Legal
Privacy Policy
Last updated: July 2026
Overview
Yomi is an AI assistant that sees your screen, hears your voice, and connects to your apps: Gmail, Google Calendar, Google Drive, Google Classroom, Google Tasks, Google Contacts, Google Meet, GitHub, Notion, Slack, and Linear. It is designed to be private by default: data from your connected apps is used only to answer your direct queries and is not stored, shared, or used to train AI models.
Two rules govern everything below. Nothing is accessed unless you ask. Yomi acts on your own data, in response to your own request, and never crawls your accounts in the background. Every action that changes something is approved by you first — sending an email, creating an event, saving a file, or editing a contact shows you exactly what will happen before it happens.
Google API Services: User Data
Each Google service below is a separate connector that you connect individually from your Yomi dashboard. You are never asked for access to a service you have not chosen to connect. When you connect one, Yomi may request the following access:
- Gmail (
gmail.modify,gmail.send) to read, search, organize, and send emails when you ask Yomi a question about your inbox. - Google Calendar (
calendar) to answer schedule queries such as “What's on my calendar today?” and to create, update, or delete events when you ask — every change requires your approval first. - Google Drive (
drive) to search and read your Drive files when you ask about them, and to create or convert documents, spreadsheets, and presentations on your request. - Google Classroom (
classroom.courses.readonly,classroom.coursework.me,classroom.announcements.readonly) to list your classes, assignments, and announcements and check your own submission status. - Google Tasks (
tasks) to read your to-do lists and create, edit, complete, or delete tasks on your request. - Google Contacts (
contacts,contacts.other.readonly,directory.readonly) to look a person up by name so we can find their email address before sending anything on your behalf, and to save or update a contact on your request. We never guess an email address — if several people match, we ask you first. - Google Meet (
meetings.space.created,meetings.space.readonly,meetings.space.settings) to create meeting links on your request and read your past calls — who attended and, where your plan produces one, the transcript — so we can summarise a meeting you ask about.
Limited Use.Yomi's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, this data is used onlyto provide or improve user-facing features that are prominent in Yomi's interface. It is not sold, not transferred to third parties except as needed to provide those features or as required by law, not used for advertising, and not used to develop, improve, or train generalised AI or machine-learning models.
Human access. No human at Yomi reads your Google data. The only exceptions are the ones the policy allows: with your explicit consent (for example if you send us a message to debug a problem), where necessary for security purposes such as investigating abuse, or where required by law.
Scopes we deliberately do not request. Yomi does not request https://mail.google.com/, so it can never permanently delete a message — the most it can do is move mail to trash, which you can undo. Yomi also never submits coursework on your behalf; it prepares the file and hands it back to you to attach.
Retention. Content fetched from a Google API to answer a request is held in memory for that request and discarded once the response is returned. The exception is a file you explicitly ask Yomi to save, which lives in your own Drive under your control.
You can revoke Yomi's access to your Google account at any time from myaccount.google.com/permissions or by disconnecting the integration from your Yomi dashboard.
Data we collect
We collect the minimum data needed to operate the service:
- Account data: email address, OAuth provider identifier (Google or GitHub). No passwords stored.
- Usage events: query count, agent runs, token usage, and cost. Used for metering and billing. No prompt content stored.
- Device metadata: OS, app version, last-seen timestamp. Used for support and compatibility.
- Memory blobs: if cloud sync is enabled, your Yomi notepad is encrypted and synced. You can delete it at any time.
Data we never collect
- Raw screenshots or screen recordings
- Raw audio recordings
- Prompt content or conversation history (unless you explicitly enable cloud memory)
- Content from blocklisted apps (password managers, banking apps)
Data handling during queries
When you trigger a query, your screenshot and transcribed voice text are sent to our LLM proxy to generate a response. Neither is stored after the request completes. Yomi never captures your screen or microphone in the background.
Third-party services
We use the following third-party services:
- Google APIs: Gmail, Calendar, Drive, Classroom, Tasks, Contacts, and Meet data accessed on your behalf when you ask Yomi to do something. Governed by Google's Privacy Policy. Yomi's use complies with the Google API Services User Data Policy, including Limited Use requirements.
- OpenAI: LLM inference via our proxy, plus speech-to-text and text-to-speech for voice features. Query content (including excerpts from connected apps) is sent only to generate a response, and is subject to their privacy policy. We do not enable training data use.
- ElevenLabs: fallback speech-to-text and text-to-speech, used only when the primary provider is unavailable.
- Telegram: if you link your Telegram account, the messages you send the Yomi bot pass through Telegram's infrastructure and are subject to their privacy policy. Linking is optional and can be undone from your dashboard.
- Dodo Payments: payment processing. We never store card details.
- Neon (Postgres): encrypted database hosting for account data, usage events, and encrypted OAuth tokens.
Data retention
Usage events are retained for 12 months for billing purposes then deleted. Account data is retained while your account is active. You can delete your account and all associated data at any time from Settings → Account → Delete account.
Your rights
You have the right to:
- Access a copy of all data we hold about you
- Delete your account and all associated data
- Export your memory/notepad data
- Opt out of cloud sync (use local-only mode)
To exercise these rights, contact us at contact.arkagarai@gmail.com.
Security
Memory blobs are encrypted at rest using AES-256. OAuth tokens for MCP connectors are encrypted. We use HTTPS for all data in transit. We conduct regular security reviews.
Changes to this policy
We will notify users of material changes via email at least 14 days before they take effect. The latest version is always at getyomi.in/privacy.
Contact
Questions? Email contact.arkagarai@gmail.com or open an issue on GitHub.