Privacy Policy

Last Updated: September 24, 2025

Overview

Hippo is a personal knowledge management system that helps you store, organize, and interact with your personal information through an AI-powered assistant. This privacy policy explains how we collect, use, and protect your data when you use our service.

Information We Collect and Store

⚡ Important: Real-Time Data Access

We do NOT store or cache any data from your connected Google accounts (Calendar, Tasks, Drive). All Google account information is fetched fresh in real-time when needed and is never permanently stored on our servers.

Google Account Information (Basic Profile Only)

When you sign in with Google, we collect:

  • Email address: Used to identify your account and associate your data
  • Name and profile information: Used to personalize your experience
  • Profile picture: Displayed in your account interface

Google Calendar Information (Optional - NOT STORED)

If you choose to connect your Google Calendar, we access in real-time but do NOT store:

  • Calendar events: Event titles, dates, times, and descriptions (read-only access, fetched fresh each time)
  • Calendar metadata: Calendar names and basic settings (accessed in real-time only)

Note: Calendar access is completely optional and requires separate authorization. Calendar data is NEVER cached or stored on our servers - it's accessed fresh from Google each time you use the service.

Google Tasks Information (Optional - NOT STORED)

If you choose to connect your Google Tasks, we access in real-time but do NOT store:

  • Task lists: Task titles, descriptions, due dates, and completion status (read-only access, fetched fresh each time)
  • Task metadata: Task IDs, list names, and organization structure (accessed in real-time only)

Note: Google Tasks data is NEVER cached or stored on our servers - it's accessed fresh from Google each time you use the service.

Google Drive Documents Information (Optional - NOT STORED)

If you choose to connect specific Google Docs, we access in real-time but do NOT store:

  • Document content: Content from Google Docs you explicitly select through our secure file picker (read-only access, fetched fresh each time)
  • Document titles: Document names for display purposes (accessed in real-time only)

Note: We use Google's secure file picker with drive.file scope, which means we only access documents you explicitly select and grant access to - we cannot browse your Google Drive or access any other files. Document data is NEVER cached or stored on our servers - it's accessed fresh from Google each time you use the service.

Personal Data You Provide (STORED IN OUR DATABASE)

  • Knowledge entries: Personal notes, contacts, experiences, and other information you choose to store
  • Preferences: Settings for calendar integration, sync frequency, and other features

How We Use Your Information

Core Service Functions

  • Personal knowledge management: Store and organize your personal information
  • AI-powered assistance: Provide intelligent responses based on your stored data and connected services
  • Calendar integration: Include relevant calendar events in AI conversations and daily summaries
  • Tasks integration: Include task and productivity context in AI conversations
  • Google Docs integration: Access specific document content you authorize for enhanced AI context
  • Website generation: Create a personal website from your organized data and connected services

Service Improvement

  • Analyze usage patterns to improve our service (using anonymized data only)
  • Provide technical support and troubleshoot issues
  • Ensure security and prevent abuse

Data Storage and Security

Where Your Data is Stored

  • Google Cloud Firestore: All personal data is stored in Google's secure NoSQL database
  • Data isolation: Your data is completely separate from other users
  • Encryption: Data is encrypted both in transit and at rest

Security Measures

  • Industry-standard encryption protocols
  • Secure authentication through Google OAuth 2.0
  • Regular security audits and monitoring
  • Input validation and sanitization to prevent malicious data

Data Sharing and Third Parties

We Do NOT:

  • Sell your personal data to third parties
  • Use your data for advertising or marketing to you
  • Share your data with advertisers or data brokers
  • Use your data for credit decisions or financial services
  • Access your data beyond what's necessary to provide our service

Limited Data Sharing

We only share your data in these specific circumstances:

  • Google AI Services: Your stored data, calendar events, tasks, and authorized document content are sent to Google's Gemini AI to generate contextual responses (subject to Google's privacy policies)
  • Google Cloud Services: All data is stored and processed within Google Cloud infrastructure (Firestore, Gemini AI) under Google's security and privacy frameworks
  • Legal requirements: If required by law or legal process
  • Service providers: Trusted partners who help operate our service (under strict confidentiality agreements)

Your Rights and Controls

Access and Portability

  • View all your stored data through the Hippo interface
  • Export your data in a standard format
  • Download your personal website

Control Your Data

  • Edit or delete entries: Modify or remove any personal information you've stored
  • Revoke calendar access: Disconnect your Google Calendar at any time through your Google Account settings
  • Delete your account: Request complete account and data deletion

Google Services Permissions

  • Calendar access: Completely optional and requires separate authorization. You can revoke calendar permissions at any time in your Google Account settings
  • Tasks access: Completely optional and requires separate authorization. You can revoke Google Tasks permissions at any time in your Google Account settings
  • Google Docs access: Completely optional and requires separate authorization. You can revoke Google Docs permissions at any time in your Google Account settings
  • Revoking any Google service access does not affect your ability to use Hippo's core features
  • All Google integrations can be enabled or disabled independently in your Hippo preferences

Data Retention and Deletion

How Long We Keep Your Data

  • Account data: Retained while your account is active (Google profile information only)
  • Personal entries: Kept until you delete them or close your account (data you manually enter into Hippo)
  • Google Calendar data: NEVER stored or cached - accessed fresh from Google in real-time only
  • Google Tasks data: NEVER stored or cached - accessed fresh from Google in real-time only
  • Google Docs data: NEVER stored or cached - accessed fresh from Google in real-time only
  • Weather data: NEVER stored or cached - accessed fresh from weather APIs in real-time only

Account Deletion

When you delete your account:

  • All personal data is permanently deleted within 30 days
  • Backups are securely deleted according to our retention schedule

Children's Privacy

Hippo is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us to have it removed.

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. We encourage you to review this policy periodically.

Contact Us

If you have any questions about this privacy policy or our data practices, please contact us at:

  • Email: hippo@krugg.com

Google API Services

Hippo's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.