DaedArch Connect ("the Service") is a private, consent-driven personal-life-management assistant that a single user connects to their own accounts. The data controller responsible for your information is DaedArch Corporation, a corporation organized under the laws of the State of Delaware, United States. This policy explains what information we collect, how we use it, who we share it with, how long we keep it, how you can access or delete it, and your rights. We collect and use your information only to provide the features you see in the Service. We never sell your data and never use it for advertising.
We use your information solely to provide and improve the user-facing features of the Service that you can see — organizing your own information, surfacing what needs your attention, and maintaining your private, owner-only knowledge base. We do not use your information for advertising, profiling for third parties, or any purpose unrelated to the features you use.
When you connect your Google account, you grant DaedArch Connect the specific scopes you approve on the Google consent screen. We use each scope's data only for the corresponding user-facing feature:
gmail.readonly): we read your email to surface and organize what matters and to build your private, owner-only knowledge base. We never delete, trash, send, or modify your email.calendar.readonly, calendar.events): we read your calendar for an at-a-glance view and create/update events at your direction. We never delete events.contacts.readonly): read-only, to attribute events, tasks, and messages to the right people. We never modify or delete contacts.tasks): we read and manage your task lists at your direction (create, update, complete). We never delete tasks.Limited Use disclosure. DaedArch Connect's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
We request only the read-only Gmail scope (gmail.readonly) — not gmail.modify, gmail.send, or full mail.google.com — and do not request Google Drive access. You can revoke DaedArch Connect's access to your Google account at any time at Google Account permissions, and you can ask us to delete the copies/derivations of Google data we hold (see Data deletion & access).
DaedArch Connect uses Plaid Inc. ("Plaid") to connect your financial accounts. When you link an account, you enter your credentials directly through Plaid's secure connection flow, and Plaid collects and shares financial information (such as institution, account, balance, and transaction data) with us to power the features you use. Plaid's own collection and use of your data is governed by Plaid's End User Privacy Policy, available at plaid.com/legal. By connecting an account through Plaid, you agree to Plaid's End User Privacy Policy and authorize Plaid to share the data with us for the purposes described here. Plaid's in-flow Data Transparency Messaging shows you which data is being requested and why before you connect. You can review the accounts you have connected, see what data is shared, disconnect them, and request deletion through Plaid Portal at my.plaid.com or Plaid's data-rights request form at my.plaid.com/data-subject-request-form, and you can also ask us to delete the financial data we hold (see Data deletion & access).
If you make a payment, it is processed by Stripe, Inc. ("Stripe"). We share the information necessary to complete your transaction with Stripe, and Stripe processes your card data as a payment processor; we do not store your full card number. Stripe's handling of your data is governed by Stripe's Privacy Policy. Our payment pages are served over HTTPS, and we handle payment information in line with applicable PCI-DSS requirements.
We keep your information only as long as needed to provide the Service or as required by law, and we delete or de-identify it when it is no longer needed. You can request deletion at any time (see Data deletion & access).
To request access to, correction of, or deletion of the personal data we hold about you — including copies or derivations of Google user data and financial data — email [email protected] and we will honor your request as required by applicable law. You can also disconnect any connected account at any time, revoke Google access at myaccount.google.com/permissions, and manage or delete Plaid-connected data at my.plaid.com.
We use administrative, technical, and physical safeguards designed to protect your information, including modern, industry-standard encryption in transit and at rest, and access controls that limit access to authorized personnel with a business need. Financial credentials are handled by Plaid and card data by Stripe. No method of transmission or storage is 100% secure, but we work to protect your information and to meet the security expectations of Google (including the CASA security assessment for restricted Gmail data), Stripe, and Plaid.
The Service is not directed to children under 13, and we do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact [email protected] and we will delete it.
We may update this policy and will post the updated version here with a new effective date; material changes will be communicated as required.
DaedArch Corporation (a Delaware corporation) — [email protected].