Privacy at BeeGreat

Privacy Policy

What BeeGreat collects, why it is needed, where it goes, and the controls you have over your information.

Last updated

Scope and summary

This Privacy Policy explains how BeeGreat (“BeeGreat,” “we,” “us,” or “our”) handles personal information when you use the BeeGreat app, Bee assistant, BeeDocs website, support, and related services (the “Service”). BeeGreat is the controller of the personal information described here unless a different notice says otherwise.

Your work stays yours

You control the goals, tasks, messages, and memories you add, and can edit or delete product content.

Power-ups are optional

Health, ChatGPT, connected-workspace, and Web3 data is processed only when you enable or use those features.

No data brokerage

We do not sell personal information or share it for cross-context behavioral advertising.

This policy does not govern a third-party service you choose to connect or visit. That provider’s policy applies to its own collection and use.

Data we collect

Account and profile

Your BeeGreat account identifier, name, email address, profile image, authentication method, sign-in state, and basic account settings. Authentication is provided by Clerk using the Apple or Google sign-in flow you choose.

Product content

Goals, projects, tasks, highlights, progress and Hive activity, saved bookmarks and memories, preferences, prompts, chat messages, Bee responses, generated interface content, and related timestamps.

Voice and AI inputs

Audio you choose to record for transcription, the resulting transcript, text sent to Bee, contextual product data needed to answer, generated speech text, and AI output.

Optional connections

Connection status, authorized scopes, account or workspace identifiers and names, and encrypted access credentials for services you connect, which may include ChatGPT, Google Health, GitHub, Linear, and Notion.

Optional health data

Read-only Google Health data you ask Bee to use, such as steps, exercise, heart rate, sleep, weight, body measurements, blood-oxygen saturation, heart-rate variability, or nutrition information.

Optional Web3 data

Power-up status, public wallet address, network, balances, public blockchain activity, and the wallet actions you request or approve. Public blockchain records are inherently public and cannot generally be deleted from the network.

Subscription data

Product identifier, purchase and renewal status, entitlement, transaction identifiers, region, and limited purchase history from Apple and RevenueCat. We do not receive your full payment-card number.

Technical and support data

Device and operating-system details, app version, timestamps, network and request metadata, IP address, crash or performance diagnostics, security events, support messages, and files or screenshots you send us.

BeeDocs stores your light or dark theme choice locally in your browser. Our hosting provider may process ordinary request logs. BeeDocs does not use advertising cookies.

Where data comes from

  • From you when you create an account, add content, speak or type to Bee, turn on a feature, make a purchase, or contact support.
  • From your device and use through app permissions, logs, diagnostics, and your interactions with the Service.
  • From providers such as Apple, Clerk, RevenueCat, or an account you deliberately connect, according to the permissions you approve.
  • From public networks when an enabled Web3 feature reads a public blockchain address or transaction.

Microphone access is used only when you invoke a voice feature. You can change system permissions in iOS or iPadOS Settings, although disabling a permission may prevent the related feature from working.

How we use data

We process personal information to:

  • create and authenticate accounts and keep data synchronized across signed-in devices;
  • provide Bee conversations, voice features, planning tools, memories, optional connections, power-ups, and subscription access;
  • personalize responses using the context and preferences you choose to keep in BeeGreat;
  • process, verify, restore, and support purchases;
  • respond to support, privacy, and account-deletion requests;
  • detect abuse, protect accounts, troubleshoot failures, and maintain performance and reliability;
  • understand aggregate product operation and improve the Service; and
  • comply with law, enforce our Terms of Use, and protect users, BeeGreat, and others.

We do not use health data, message content, or saved memories for targeted advertising.

AI and voice processing

When you talk to Bee, we send the prompt and the minimum relevant BeeGreat context to the AI infrastructure needed to generate a response. Depending on availability and your choices, this can include OpenAI or OpenRouter models and Cloudflare-hosted BeeGreat services. If you connect ChatGPT, encrypted authorization credentials are stored in BeeGreat’s backend and short-lived access is used to make the request.

For voice input, audio is transmitted to ElevenLabs for speech-to-text processing. BeeGreat does not add the raw recording to your saved account data as part of the normal voice flow, but the transcript and resulting conversation may be saved. Text sent for spoken replies is processed for text-to-speech. Providers may retain limited service records according to their agreements and legal obligations.

Automated systems generate Bee’s output, but BeeGreat does not make legal or similarly significant decisions about you solely through Bee’s output.

Health data

The Google Health power-up is off by default. If you enable it and complete Google’s authorization flow, BeeGreat stores encrypted read-only credentials and accesses only the scopes you approve. Requests are limited to the health information needed to answer the question you ask.

Important: A Bee response that includes health information can become part of your saved conversation. Delete that conversation or your account if you no longer want the response stored in BeeGreat.

We do not sell health data, use it for advertising, use it to determine eligibility for employment, credit, or insurance, or write health data back to Google Health. You can disconnect Google Health in BeeGreat and can also revoke BeeGreat from your Google Account permissions.

How data is shared

We disclose information only as needed for the purposes described above:

  • Infrastructure and product providers: Clerk for authentication; Convex for application data; Cloudflare for network and agent infrastructure; Apple and RevenueCat for subscriptions; Sentry for filtered diagnostics; ElevenLabs for voice; OpenAI or OpenRouter for AI; and Crossmint for an enabled wallet feature.
  • Services you connect: Google Health, GitHub, Linear, Notion, ChatGPT, or another integration you deliberately authorize. Data is exchanged according to the requested action and granted scopes.
  • Professional advisers and authorities: when reasonably necessary for legal compliance, audits, security, fraud prevention, or the establishment or defense of legal claims.
  • Business transfers: in connection with a merger, financing, acquisition, reorganization, or sale of assets, subject to appropriate confidentiality and notice obligations.
  • With your direction: when you ask us to share information or clearly consent.

Providers may process information in countries other than yours. They are permitted to handle it only for contracted services or another disclosed lawful purpose. We do not sell personal information or share it for cross-context behavioral advertising.

If European Economic Area, United Kingdom, or similar data-protection law applies, we rely on:

  • Contract to provide your account, requested features, and BeeGreat Pro;
  • Consent for optional permissions and sensitive integrations such as health access, where consent is required; you may withdraw consent by disconnecting the feature;
  • Legitimate interests to secure, diagnose, and improve the Service, prevent abuse, and communicate with you, balanced against your rights; and
  • Legal obligations for tax, accounting, lawful requests, and protection of rights.

Where we ask for information to perform a contract, not providing it may mean the related feature cannot work.

Retention and deletion

We keep account and product content while your account is active or as needed to provide the Service. Connection credentials remain until you disconnect, delete your account, the provider revokes them, or they expire. Short-lived authorization state is removed or allowed to expire after the flow ends. Diagnostics and support records are kept only as long as reasonably needed for security, troubleshooting, and legal purposes.

You can start account deletion in BeeGreat from your profile. If you cannot sign in, email oddofrancesco000@gmail.com from the address associated with your account. We may verify your identity before acting. We then delete or de-identify account data from active systems without undue delay, unless retention is required for security, fraud prevention, legal compliance, dispute resolution, or financial records. Protected backups age out under our backup cycle.

Account deletion does not erase public blockchain records, Apple purchase history, or information controlled independently by a connected service. Disconnect or contact those providers separately. Deleting an account also does not cancel your Apple subscription.

Your choices and rights

Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to processing of personal information, withdraw consent, or appeal a denied request.

  • Edit or delete supported goals, projects, tasks, messages, bookmarks, and memories inside BeeGreat.
  • Turn off power-ups and disconnect services in your profile; revoke access with the provider for an additional control.
  • Change microphone access and other system permissions in device Settings.
  • Manage or cancel BeeGreat Pro through Apple Subscriptions.
  • Request account deletion in the app or send a privacy request to the email below.

We do not discriminate against you for exercising a privacy right. We may need to verify your identity and authority, and applicable law may permit or require exceptions. You may use an authorized agent where local law allows. You can also complain to your local data-protection authority.

Security and international transfers

We use administrative, technical, and organizational safeguards designed to protect personal information. Sensitive connection credentials are encrypted at rest, access is scoped to authenticated users and services, and diagnostics are configured to filter prompts, health fields, credentials, authorization headers, and direct contact details. No system is perfectly secure, so we cannot guarantee absolute security.

BeeGreat and its providers may process information in the United States, the European Economic Area, and other countries whose laws may differ from yours. Where required, we use recognized transfer mechanisms and safeguards, such as contractual protections, and honor mandatory local rights.

If you discover a suspected security issue, do not include passwords, tokens, health records, or wallet secrets in your first message. Use the security contact on our Support page.

Children and policy changes

BeeGreat is not directed to children under 13, and we do not knowingly collect their personal information. If the law where a child lives sets a higher age for consent to online services, that age applies. Contact us if you believe a child has provided personal information without appropriate authorization.

We may update this policy when the product, providers, or law changes. We will revise the date above and provide additional notice when required. Material changes apply prospectively unless law allows otherwise.

Contact

For privacy questions or requests, email oddofrancesco000@gmail.com. Include the email associated with your BeeGreat account and the type of request, but never send a password, one-time code, access token, private key, or full health record.

For general product help, visit BeeGreat Support.