Your data is yours. Here is how we protect it.
Prio connects to your tools to work on your behalf. We never sell your data, we never train on your content, and we never act without your permission.
Your data serves you — and only you.
We connect to your tools for one reason: to do the work you ask us to do.
We never sell your data.
Your content powers Prio for you. We don't share it with advertisers, data brokers, or anyone else.
You own your content.
Everything you bring into Prio — emails, calendar events, documents, conversations — remains yours. We claim no ownership.
AI providers never train on your data.
Prio uses Claude and other AI models through APIs with strict terms prohibiting training on your inputs or outputs.
Google data stays protected.
Data from Gmail, Google Calendar, and Google Drive is never used for model training. Required by Google's API Services User Data Policy — and a commitment we stand behind.
Why Prio needs access.
Here is what we access, and why.
Surfaces what matters, drafts replies, triages your inbox. Only accesses messages needed for the task you request.
Calendar
Prepares briefings, finds conflicts, manages invitations. Never modifies events without your approval.
Slack, Notion, GitHub
Brings context from your tools into one conversation. Every integration is optional — connect only what you need.
CRM and contacts
Searches and updates Attio, syncs Google Contacts. Write operations always require approval first.
You are always in control.
Prio gives you a dial, not a switch. Start cautious, then grant autonomy when you are ready.
Approval-required by default.
Prio never sends an email, creates a calendar event, or takes a write action without your explicit approval — unless you configure it otherwise.
You choose what to connect.
Every integration is optional. Connect email, calendar, Slack, CRM, or any combination. Disconnect anytime from settings.
See everything it does.
Full action log for every operation. Clear reasoning for every step. Complete transparency into what happened, when, and why.
Three risk levels for every action.
Low-risk actions (personal events, thread replies) can auto-execute. Medium-risk (new emails, events with attendees) requires review. High-risk (external API calls, bulk operations) always needs approval.
Delete your data anytime.
Go to Settings to delete your account. We soft-delete immediately and permanently remove all data within 30 days.
Revoke access instantly.
Disconnect any integration from settings, or revoke Prio's access directly from your Google, Slack, or Notion security settings.
Approval preview
Subject: Q2 budget update
Hi team, attached is the updated Q2 budget with the revised projections we discussed...
Every outbound action shows exactly what Prio wants to do before execution.
How we protect your data.
Security is not a feature we ship. It is how we build.
Encrypted everywhere.
TLS 1.3 for all data in transit. AES-256 encryption at rest. OAuth tokens encrypted before database storage.
EU-hosted infrastructure.
All data stored in Frankfurt (eu-central-1). Supabase backend with row-level security. No replication outside the EEA.
OAuth-only access.
Prio never stores your Google or Microsoft password. All integrations use scoped OAuth 2.0 with automatic token refresh.
AI safety by design.
Prompt injection defenses with fail-closed supervisor. Rate limiting and cost caps prevent abuse and runaway spend.
Hallucination detection.
Server-side monitoring flags when the AI claims to complete an action without calling the corresponding tool. False completions are logged and prevented.
Google API Limited Use compliant.
Google user data is used only to provide services to you. Never shared, sold, or used for advertising.
GDPR compliance.
EU compliantBuilt in the EU, for the EU. Compliance is not an afterthought — it is the foundation.
Data residency
All personal data stored in EU data centers (Frankfurt, Germany). No data transfers outside the European Economic Area.
Lawful basis
We process data based on legitimate interest (providing the service you signed up for) and explicit consent for optional features.
Data minimization
We only access and store data necessary to perform requested actions. Email content is processed in memory, not persisted beyond what's needed.
Right to erasure
Delete your account from settings. All personal data, conversations, tokens, and activity logs are permanently removed within 30 days.
Right to portability
Export your conversations, tasks, contacts, and activity data at any time from settings.
Sub-processors
Supabase (database, EU), Vercel (hosting, Edge), Anthropic (AI processing, API-only), Resend (transactional email). All bound by DPAs.
Common questions.
Straight answers about your data and privacy.
Prio only accesses emails needed to perform actions you request — organizing your inbox, drafting replies, surfacing what is important. We do not store email content beyond what is necessary, and we never browse your inbox unprompted.
Bringing Prio to your team?
If your organization has security or compliance requirements, we would love to talk. We can provide a DPA, security questionnaire, and custom deployment options.