal data
  • Correct or update information
  • Request deletion
  • Export your data on request
  • Revoke Gmail access at any time (see Section 4 and Section 7)

11. Contact Us

For privacy-related questions, please email:
khomenokvladimir@gmail.com