Legal
Privacy Policy
Effective date: June 29, 2026
This Privacy Policy explains what data AIVA (“AIVA”, “we”, “us”), operated through meetaiva.co, collects, how we use it, who we share it with, and the choices you have. It covers the meetaiva.co web service and the AIVA personal assistant app, in both cloud mode (AIVA supplies the model, voice, and storage) and local / bring-your-own-key (BYOK) mode (you supply your own provider keys and most data stays on your Mac). Questions? Email [email protected].
1. Information we collect
- Account information. When you sign in with Google, we receive your name, email address, and basic profile information via the
openid,email, andprofilescopes. This is used to create and secure your AIVA account. - Data from connected services. Only after you explicitly connect an app, AIVA accesses data from that service to perform the tasks you ask of it. For Google services, see Section 2.
- Usage and billing data. When AIVA runs a model on your behalf, we record usage events (such as the model used and token counts) tied to your account to operate and bill the service.
- Optional diagnostics. If you opt in, we receive anonymous, PII-scrubbed usage counts and error reports. These are toggles you control and can turn off entirely; they never include your conversations, memory, or connected-app content.
2. Google user data
When you connect a Google service, AIVA requests only the OAuth scopes needed for the features you use. We access this data on demand, when you ask AIVA to do something — we do not bulk-download or continuously index your Google account. Actions that write, send, or delete are routed through AIVA’s runtime approval policy before they are carried out.
| Google service | Scopes requested | What AIVA does with it |
|---|---|---|
| Gmail | gmail.modify | Search and read threads, manage labels, mark as read, and draft or send replies. Sending is handled by AIVA’s approval policy. |
| Google Calendar | calendar.events, calendar.calendarlist.readonly | List your calendars, read events and free/busy times, and create, update, or delete events through AIVA’s approval policy. |
| Google Drive | drive, documents | Search files and read file content on demand, and create or append to Google Docs through AIVA’s approval policy. |
To fulfill a request, the relevant excerpts of this data may be sent to an AI model provider for inference (see Section 4). In local / BYOK mode, this data is sent directly to the provider whose key you supplied and otherwise stays on your Mac.
3. How we use your information
- To provide the assistant features and tasks you request.
- To execute actions you have explicitly approved.
- To operate, secure, and bill the service.
We do not use your data for advertising, and we do not sell it.
4. How we share your information
- AI model providers. To generate responses and take actions, your message and the relevant context are sent to the model provider configured for your account (for example OpenAI, Anthropic, or Google) as a processor for inference.
- Voice and vision providers. Only when you use those features (for example a cloud voice or screen awareness), the relevant audio or screenshot is sent to that provider.
- Payment processing. Billing is handled by our payment processor (Stripe); we do not store your full card details.
We do not sell your data, we do not use Google user data for advertising, and we do not use Google user data to develop, improve, or train generalized AI/ML models.
5. Limited Use of Google user data
AIVA’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
6. Data storage and security
In cloud mode, OAuth tokens and connector credentials are encrypted at rest in our database, and any API keys you provide are stored encrypted. In local / BYOK mode, credentials are encrypted in a local credential vault on your Mac. Access to Google data is limited to fulfilling your requests.
7. Data retention and deletion
- Disconnect any app from within AIVA at any time — this revokes AIVA’s access token immediately.
- Review or revoke AIVA’s access to your Google account at myaccount.google.com/permissions.
- Request deletion of your account and associated data by emailing [email protected].
8. Your rights
Depending on where you live, you may have the right to access, correct, export, or delete your personal data, and to withdraw consent. To exercise these rights, contact [email protected].
9. Children
AIVA is not directed to children under 13, and we do not knowingly collect personal data from them.
10. Changes to this policy
We may update this policy from time to time. When we do, we will revise the effective date above and post the updated policy on this page.
11. Contact us
For any privacy questions or requests, email [email protected].