— Privacy policy

Privacy.

How mere handles your data — including data received from Google APIs. Last updated .

Who we are

mere is a product of Sawfwair Inc., a company incorporated in Prince Edward Island, Canada. When we say "mere", "we", or "us" in this policy, we mean Sawfwair Inc. operating the mere service at mere.business and associated subdomains.

What we collect

We collect only what we need to run the service:

  • Account information — your email address, display name, and authentication details when you create or sign in to a mere workspace.
  • Workspace data — the business records you or your team create or import into mere: contacts, deals, tasks, ops items, messages, notes, invoices, and similar operational content.
  • Communications — mail sent through mere (including outbound messages you authorise mere to send on your behalf via connected providers), voice call records if you enable Voice, and internal team messages.
  • Usage and diagnostic data — logs needed to operate the service: request timestamps, IP addresses for security, error traces, and aggregate usage counts. We do not sell or share this data.
  • Connected-provider data — when you connect a third-party provider (Google, Microsoft, Slack, Stripe, etc.) we store the minimum information needed to maintain the connection: access and refresh tokens (encrypted at rest), the connected account identifier, and the scopes you granted.

Google APIs — Limited Use disclosure

mere's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, for data received under the gmail.send scope (the only Gmail scope mere currently requests):

  • We use the scope only to send email messages that you explicitly initiate from within mere — either by composing a reply in mere's mail interface or by approving a draft produced by mere's AI assistant.
  • We do not store the content of messages you send via this scope beyond what mere already stores in your workspace database (the sent message as part of the conversation thread, for your own records).
  • We do not transfer this data to any third party except as necessary to provide or improve user-facing features, to comply with applicable law, or as part of a merger, acquisition, or sale of assets (in which case we will notify affected users).
  • We do not use this data for serving advertisements, and we do not allow humans to read it except (a) with your explicit permission for a specific message, (b) for security purposes such as investigating abuse, or (c) to comply with applicable law.

Inbound mail does not flow through a Google API scope. If you forward your Gmail to your mere inbox address, those forwarded messages reach mere through standard SMTP email delivery (not the Gmail API), and they are stored in your workspace database alongside other mail.

How we use your data

  • To run the service — provide the mere application, process your requests, send messages you authorise, and keep your workspace available to you.
  • To improve the service — analyse aggregate usage to fix bugs, improve performance, and design new features. Where AI models are used to produce in-product suggestions (drafts, coaching, summaries), your data is processed by the model only to produce the in-product response for you — never to train public third-party models unless you explicitly opt in.
  • To keep the service secure — detect abuse, prevent fraud, and protect the platform and your data.
  • To communicate with you — respond to support requests and send essential service notices. We will not send marketing email to you unless you opt in separately.

How we store and protect your data

  • Workspace data lives in a per-workspace Cloudflare D1 database and per-workspace R2 object storage scoped to your workspace. Other workspaces cannot read your data.
  • Access and refresh tokens from connected providers are encrypted at rest before being stored.
  • We use TLS in transit and follow common cloud-platform security practices. No internet service is perfectly secure; we work in good faith to keep yours safe.
  • We retain your data for as long as your workspace is active. When a workspace is cancelled or deleted, we delete the workspace's D1 and R2 storage within 30 days, except where longer retention is required by law.

Sharing your data

We do not sell your data. We share it only in the following narrow cases:

  • Service providers — infrastructure vendors (Cloudflare for hosting and storage; Resend for outbound mail delivery; OpenRouter or model vendors for AI features when you enable them; Stripe for billing). These providers process data only to deliver the service on our behalf.
  • Legal compliance — when required by subpoena, court order, or similar binding legal process, or to protect the rights, property, or safety of Sawfwair, our users, or the public.
  • Business transfers — if Sawfwair is involved in a merger, acquisition, or asset sale, your data may transfer as part of that transaction. We will notify you before it does.

Your rights

  • Revoke connections — you can disconnect any third-party provider (Google, Microsoft, Slack, Stripe) from your mere workspace settings at any time. Revoking access with Google directly at myaccount.google.com/permissions also immediately invalidates mere's tokens.
  • Access and export — you can request a copy of the data mere holds for your workspace by contacting us at hello@sawfwair.com.
  • Deletion — you can delete your workspace, and with it all workspace data, from your account settings, or by contacting us.
  • Correction — you can correct or update your account information directly in mere, or by contacting us.

If you are in Canada, the EU/EEA, the UK, or another jurisdiction with specific privacy rights (including rights under PIPEDA, GDPR, UK GDPR, or comparable laws), those rights apply in addition to the above. Contact us at hello@sawfwair.com to exercise them.

Cookies and local storage

mere uses strictly necessary cookies for authentication and session management. We use local browser storage to remember user-interface preferences (such as which view of the ops board you prefer). We do not use advertising or cross-site tracking cookies.

Children

mere is a business operations tool and is not directed to children. We do not knowingly collect data from anyone under 16. If you believe a child has provided data to mere, contact us and we will delete it.

Changes to this policy

We may update this policy as the product evolves. When we make material changes, we will post a notice in the mere application and update the "Last updated" date above. Continued use after a change constitutes acceptance of the updated policy.

Contact

Questions, concerns, or requests related to this policy: email hello@sawfwair.com.

Sawfwair Inc. · Prince Edward Island, Canada