Privacy Policy

MiniBrief is built so that we hold as little of your data as possible. This policy explains, in plain terms, exactly what is and is not collected. It covers two separate things: this website (the waitlist) and the MiniBrief browser extension (the product). They are deliberately kept apart.

The short version

• Your email content never reaches our servers. It is processed in your browser and sent only to the AI provider that generates your results. We do not receive or store it.
• Using the extension requires a MiniBrief account. We store the account details needed to run the product — never the contents of your email.
• The extension contains no analytics, telemetry, or behavioral tracking.
• We do not sell, rent, or share your data for advertising. Ever.
• We never use your email content to train any AI model.

1. This website (the waitlist)

If you submit the waitlist form, we collect the email address you enter, the part of the page you submitted from, your browser’s user-agent string, and the time of submission. We use this only to send you a confirmation and a single launch notification, and to prevent duplicate or abusive signups. Waitlist entries are stored with our database provider and emails are delivered through our email provider (see Service providers). We keep waitlist data until launch and a reasonable period afterward, or until you ask us to delete it. This site sets no advertising or analytics cookies and runs no third-party trackers.

2. The MiniBrief extension

The extension reads your inbox inside your browser to produce summaries, drafts, and triage. Using it requires a MiniBrief account, and we operate a backend for that account. Your email content is never sent to that backend — it is handled in your browser and sent only to the AI provider, as described below.

Permissions we request

When you connect a Google or Microsoft account, we request only the access needed to run the features you use:

• Reading your messages — to display them and generate summaries, triage, and drafts.
• Modifying your messages (applying or removing labels, archiving, and changing read/unread state) — to carry out the triage actions you take from the side panel.
• Basic mailbox settings — to read the settings needed to display and organize your inbox correctly.
• Calendar (read-only) — to build meeting prep.

For Outlook we use the equivalent Microsoft Graph permissions. You can review and revoke this access at any time — for Google at myaccount.google.com/permissions, and for Microsoft in your account settings.

Your MiniBrief account

To use the extension you create an account. On our backend we store only the data needed to operate it: your account identifier and authentication details, your settings and preferences (such as your VIP list), and your plan or licensing status. We use this only to authenticate you, sync your settings across devices, and provide the service. Your account never contains the contents of your emails.

What is sent for AI processing

To generate AI output, a limited amount of content is sent directly from your browser to our AI provider, Anthropic. The amount depends on the feature:

• Triage, classification, briefings, VIP and meeting prep: the subject line and a short preview snippet only.
• Reply drafting and summarization: the relevant email body, which is needed for the feature to work. These are opt-in actions you trigger.
• Tone check: the draft text you wrote and asked us to check.

This content is sent solely to generate the response you requested. We do not store it, and our backend never receives it. We do not use your email content — or any Google or Microsoft user data — to train, develop, or improve any AI or machine-learning model, and Anthropic does not use data submitted through its API to train its models. Anthropic processes the request under its own terms; we encourage you to review Anthropic’s privacy policy.

What stays on your device

Email parsing and AI prompts are built in your browser. Any local cache stays in your browser’s local extension storage. Uninstalling the extension removes this local data; account data on our backend persists until you ask us to delete it.

3. Google API Services User Data Policy (Limited Use)

MiniBrief’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. In particular, MiniBrief:

• limits its use of Google user data to providing or improving the user-facing features described in this policy;
• does not transfer Google user data to others except as necessary to provide or improve those features, to comply with applicable law, or as part of a merger or acquisition with notice to users;
• does not use or transfer Google user data for advertising, including personalized or interest-based advertising;
• does not use Google user data to train generalized or non-personalized AI or machine-learning models, and does not transfer it for that purpose; and
• does not allow humans to read Google user data unless we have your affirmative consent to read specific messages, it is necessary for security or to comply with law, or the data has been aggregated and anonymized.

4. Service providers

We rely on a small number of third parties, each for a narrow purpose:

• Anthropic — processes the limited email content described above to generate AI results.
• Our application backend (Supabase) — stores your account, settings, and licensing status; it never receives your email content.
• Resend — delivers waitlist confirmation and launch emails.
• Stripe — processes subscription payments. We never receive or store your full card number.
• Our hosting provider — serves this website and may process standard server request logs for security and reliability.

5. Your choices and rights

• You can ask us to access or delete your waitlist data or account data at any time by emailing privacy@minibrief.app.
• You can uninstall the extension, which removes its local data from your browser; contact us to delete the account itself.
• Depending on where you live (for example, under GDPR or CCPA), you may have additional rights to access, correct, or delete personal data. Contact us and we will honor applicable requests.

When you ask us to delete your account, we remove the associated data within 30 days, except where we are legally required to retain it.

6. Children

MiniBrief is intended for working professionals and is not directed to children. We do not knowingly collect data from anyone under 16.

7. Changes

We may update this policy as the product evolves. If we change how we use Google or Microsoft user data in a materially different way than disclosed here, we will notify you and, where required, ask for your consent before the new use takes effect. Material changes are reflected by the “Last updated” date above.

Questions? Email privacy@minibrief.app.