Privacy Policy

Lifto is an AI assistant that helps busy parents manage their kids' school and activity communications. It reads emails you forward to your Lifto address, or (with your explicit permission) reads incoming Gmail messages, and turns actionable items into Google Calendar events and Google Tasks on your own Google account.

When you sign in with Google, you may grant Lifto these scopes:

• Google Calendar (calendar.events) — to create events on your calendar from information extracted out of emails.
• Google Tasks (tasks) — to create tasks, to-dos, reminders, and money-due items on your task list.
• Gmail (gmail.readonly) — only if you opt into auto-scan. Lets Lifto read recent messages in your inbox so it can pull out school and family items without you forwarding each one.

You can also use Lifto without the gmail.readonly scope by forwarding emails manually to your personal Lifto inbound address (e.g. lifto_XXXXX@email.getlifto.ai).

Incoming emails (forwarded or auto-scanned):

1. Stored in a private Supabase database (hosted on AWS us-east-1), scoped to your user account.
2. Sent to Anthropic's Claude API for AI extraction of events, tasks, and reminders. Anthropic does not retain or train on this data when accessed via Lifto's API key.
3. Extracted items are written back to your Google Calendar and your Google Tasks via Google's APIs.

Your preferences and review actions:

• When you tell Lifto “this extraction was wrong” or “this isn't relevant to me,” that feedback is stored in your account to improve your future experience.
• Your preference signals never leave your account boundary. Lifto never uses one user's preferences to shape another user's experience. Your taste is yours.
• In aggregate (no individual user identifiable), Lifto may analyze extraction-quality signals to improve the AI's accuracy for everyone. No individual email content or personal preference is part of this.

• We do not sell your data to anyone.
• We do not share your email content with advertisers, marketers, or any third party.
• We do not train AI models on your personal emails.
• We do not use your data for anything outside the service you signed up for.
• We do not combine your data with other users' data for cross-user profiling.

• Your Google account (Calendar, Tasks, Gmail) — owned by you. Google is the custodian per their terms.
• Lifto's Supabase database — encrypted at rest and in transit, access limited to Lifto server infrastructure.
• Anthropic Claude API — transient only. Content is sent for processing; the returned extraction is stored in Supabase. Original email text is not retained by Anthropic for model training.
• Vercel (hosting) — serves the Lifto web app. Does not store user data beyond normal web server logs.

• Emails and extracted items are retained in Supabase as long as you use Lifto.
• On account deletion, all your data is purged from Supabase within 30 days. Data in your own Google account (events, tasks) stays with you.
• Google Calendar events and Google Tasks created by Lifto remain in your Google account until you delete them yourself.

You can, at any time:

• Revoke Lifto's access to your Google account at myaccount.google.com/permissions.
• Request a data export — email mary@maryflorcruz.com.
• Request deletion — email mary@maryflorcruz.com. We'll delete your account within 30 days.
• Correct inaccurate data directly in your Lifto dashboard.

Lifto is designed for parents managing their kids' lives. Lifto does not create accounts for users under 13. We may store non-identifying information about your kids (name, grade, school, teacher) so Lifto can match items to the right kid. This information is never shared or used outside your own account.

Lifto's use of information received from Google APIs (including gmail.readonly) adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• We use your Gmail data only to provide the Lifto service.
• We do not transfer, sell, or share your Gmail data for advertising, marketing, or any unrelated purpose.
• We do not allow humans to read your Gmail data except (a) with your explicit consent, (b) for security or legal compliance, or (c) if data is aggregated and anonymized beyond re-identification.

We'll update this page when practices change. Significant changes will be announced to registered users via email at least 30 days before taking effect.

Questions? Email mary@maryflorcruz.com. Lifto is operated by Mary FlorCruz during the beta.