Privacy Policy

1. Introduction

Miles ("we", "us", or "our") operates the Miles application and browser extension at heymiles.app. This Privacy Policy describes how we collect, use, store, and protect your personal information when you use our services.

We are committed to protecting your privacy and being transparent about how we handle your data. By using Miles, you agree to the collection and use of information as described in this policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Name and email address — used to identify your account and send you service communications.
• Profile information — such as your timezone, to personalize your experience.

2.2 Google Account Data

When you connect your Google account, Miles requests access to the following scopes. Each scope is used for a specific, limited purpose:

Permission	What We Access	Why We Need It
Google Calendar (read & write)	Your calendar events, including titles, times, attendees, and descriptions	To generate your daily briefing, show upcoming meetings, and help you prepare for them. Write access allows Miles to create events on your behalf when you ask it to.
Gmail (read & send)	Email metadata (subject lines, senders, dates, snippets) and email content	Read access lets Miles surface relevant email context for your meetings and contacts. Send access allows Miles to draft and send emails on your behalf when you explicitly request it.
User Info (email & profile)	Your Google email address, name, and profile picture	To create and authenticate your Miles account via Google Sign-In.
Google Docs (read-only)	Contents of Google Docs you choose to connect	To provide document context when preparing for meetings or generating briefings that reference shared documents.
Google Sheets (read & write)	Contents of Google Sheets you choose to connect	To read spreadsheet data for meeting preparation and to update sheets when you ask Miles to log or track information.
Google Drive (read-only)	File names and metadata in your Drive	To help Miles locate and reference relevant files when preparing meeting context.

Important: Miles only accesses data that is necessary to provide its features. We do not access, read, or store the full contents of all your emails or files. Email access is limited to metadata and snippets for context matching, and full content is only retrieved when directly relevant to a feature you are using.

2.3 Contact Information

Miles builds a contact graph from your calendar and email interactions. This includes names, email addresses, company names, job titles, and interaction history. This data is used exclusively to help you manage your professional relationships.

2.4 Browser Extension Data

If you use the Miles browser extension, it may access:

• Active tab URL — only on supported sites (Google Meet, Zoom, Google Docs) to provide contextual assistance.
• Page content on supported sites — to offer meeting intelligence features such as real-time note-taking and action items.

The extension does not track your general browsing activity, collect browsing history, or access data on sites other than those explicitly listed.

2.5 Usage Data

We collect anonymized usage analytics such as feature usage frequency, error logs, and performance metrics to improve the service. This data does not include the content of your emails, documents, or personal communications.

3. How We Use Your Information

We use the data we collect for the following purposes:

• Daily Briefings — generating personalized morning briefings by analyzing your calendar and relevant email context.
• Meeting Preparation — surfacing relevant emails, documents, and contact history before your meetings.
• Contact Intelligence — maintaining your relationship graph with interaction history and enriched professional data.
• Email Assistance — drafting and sending emails on your behalf, only when you explicitly initiate and confirm the action.
• Calendar Management — creating or modifying events when you request it.
• Service Improvement — using anonymized, aggregated data to improve Miles features and reliability.

4. Data Storage and Security

• Your data is stored on secure, encrypted servers.
• All data in transit is encrypted using TLS 1.2 or higher.
• Google OAuth tokens are stored securely and are used only to access the services you have authorized.
• We do not sell, rent, or share your personal data with third parties for advertising purposes.
• Access to user data is restricted to authorized personnel only, on a need-to-know basis for service operation and support.

5. Third-Party Services

Miles integrates with the following third-party services to provide its features:

• Google APIs — for calendar, email, document, and authentication services, governed by the Google API Services User Data Policy.
• Anthropic (Claude AI) — for generating briefings, summaries, and intelligent assistance. Only the minimum necessary context is sent to generate responses. We do not send your full inbox or file system.
• SendGrid — for transactional email delivery (e.g., task assignment notifications).
• Contact enrichment services — to supplement publicly available professional data for your contacts (e.g., job titles, company information). Only email addresses are shared with enrichment providers.

6. Google API Services User Data Policy Compliance

Miles' use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• We only use Google user data to provide and improve the user-facing features described in this policy.
• We do not transfer Google user data to third parties except as necessary to provide the service, as required by law, or with your explicit consent.
• We do not use Google user data for serving advertisements.
• We do not allow humans to read Google user data unless: (a) you have given explicit consent, (b) it is necessary for security purposes (e.g., investigating abuse), (c) it is necessary to comply with applicable law, or (d) the data is aggregated and anonymized for internal operations.

7. Data Retention

• Your account data is retained as long as your account is active.
• If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.
• Google OAuth tokens are revoked upon account deletion.
• Anonymized, aggregated analytics data may be retained indefinitely.

8. Your Rights and Choices

You have the following rights regarding your data:

• Access — you can view the data Miles has stored about you within the application.
• Correction — you can update your contact information and preferences at any time.
• Deletion — you can request deletion of your account and associated data by contacting us.
• Revoke access — you can disconnect your Google account at any time from your Miles settings or from your Google account permissions page.
• Data export — you can request an export of your data by contacting us.

9. Children's Privacy

Miles is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 16, we will take steps to delete that data promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or through a prominent notice in the application. Your continued use of Miles after changes take effect constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: support@heymiles.app

Website: https://heymiles.app