Privacy Policy

Lil' reads your Gmail and Google Calendar metadata to identify which people in your network you should reach out to each week. It sends you a weekly email with three picks and a short note explaining why each person was selected.

From Gmail: We request the gmail.metadata scope: message headers only. We read the From, To, Cc, and Date headers to identify the people you correspond with and store a minimal record per message (sender address, recipient addresses, thread ID, and message date) to power the weekly re-computation of your contact graph. We do not read or store subject lines, snippets, message bodies, or attachments.

From Google Calendar: We request calendar.events.readonly. Our request to Google uses a fields mask that returns only attendee addresses and event start dates. We do not read event titles, descriptions, locations, attachments, or conferencing details.

From LinkedIn (optional): If you upload your connections CSV: name, LinkedIn URL, email (for ~20% of connections), company, title, connection date. We never scrape LinkedIn directly.

From you: Your sign-in email, optional ICP text, feedback signals (messaged/skipped/blocked).

Email bodies, calendar descriptions, browser activity, cookies from other sites.

Primary use: generate your weekly digest of three contacts to reach out to.

Other uses, all in service of running the product: sending the magic-link sign-in email, the welcome email after you connect Google, the deletion-confirmation email, and the per-pick feedback and unsubscribe links inside each digest.

We do not sell data, use it for advertising, or share contact lists with other users. Lil's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Lil' relies on third-party service providers to operate, covering hosting and database, email delivery, payment processing, error monitoring, and analytics. Each receives only the minimum data it needs to do its job. To write the short note that explains each pick, a third-party AI provider receives the contact's name, company, title, and your ICP text, never your email or calendar content. None of these providers receive your messages, because Lil' never reads them.

The waitlist signup form is protected from automated abuse by Cloudflare Turnstile, which runs silently in the background to confirm a real person is submitting the form. Turnstile may collect limited technical signals from your browser for this check; its handling of that data is governed by Cloudflare's Turnstile Privacy Addendum.

Database records (your account, contacts, digests, picks, events) are kept while your account is active and deleted within 7 days of a deletion request, via an automated daily purge job.

Message header records (sender/recipient addresses, thread ID, message date) are automatically pruned after 400 days. They fall outside the 365-day relationship-signal window and are no longer needed.

Uploaded LinkedIn connections CSV files (in our object storage) are deleted during the same 7-day purge job that removes your account.

When you delete your account, that same purge also removes your waitlist entry and unsubscribes you from our email list. A few records are kept only as long as the law or basic safety requires: payment records (if you were a paying customer) for tax and accounting, suppression records for any address that bounced or reported spam so we never email it again, and a short log noting that the deletion happened. None of these contain your contacts, your picks, or anything Lil' read from your inbox.

Block list, update ICP, pause digest, delete account: all in Settings. Email security@lil-app.com for privacy questions.

All data is transmitted over TLS. Google OAuth access and refresh tokens are encrypted at the application layer using AES-256-GCM before they are written to our database, so plaintext tokens are never persisted; our managed database additionally provides storage-level encryption at rest. Database access is restricted by row-level security; only your account can read your data. No one at KRT LLC reads your Gmail or Calendar data; access is automated, and we would only access your data manually to investigate abuse or to comply with the law. Server-side secrets (database credentials, OAuth client secrets, third-party API keys, and signing secrets) live only in server environment variables and are never bundled into client code. Two keys that are intentionally public (an analytics key and a database access key) appear in the client bundle by design; both are scoped so they cannot read or write your data.

security@lil-app.com | KRT LLC