Privacy Policy

Last updated: April 2026

Overview

Morning Brief ("the Application") is a personal automation tool built and used solely by Mike Cain. It is not offered as a product or service to other users. This privacy policy is published because Google Cloud Console requires a privacy policy URL for OAuth applications, even single-user ones.

Who operates this application

Mike Cain, acting as an individual. Contact: mykalcain@gmail.com.

What data the Application accesses

The Application uses Google OAuth to access the following scopes on Mike Cain's own Google accounts, and no one else's:

• Gmail (gmail.modify): Read inbox messages and create draft replies in the Drafts folder. The Application does not delete or modify existing messages.
• Gmail (gmail.send): Send a single daily briefing email from Mike Cain's account to Mike Cain's own email address.
• Google Calendar (calendar): Read today's calendar events and free/busy windows to propose available meeting times in draft replies. The Application does not create, modify, or delete calendar events.

How data is stored and used

The Application runs locally on a Mac mini owned and operated by Mike Cain. Data flows:

• OAuth refresh tokens are stored locally on disk at ~/.config/morning-brief/ with file permissions restricted to the owner (chmod 600). They are never transmitted except to Google's OAuth servers for token refresh.
• Email metadata (subject, sender, snippet) and calendar events are read into memory at runtime, passed to the Anthropic Claude API and the Tavily web-search API for processing, then discarded when the process exits.
• A local JSON file at ~/.config/morning-brief/drafts_history.json records which draft emails the Application has previously created, to avoid duplicates. This file contains draft metadata (recipient, subject, category) but no message bodies.

Third parties

The Application sends data to two third parties as part of its normal operation:

• Anthropic — email metadata and calendar context are sent to the Claude API to classify emails and draft replies. Anthropic's privacy policy: anthropic.com/legal/privacy
• Tavily — search queries (not email content) are sent to the Tavily news search API. Tavily's privacy policy: tavily.com/privacy

Data retention

Email and calendar data are not retained beyond the duration of each run (approximately 2 minutes). The drafts history file is retained locally until Mike Cain deletes it.

Data sharing

The Application does not share any data with any third party except the Anthropic and Tavily APIs described above, and Google itself.

Google API Services User Data Policy compliance

Morning Brief's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Changes to this policy

This policy may be updated from time to time. The "Last updated" date at the top reflects the most recent revision.

Contact

For any questions about this privacy policy, contact Mike Cain at mykalcain@gmail.com.

← Back to home