AGREEMENT TO TERMS

Who we are: Notable (“Company,” “we,” “us,” “our”)
Products covered: the notable desktop app for macOS (distributed with Apple Developer ID), the notable iPhone companion PWA, our websites, and related services (collectively, the “Service”).

Summary (plain English): notable is a personal CRM for Apple users. With your permission, notable reads certain data already on your Mac (e.g., Messages, Mail, Calendar, Contacts, and call history), organizes it into your own iCloud (CloudKit) private database, and helps you draft outreach using a small, purpose-built backend for AI suggestions. You stay in control: you can review, export, and delete your data at any time. We don’t sell your data or use it for ads. For Google integrations, we comply with Google’s API Services User Data Policy, including the “Limited Use” requirements.

1) What this policy covers

This Privacy Policy explains what we collect, how we use it, where it is stored, how it is shared, your choices, and your rights.

This policy does not apply to third-party services you connect (for example, Apple iCloud or Google). Those services are governed by their own terms and privacy policies.

2) Data we collect and where it comes from

A. On your Mac (local processing; Full Disk Access required)

With your explicit permission during onboarding, notable accesses certain local sources to build your personal relationship timeline:

• Messages (iMessage on macOS): conversation identifiers, timestamps (e.g., first/last message), message counts, and message text when needed to provide features like context and search. Group chats are ignored by default. Access requires Full Disk Access because the data resides in ~/Library/Messages/chat.db. You can enable or revoke Full Disk Access in System Settings → Privacy & Security → Full Disk Access.
  
  
  

• Mail (Apple Mail): message metadata (sender/recipient, subject, dates) and email body text for context, excluding file attachments. Data is read from ~/Library/Mail/V (local Mail store).
  
  
  

• Calendar: historical events (title, start time, attendee info where available) via EventKit, only after you grant permission.
  
  
  

• Contacts: contact cards (names, emails, phone numbers, organization, job title) via Contacts.framework, only after you grant permission.
  
  
  

• Call history (FaceTime/Phone on macOS): call time, duration, whether incoming/missed, and type (e.g., FaceTime). No call audio is collected.
  
  
  

We ignore file attachments by default. You can choose to restrict processing to metadata only, though this may reduce functionality (e.g., AI suggestions and search quality).

B. iPhone companion PWA

The iPhone companion primarily displays the data that’s already organized in your iCloud (CloudKit). It does not send automated messages; it simply opens Apple’s composer so you can send yourself. (No message is sent without you tapping Send.)

C. Apple iCloud (CloudKit)

By design, notable stores your personal data in your CloudKit private database associated with your Apple ID. Private database data belongs to you; apps are expected to provide ways to view/export your data.
Apple encrypts iCloud data in transit and at rest. (Certain categories may be end-to-end encrypted depending on your settings; see Apple’s iCloud security overview.) 

D. Google integrations (optional)

If you connect Google (OAuth), we only request the narrowest scopes needed to show your Google Contacts and Calendar data in notable (e.g., contacts.readonly and calendar.readonly, as applicable). We follow Google’s scope and verification guidance and the “Limited Use” requirements. 

E. Our minimal backend (LLM suggestion service)

When you ask notable to draft suggested outreach or perform natural-language search, we may send limited, relevant snippets (for example, short message or email text segments, or your own tone examples from onboarding) to our AI suggestion endpoint to generate the result. We strive to minimize personally identifiable information and never send attachments. Unless you explicitly opt in, we do not use your data for model training beyond providing the requested feature.

3) Why we use your data (purposes)

• Build a unified contact timeline (first interaction; messages, emails, calls, meetings thereafter).
  
  
  

• Provide search (including advanced AI-powered queries) and deduplication of contacts (e.g., auto-merge by shared email/phone; otherwise ask you).
  
  
  

• Generate suggested outreach and daily notifications (e.g., job-change alerts via our backend, and “keep-warm” suggestions).
  
  
  

• Provide the floating mini-window that infers the active contact in Mail/Messages to show context and suggested text.
  
  
  

• Operate, maintain, and improve the Service; troubleshoot and secure it; comply with legal obligations.
  
  
  

For Google data, we additionally commit to Google’s Limited Use policy (see Section 7).

4) Where your data lives

• On-device (Mac): raw sources remain on your Mac.
  
  
  

• CloudKit (your iCloud): organized records (e.g., Person, MessageConversation, EmailCommunication, CallRecord, EventRecord, Notification) live in your private CloudKit database; we don’t have direct access to your private database. Public app metadata (e.g., UserPreferences) is stored in the public CloudKit database with appropriate ACLs.
  
  
  

• Our backend: transient processing for LLM suggestions and AI search requests. We keep only minimal operational logs and delete or anonymize them on a short schedule unless security, abuse, or legal retention is required.
  
  
  

5) macOS permissions we request and why

• Full Disk Access (FDA): Required to read local stores like Messages and Mail. You control FDA in System Settings → Privacy & Security → Full Disk Access.
  
  
  

• Accessibility (to read UI state): Needed to detect the selected conversation in Messages for the floating window workflow. You control this in System Settings → Privacy & Security → Accessibility.
  
  
  

• Automation / Apple Events (Mail/Messages): Needed to read the selected email’s sender in Mail (AppleScript) and similar automations. You’ll see an “allow this app to control …?” prompt and can manage access in Settings.
  
  
  

You can revoke any permission at any time in System Settings. The app will continue to operate with reduced functionality.

6) How we share information

We do not sell your personal information and do not share it for advertising. We share only as described below:

• Service providers / processors: e.g., our AI suggestion endpoint and infrastructure providers, bound by confidentiality and data-processing terms.
  
  
  

• Apple iCloud (CloudKit): to store your records in your private database as designed by Apple. iCloud secures data in transit and at rest.
  
  
  

• Google APIs (optional): if you connect Google, we access data strictly under the scopes you approve. See Section 7.
  
  
  

• Legal/compliance: to comply with law, protect rights, or respond to lawful requests.
  
  
  

• Business transfers: if we undergo a merger or acquisition, we’ll provide notice and options.
  
  
  

7) Google user data — Limited Use commitments

For any Google user data we obtain via OAuth (e.g., Contacts, Calendar):

• We limit our use of Google data to providing or improving user-facing features that are visible and prominent in notable (e.g., contact timelines, search, and outreach suggestions).
  
  
  

• We do not transfer Google data except (a) to provide or improve those user-facing features, with your consent; (b) for security; (c) to comply with law; or (d) as part of a merger after obtaining your explicit prior consent.
  
  
  

• No human reading of Google data unless you give explicit consent for a specific case, or it’s necessary for security, compliance with law, or use in aggregate for internal operations.
  
  
  

• We request the narrowest scopes needed (e.g., contacts.readonly, calendar.readonly) and justify them during Google’s verification.
  These commitments are required by Google’s API Services User Data Policy (“Limited Use”).
  
  
  

We also follow Google’s OAuth brand/domain verification rules (e.g., host the privacy policy on our verified domain and link it from the consent screen).

8) Data retention and deletion

• On-device + CloudKit: data persists until you delete it. You can delete items in-app, reset the app’s data, or remove iCloud data for the app from your iCloud settings.
  
  
  

• LLM/backend logs: kept briefly for operations and security, then deleted or anonymized unless we must retain them longer (e.g., to investigate abuse).
  
  
  

You can also disconnect Google at any time (e.g., via myaccount.google.com → Security → Third-party access) and/or request deletion of any server-side data we control by contacting us at privacy@notable.fyi.

9) Security

We take reasonable and appropriate measures to protect your information (e.g., encryption in transit, least-privilege access, monitoring, hardened runtime/notarized builds, and CloudKit’s encryption at rest and in transit). iCloud security details are published by Apple.

10) Your choices and rights

• Permissions: Grant/revoke macOS permissions anytime in System Settings. 

• Access & export: Use in-app views and export tools; for CloudKit data, we can assist with exports on request. 

• Delete: Delete items in-app and/or remove app data from iCloud settings; write us for server-side deletion.

• Regional rights: Depending on where you live (e.g., EU/UK, CA, CO, CT, VA, UT), you may have rights to access, correct, delete, or port your data, or to object/restrict processing. Contact us to exercise these rights.
  
  
  

11) International transfers

We may process data in the United States and elsewhere. Where required, we rely on appropriate safeguards (e.g., Standard Contractual Clauses) for transfers.

12) Children’s privacy

The Service is not directed to children under the age required by local law (e.g., 13 in the U.S., 16 in parts of the EU). We do not knowingly collect such data. If you believe a child has provided data, contact us.

13) Changes to this policy

We’ll post any changes here and update the “Effective date.” Material changes will be announced in-app or by email where appropriate.

14) Contact us

Email: privacy@notable.fyi