Privacy policy.

Pathlight lets users connect supported accounts and services so they can ask Pathlight to perform tasks such as:

• Reading and summarizing emails
• Drafting, replying to, forwarding, starring, archiving, moving, or searching emails
• Looking up contacts
• Managing calendar events
• Creating reminders or follow-ups
• Searching user-authorized content
• Using voice commands to complete digital tasks

Pathlight does not access your connected accounts unless you authorize that access.

We collect information in the following categories.

A. Account Information

When you create or use a Pathlight account, we may collect:

• Name
• Email address
• Account login information
• Authentication identifiers
• Device or app identifiers
• Basic profile information you provide

B. Connected Account Data

If you connect Gmail, Google Calendar, contacts, Outlook, Yahoo, document services, or other integrations, Pathlight may access and process data from those services, depending on the permissions you grant.

This may include:

• Email metadata, including sender, recipient, subject, timestamps, thread IDs, labels, mailbox location, read/unread status, starred status, and attachment metadata
• Email content, including message bodies and snippets, when needed to read, summarize, search, draft, reply, forward, or otherwise assist with email tasks
• Calendar data, including event titles, times, attendees, locations, descriptions, and reminders
• Contact data, including names, email addresses, and related contact information
• Document metadata and content, if you authorize document-related integrations
• Other account data required to complete user-requested tasks

We only request access to data that is reasonably necessary to provide Pathlight's features.

C. Voice, Speech, and Command Data

Because Pathlight is a voice assistant, we may process:

• Voice commands
• Speech-to-text transcripts
• Text commands
• Corrections, interruptions, cancellations, and follow-up instructions
• Text-to-speech output generated by the system

Where possible, Pathlight uses transcripts and structured command data rather than storing raw audio. If raw audio is stored for debugging, quality improvement, or accessibility testing, we will disclose that in the product experience or applicable settings.

D. PATH Database Data

Pathlight may store data in our internal database system, including but not limited to:

• User preferences
• Email and calendar metadata
• Synced contacts
• Email summaries
• Thread summaries
• Importance classifications
• Time-sensitive labels
• Reminder state
• Search indexes
• Semantic embeddings
• Local cache records
• Action history
• User corrections and preference updates
• Internal references linking Pathlight records to provider IDs

This storage allows Pathlight to provide faster search, personalized assistance, lower latency, and more reliable task completion.

E. Usage, Analytics, and Performance Data

We may collect product analytics to understand whether Pathlight is working correctly. This may include:

• Task start and completion events
• Detected intent
• Selected workflow
• Error events
• Cancellation events
• Correction events
• Confirmation acceptance or rejection
• Latency by system stage
• Integration success or failure
• App version, device type, and operating system
• Feature usage

We use this data to improve reliability, accessibility, speed, and product quality.

F. Support and Feedback Data

If you contact us, participate in testing, submit feedback, or communicate with our team, we may collect:

• Your messages to us
• Bug reports
• Screenshots or recordings you choose to provide
• Accessibility feedback
• Support history
• Information needed to resolve your issue

We use your information to provide, maintain, secure, and improve Pathlight.

Specifically, we may use information to:

• Authenticate your account
• Connect authorized third-party services
• Read, summarize, search, draft, reply to, forward, move, archive, star, or otherwise manage emails at your direction
• Manage calendar events at your direction
• Look up contacts you ask Pathlight to use
• Generate responses, summaries, drafts, and confirmations
• Store and apply your preferences
• Improve task completion accuracy
• Reduce latency
• Detect and recover from errors
• Prevent unauthorized or unsafe actions
• Ask clarifying questions when your intent is ambiguous
• Provide accessibility-focused experiences
• Monitor system performance
• Debug and improve the product
• Comply with legal obligations

We do not use your emails, calendar data, contacts, documents, or connected account content for advertising.

We do not sell your personal information.

We do not use your connected account data to build advertising profiles.

If you connect a Google account, Pathlight's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

This means:

• We use Google user data only to provide or improve user-facing Pathlight features that you authorize.
• We do not sell Google user data.
• We do not use Google user data for advertising.
• We do not transfer Google user data except as necessary to provide or improve Pathlight, comply with law, protect security, or as otherwise permitted by Google's policies.
• We do not allow humans to read Google user data unless necessary for security, support, legal compliance, or with your explicit consent.
• We do not use Google Workspace or Gmail data to train general-purpose AI models.

Pathlight uses AI models to understand commands, classify intent, summarize information, draft content, search user-authorized data, and generate responses.

To provide these features, relevant portions of your commands, emails, calendar data, contacts, documents, or other connected data may be sent to AI infrastructure providers or model providers that help process your request.

We use these providers only to provide Pathlight's functionality, improve reliability, operate the service, and complete user-requested tasks. We do not permit these providers to use your connected account data for advertising. We also do not permit your connected account data to be used to train general-purpose foundation models unless you have explicitly agreed to that use.

Where possible, Pathlight minimizes the amount of data sent to AI providers by using structured inputs, internal references, retrieved snippets, cached records, and task-specific context rather than sending unnecessary full account histories.

Pathlight is designed so that our team does not normally need to view your personal emails, calendar events, contacts, documents, or connected account content.

Human access may occur only in limited circumstances, such as:

• You explicitly ask us for support that requires reviewing specific data
• You provide data to us voluntarily for debugging or feedback
• We need to investigate security abuse, fraud, or system misuse
• We are required to comply with law
• We need to protect the rights, safety, or security of users, Pathlight, or others

When human access is needed, we aim to limit access to the minimum information necessary.

Pathlight may ask for confirmation before taking actions that modify your accounts or communicate with others.

Actions that generally require explicit user confirmation include:

• Sending a new email
• Replying to an email
• Replying all
• Forwarding an email
• Moving important emails
• Marking an email as spam
• Creating, changing, or deleting calendar events
• Taking actions through connected services that may affect third parties or your account state

If Pathlight is unsure what you mean, if multiple contacts or emails match, or if a task could have meaningful consequences, Pathlight should ask a clarifying question rather than guessing.

Pathlight may store your information for as long as reasonably necessary to provide the service, improve reliability, comply with legal obligations, resolve disputes, and enforce agreements.

For connected email and calendar data, Pathlight may store synced records, metadata, summaries, classifications, embeddings, and search indexes to make the product faster and more useful. Depending on the product configuration and user permissions, Pathlight may maintain a searchable database of historical email records, including up to five years of email history.

We retain different categories of data for different periods, including:

• Account information for as long as your account remains active
• Connected account tokens for as long as the integration remains connected
• Synced email/calendar/contact data while your account or integration remains active, unless deleted earlier
• Usage analytics for product improvement and reliability monitoring
• Support communications as needed for support, audit, and legal purposes

You may request deletion of your Pathlight account or connected data by contacting us at pathlightproj@gmail.com. After receiving a verified deletion request, we will delete or de-identify applicable data unless we are required or permitted to retain it for security, legal, fraud prevention, backup, or compliance purposes.

To reduce latency and improve accessibility, Pathlight may create local or server-side cached records, search indexes, summaries, and embeddings from user-authorized data.

These records may be used to:

• Quickly find emails, contacts, documents, or calendar events
• Power semantic search
• Generate grounded answers from retrieved user data
• Classify emails as important, unimportant, or time-sensitive
• Remember user preferences and corrections
• Support asynchronous task preparation

Embeddings are mathematical representations of text used for search and retrieval. They are not intended to be human-readable, but they may still be derived from personal information. We treat embeddings associated with your account as user data.

When you connect third-party accounts, Pathlight uses OAuth or similar authorization methods where available. This means you authorize Pathlight without giving us your account password.

We may store access tokens, refresh tokens, or similar credentials needed to keep your integrations working. We use commercially reasonable safeguards to protect these credentials, such as secure storage, access controls, and encryption where appropriate.

You can revoke Pathlight's access through Pathlight settings, through the connected provider's security settings, or by contacting us.

Pathlight does not sell your personal information.

Pathlight does not sell your email content, calendar content, contact data, document content, voice commands, transcripts, or connected account data.

Pathlight does not use your connected account content for targeted advertising.

Pathlight does not share your connected account content with advertisers.

We may share information only in limited circumstances.

A. Service Providers

We may share information with vendors and infrastructure providers who help us operate Pathlight, including providers for:

• Cloud hosting
• Databases
• Authentication
• Speech-to-text
• Text-to-speech
• AI inference
• Analytics
• Error monitoring
• Customer support
• Security

These providers are authorized to process information only as needed to provide services to Pathlight and are not permitted to use it for their own advertising purposes.

B. Connected Services

When you ask Pathlight to take an action through Gmail, Google Calendar, Outlook, Yahoo, Uber, document platforms, or other integrations, we send the necessary information to that service to complete the task.

For example, if you ask Pathlight to send an email, we send the recipient, subject, body, and related message/thread information to the email provider.

C. Legal, Safety, and Security

We may disclose information if we believe it is necessary to:

• Comply with law, legal process, or government request
• Protect user safety
• Investigate fraud, abuse, or security issues
• Enforce our terms
• Protect the rights, property, or security of Pathlight, users, or others

D. Business Transfers

If Pathlight is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, user information may be transferred as part of that transaction. We will take reasonable steps to ensure the recipient handles personal information consistently with this Privacy Policy.

You may have the ability to:

• Connect or disconnect third-party accounts
• Revoke OAuth permissions through the provider
• Change user preferences
• Delete reminders or stored preferences
• Request deletion of your account
• Request access to certain personal information
• Request correction of inaccurate information
• Request that we stop processing certain information, where applicable

To make a request, contact us at pathlightproj@gmail.com.

We may need to verify your identity before fulfilling certain requests.

We use commercially reasonable administrative, technical, and organizational safeguards designed to protect user information.

These may include:

• Access controls
• Secure credential handling
• Encryption in transit
• Encryption at rest where appropriate
• Logging and monitoring
• Vendor controls
• Least-privilege access practices
• Internal restrictions on human access
• Security review for sensitive integrations

No system is perfectly secure. We cannot guarantee absolute security, but we work to protect user data and improve our safeguards over time.

Pathlight is not intended for children under 13, and we do not knowingly collect personal information from children under 13.

If we learn that we have collected personal information from a child under 13 without appropriate consent, we will take steps to delete it.

If Pathlight is used by minors above 13, a parent, guardian, school, or applicable organization may need to provide consent depending on the context and applicable law.

Pathlight may work with blind and low-vision testers, advisors, and users to improve accessibility and product reliability.

If you participate in testing, we may collect feedback, task results, recordings, transcripts, bug reports, or other information you choose to provide. We will use this information to improve Pathlight and accessibility outcomes.

We will not publicly identify testers or users without consent.

Pathlight is currently intended primarily for users in the United States. If you use Pathlight from outside that region, your information may be processed in countries that may have different data protection laws than your country of residence.

Where required, we will take appropriate steps to protect personal information in accordance with applicable law.

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice through the website, app, email, or another reasonable method.

The “Effective Date” at the top of this policy indicates when it was last updated.

For privacy questions, requests, or concerns, contact us at:

The Pathlight Project LLC
Email: pathlightproj@gmail.com