Skip to content
Synve

Vortyx privacy

How Vortyx Uses Google Data

This document explains how Vortyx uses information obtained through Google APIs. It supplements the Vortyx Privacy Policy.

Vortyx's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Related policy

This disclosure supplements the full Vortyx Privacy Policy, which explains broader data collection, use, retention, rights, and contact details.

Read the Vortyx Privacy Policy

Last Updated

May 25, 2026

Company

SYNVE TECHNOLOGIES PRIVATE LIMITED

Contact

contact@synve.ai

Website

https://synve.ai/vortyx

1. Google OAuth Scopes Requested

Vortyx requests Google OAuth scopes only for user-facing features that the user enables. Gmail analysis and synchronization occur only after the user connects a Google account and enables related Vortyx features.

Google Workspace API data is processed only to provide user-facing Vortyx functionality requested or enabled by the user.

Google Account Identity

Vortyx uses openid and email solely to:

  • Identify the Google account connected by the user
  • Display connection status for the connected account
  • Associate the Google integration with the authenticated Vortyx user and selected workspace

These scopes are not used to read Gmail content, send Gmail messages, access contacts, or access unrelated Google services.

Gmail Read-Only

https://www.googleapis.com/auth/gmail.readonly is used solely to:

  • Identify emails that may require user follow-up
  • Detect waiting states, commitments, unresolved work, and follow-up needs
  • Generate user-visible review items
  • Create user-approved tasks, reminders, recurring loops, summaries, or draft response actions
  • Support user-requested email review and continuity tracking features

Gmail Send

https://www.googleapis.com/auth/gmail.send is used solely to:

  • Send emails that the user explicitly initiates or approves inside Vortyx
  • Send user-approved replies or follow-ups generated from a review or action flow

Vortyx does not automatically send Gmail messages without user authorization.

Vortyx does not autonomously send external communications or perform external actions without user authorization except where explicitly configured by the user.

Background email analysis occurs only for integrations and features explicitly enabled by the user.

2. What Vortyx Does Not Use Google Data For

Vortyx does not use Google user data for:

  • Advertising
  • Retargeting
  • Personalized ads
  • Cross-context behavioral advertising
  • Marketing profiling
  • Contact scraping
  • Bulk email generation
  • Data brokerage
  • Resale of user data
  • Licensing or sale to information resellers
  • Creditworthiness or lending decisions
  • Generalized AI or machine learning model training
  • Unrelated analytics

3. Human Access

Human access to Gmail content is prohibited by default and restricted to:

  • Explicit user-authorized support interactions
  • Security investigation
  • Abuse prevention
  • Legal compliance
  • Reliability debugging where strictly necessary and access-controlled

Such access is limited to authorized personnel, logged where technically feasible, and restricted based on role and operational necessity.

4. AI Processing

Vortyx may use AI systems to classify messages, identify follow-ups, summarize operational context, prepare draft responses, and generate user-visible suggestions.

When AI processing is used:

  • Vortyx sends only the information reasonably needed for the requested feature.
  • Vortyx minimizes personal information sent to AI systems where reasonably possible.
  • AI service providers act as processors or service providers on Vortyx's behalf.
  • Vortyx does not use connected Gmail data to train general-purpose AI models.
  • Vortyx configures AI providers, where available, to prohibit the use of Vortyx-submitted Google Workspace data for generalized model training.
  • Vortyx selects providers and configurations intended to minimize retention and secondary use of submitted data.

Certain generated tasks, follow-ups, reminders, or suggested actions may require user review or confirmation before execution.

5. User Control

Users can disconnect Google integrations from Vortyx where available.

When a Google integration is disconnected

  • Vortyx stops future synchronization and access to that Google account.
  • OAuth tokens are revoked or deleted where technically supported.
  • Previously generated user-visible artifacts, such as tasks, reminders, review items, summaries, or loops, may remain until deleted by the user or workspace administrator.

Users may also revoke Google access from their Google Account permissions page.

6. Shared Workspace Visibility

Personal Gmail content is not automatically shared with workspace members.

Gmail-derived review items, tasks, summaries, loops, or actions become workspace-visible only when the user explicitly creates, confirms, converts, saves, shares, or collaborates on workspace-scoped objects derived from that content.

7. Security

Vortyx uses administrative, technical, and organizational safeguards designed to protect Google user data, including:

  • Encryption in transit
  • Encryption at rest where supported by infrastructure providers
  • Encrypted storage mechanisms for OAuth credentials and tokens
  • Access controls and least-privilege permissions
  • Role-based restrictions for production-system access
  • Audit and diagnostic logging
  • Secure token and secrets management practices
  • Monitoring for abuse and operational failures
  • Periodic review of access permissions and security controls