Help center

Support

Answers to common questions, plus a way to reach us if something isn't working.

Common questions

No. The only Gmail permission we request is read-only access. We can read emails, but we cannot send, delete, modify, or access anything else in your account. You can verify this in your Google account's security settings under "Third-party apps with account access."
No. All AI processing runs on our own servers using a locally-hosted model. Your email content is never sent to OpenAI, Anthropic, Google's AI APIs, or any other third-party AI provider. This is a core architectural decision, not just a policy.
You can disconnect at any time from within the app, or directly through Google: go to myaccount.google.com → Security → Third-party apps with account access → remove "ToDo's AI." Once revoked, we can no longer access your inbox and your stored tokens are invalidated.
Reject it with a single tap. That feedback goes directly into improving the AI's accuracy for your account. If a particular sender keeps generating irrelevant tasks, the system will learn to handle them differently after a few rejections.
This can happen, especially early on. The AI is calibrated to avoid false positives (suggesting tasks that aren't real), which means it sometimes misses ambiguous emails. Over time, your feedback helps it calibrate to your standards. If you're consistently missing a type of email, reach out — that's exactly the kind of feedback we need.
Not yet. The current version is iOS only. Android is something we're thinking about for after the iOS launch — join the waitlist and let us know you're an Android user so we can prioritize accordingly.
Gmail's task features require you to manually create tasks from emails. ToDo's AI does that automatically — it reads every email, decides whether it contains an action item, extracts a structured task, assigns priority, and puts it in your list. No manual work required.

Contact us

Can't find what you're looking for? We check email regularly and typically respond within a day.

Email support
support@todosai.net

For bug reports, include your iOS version, app version, and a brief description of what happened.

Legal

Privacy Policy

Last updated: April 2026

What we collect

When you use ToDo's AI, we collect the minimum amount of information needed to provide the service:

  • Your Google account email address and name (from sign-in)
  • An OAuth token that allows us to read your Gmail (encrypted at rest)
  • Email content — subject lines, sender names, and body text — processed to extract tasks
  • Tasks created from your emails, along with any feedback you provide (confirmed/rejected)
  • Basic usage data (sync timestamps, error logs) for debugging

We do not collect your Gmail password. We do not collect emails that our system determines are not actionable (they are read, filtered, and discarded without storage).

How we use it

The data we collect is used exclusively to:

  • Read and process your Gmail to generate task suggestions
  • Improve the accuracy of task extraction for your account based on your feedback
  • Maintain and debug the service

We do not sell your data. We do not use your data for advertising. We do not share your email content with third parties for any purpose.

AI processing

All AI inference — reading emails, classifying them, extracting tasks — runs on servers we operate directly. Your email content is not sent to OpenAI, Anthropic, Google's AI services, or any other external AI provider.

Data retention

We retain your data for as long as you have an active account. If you delete your account or revoke Gmail access:

  • Your Gmail OAuth token is immediately invalidated and deleted
  • Your task history and feedback data are deleted within 30 days
  • Anonymized aggregate statistics (not linked to your account) may be retained for service improvement

Third-party services

ToDo's AI uses the following external services:

  • Google Gmail API — to read your email with your permission. Subject to Google's Privacy Policy.
  • Firebase Hosting — to serve this website. No user account data is stored here.

We do not use third-party analytics tools, advertising networks, or data brokers.

Security

Gmail OAuth tokens are encrypted using industry-standard symmetric encryption before storage. Access to production systems is restricted and logged. We use HTTPS for all data in transit.

No security system is perfect. If you discover a vulnerability, please report it to support@todosai.net before disclosing it publicly.

Your rights

You can request a copy of the data we hold about you, ask us to delete your account and associated data, or revoke Gmail access at any time through your Google account settings. To exercise these rights, email support@todosai.net.

Contact

Questions about this policy or how your data is handled: support@todosai.net