Privacy Policy
Last updated: January 23, 2026
1. Introduction
Shotgun ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
2. Information We Collect
Account Information
- Email address
- Name (if provided)
- Profile picture (from OAuth providers)
Connected Service Data
When you connect third-party services, we access data necessary to perform requested actions:
- Gmail: Read, send, compose, and modify emails; manage labels; access email metadata and contacts for email management
- Google Calendar: Read, create, update, and delete calendar events; access calendar metadata for scheduling
- Google Drive: Read, create, update, and delete files; access file metadata for file operations and document management
- Google Meet: Create meeting spaces; access meeting metadata and conference data for video conferencing
- Google Sheets: Read, create, update, and modify spreadsheets; access spreadsheet metadata for data operations
- Other services: Data as required by the specific integration (Slack, GitHub, Spotify, etc.)
Google OAuth Scopes
We request the following specific Google OAuth scopes to provide our services:
gmail.readonly- Read email messages and metadatagmail.send- Send emails on your behalfgmail.compose- Create draft emailsgmail.modify- Modify emails and labelsgmail.labels- Manage email labelscalendar- Full access to calendarscalendar.events- Create and manage calendar eventscalendar.readonly- Read calendar eventsdrive- Full access to Google Drive filesdrive.file- Access files created by the appdrive.readonly- Read-only access to filesdrive.metadata.readonly- Read file metadataspreadsheets- Full access to Google Sheetsspreadsheets.readonly- Read-only access to spreadsheetsmeetings.space.created- Create Google Meet spacesmeetings.space.readonly- Read meeting informationuserinfo.email- Access your email address for account identification
Usage Data
- Conversation history with the AI assistant
- Preferences and saved prompts
- Browser location (only if you grant permission)
3. How We Use Your Information
- To provide and maintain the Service
- To execute tasks you request through the AI assistant
- To personalize your experience and remember your preferences
- To improve and optimize the Service
- To communicate with you about updates or issues
- To detect and prevent fraud or abuse
4. Data Storage and Security
We use industry-standard security measures to protect your data:
- OAuth tokens are encrypted and stored securely
- Data is transmitted over HTTPS/TLS encryption
- We use Supabase for secure database storage
- Access to production systems is restricted and logged
5. Data Sharing
We do not sell your personal information. We may share data with:
- AI Providers: Conversation content is sent to AI models (Anthropic, Google) to generate responses
- Connected Services: Data is sent to services you connect (Google, Slack, etc.) to perform actions
- Service Providers: We use Supabase for database and authentication services
- Legal Requirements: We may disclose data if required by law
6. Third-Party Services
Our Service integrates with third-party platforms that have their own privacy policies. We encourage you to review the privacy policies of any third-party services you connect:
7. Google API Services Limited Use Disclosure
Shotgun's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Limited Use Requirements
In accordance with Google's Limited Use requirements, Shotgun will:
- Only use access to read, write, modify, or control Google user data to provide or improve user-facing features that are prominent in the requesting application's user interface
- Not transfer Google user data to third parties except as necessary to provide or improve user-facing features, with user consent, or for security purposes
- Not use Google user data for serving advertisements
- Not allow humans to read Google user data unless we have your affirmative agreement, it is necessary for security purposes, it is necessary to comply with applicable law, or our use is limited to internal operations and the data has been aggregated and anonymized
How We Use Google Data
We access Google user data solely to provide the following user-facing features:
- Gmail Integration: Read, compose, send, and organize emails through our AI assistant interface
- Google Calendar Integration: Create, view, update, and manage calendar events and schedules
- Google Drive Integration: Browse, read, create, and manage files stored in Google Drive
- Google Meet Integration: Create and manage video meeting links and conference data
- Google Sheets Integration: Read, create, and modify spreadsheet data
Data Processing
When you use our AI assistant with connected Google services:
- Google data is processed only when you explicitly request actions through the assistant
- We use AI models (Anthropic Claude, Google Gemini) to understand your requests and generate responses
- Google data may be temporarily processed by these AI providers to fulfill your requests
- We do not permanently store the content of your Google data beyond what is necessary to provide the service
- OAuth tokens are securely encrypted and stored only to maintain your connection
8. Data Retention
We retain your data for as long as your account is active. Conversation history is stored to maintain context and improve your experience. You can delete your account and all associated data at any time through the Account settings page.
9. Your Rights
You have the right to:
- Access: Request a copy of your personal data
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your data and account
- Portability: Request your data in a portable format
- Revoke Access: Disconnect third-party services at any time
10. Chrome Extension
The Shotgun Chrome Extension ("Save to Memory") allows you to save web pages and notes to your Shotgun knowledge base directly from your browser.
Data Collected by the Extension
- Page Information: When you save a page, we collect the URL, title, meta description, and favicon
- Page Content: Optionally, the main text content of the page for knowledge base indexing
- User Notes: Any notes you add when saving a page
- Settings: Your extension preferences (default knowledge base, storage type) stored locally via Chrome Storage API
Permissions Used
- activeTab: Access current page URL and title only when you click the extension
- storage: Save your preferences locally on your device
- tabs: Query active tab information for the save functionality
- scripting: Extract page content when you choose to save a page
The extension only activates when you click it. It does not track your browsing history, run in the background, or collect data without your explicit action.
11. Cookies and Tracking
We use essential cookies for authentication and session management. We do not use third-party tracking cookies or advertising trackers.
12. Children's Privacy
The Service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.
13. International Data Transfers
Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for international data transfers.
14. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.
15. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us at:
Email: privacy@shotgun.ai