Back to Home

Privacy Policy

Last updated: February 20, 2026

Overview

000 ("we," "our," or "the app") is a personal data organization tool that indexes your email, files, calendar, contacts, and messages into a unified, searchable database stored entirely on your own device. This privacy policy explains what data we access, how we use it, and how we protect it.

Data We Access

000 connects to the following data sources to build your personal index:

  • Gmail (via Google API): Email message headers (sender, recipient, subject, date) and message body text. Access is read-only. 000 never sends, modifies, or deletes your emails.
  • Google Calendar (via Google API): Calendar event details including title, time, location, and attendees. Access is read-only.
  • Google Contacts (via Google API): Contact names, email addresses, and phone numbers. Access is read-only.
  • Local Files: Files on your computer are read locally for AI-powered classification. File contents are processed on your device.
  • Messages: iMessage, SMS, and RCS message history from your local device database.
  • Audio Recordings: Voice memos and audio files are transcribed locally on your device.

How We Use Your Data

All data accessed by 000 is used exclusively to build your personal search index. Specifically:

  • Indexing: Email, calendar, contact, and message data is stored in a local database on your device for full-text and semantic search.
  • Classification: AI models analyze file content to automatically organize files into personalized categories. Where possible, classification runs locally on your device.
  • Search: Indexed data powers unified search across all your connected sources from a single interface.

We do not use your data for advertising, marketing, analytics, or any purpose other than providing the core functionality described above.

Where Your Data Is Stored

All indexed data is stored locally on your device in an encrypted database. Your data is never uploaded to our servers or any third-party cloud service. We do not have access to your indexed data.

Account information (email address for authentication) is stored securely using industry-standard encryption.

Third-Party Services

000 uses the following third-party services:

  • Google APIs: Gmail, Calendar, and Contacts APIs are used with read-only access to index your data locally. See the Google API section below for full details.
  • Supabase: User authentication only. Your indexed data is never sent to Supabase.
  • AI Classification: When local classification is insufficient, minimal file metadata (not full contents) may be sent to an AI service for classification. No email content is ever sent to AI services.

Google API Services User Data Policy

000's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, 000:

  • Only requests access to data that is necessary for the app's core functionality (personal search and organization).
  • Does not transfer Google user data to third parties unless necessary to provide the app's core functionality, required by law, or with explicit user consent.
  • Does not use Google user data for advertising or marketing purposes.
  • Does not allow humans to read Google user data unless the user provides affirmative consent, it is necessary for security purposes, or it is required by law.
  • Stores all Google user data exclusively on the user's own device.

Scopes Requested

  • gmail.readonly – Read-only access to Gmail messages for indexing email content locally.
  • calendar.readonly – Read-only access to Google Calendar events for local indexing.
  • contacts.readonly – Read-only access to Google Contacts for local indexing.

Revoking Access

You can revoke 000's access to your Google account at any time by visiting Google Account Permissions. Revoking access will stop new data from being indexed but will not delete data already stored in your local database.

Data Retention and Deletion

Since all indexed data is stored on your device, you have full control over it. You can delete your local database at any time to remove all indexed data. Deleting your account will remove your authentication credentials from our systems.

Security

We take the following measures to protect your data:

  • All data in transit is encrypted using TLS/HTTPS.
  • Google OAuth tokens are stored securely on your local device.
  • Your local database is protected by your device's own security (FileVault, login password, etc.).
  • API keys and credentials are never exposed to client-side code.

Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated date. If changes are significant, we will notify you via the app or email.

Contact

Questions about privacy? Email us at hello@get000.com