CHIEF OF STAFF PRIVACY POLICY
Privacy Policy
Chief of Staff
Last updated: April 14, 2026
Overview
Chief of Staff is a personal productivity app that helps you manage email, calendar, commitments, and daily briefings. Your
privacy is fundamental to how this app is designed. All your data stays on your device unless you explicitly enable iCloud
sync.
Data Collection
We do not collect, transmit, or sell any personal data. Chief of Staff operates entirely on your device.
What the app accesses
- Email accounts -- You provide account credentials (OAuth tokens or app-specific passwords) to connect your email. These
credentials are stored exclusively in the device Keychain and are never transmitted to us.
- Calendar and Reminders -- The app reads your calendar events and reminders through Apple's EventKit framework to include
them in briefings and the Today view.
- Contacts -- The app imports contact names and email addresses to identify email senders and track relationships. Contact
data stays on your device.
- On-device AI processing -- Email classification, draft generation, and suggestions are processed using Apple's on-device
Foundation Models. No email content is sent to external AI services.
What the app stores
All data is stored locally on your device using Apple's SwiftData framework:
- Email messages, calendar events, and reminders synced from your accounts
- Commitments, follow-ups, and strategic priorities you create
- Briefings and draft responses generated by the app
- Your profile name, role, and work domain configuration
- Suggestion history and notification preferences
iCloud Sync (optional)
If you enable iCloud Sync in Settings, your app data (excluding credentials) is synced across your devices through Apple's
CloudKit. This data is encrypted in transit and at rest by Apple. We do not have access to your iCloud data. Credentials
remain in per-device Keychain and are never synced.
Third-Party Services
Chief of Staff connects to third-party services only when you explicitly configure an account:
- Google (Gmail, Google Calendar) -- OAuth2 authentication. The app requests read access to email and calendar, and compose
access to create drafts. See https://policies.google.com/privacy.
- Microsoft (Exchange, Outlook) -- OAuth2 authentication for email and calendar access. See
https://privacy.microsoft.com/en-us/privacystatement.
- Yahoo -- OAuth2 authentication for email access. See https://legal.yahoo.com/us/en/yahoo/privacy/index.html.
- Slack -- Bot token authentication for reading messages. See https://slack.com/trust/privacy/privacy-policy.
- IMAP/SMTP servers -- Direct connection to mail servers you configure. Credentials are stored in Keychain.
No data from these services is shared with us or any other third party.
Analytics and Tracking
Chief of Staff does not include any analytics, crash reporting, advertising, or tracking frameworks. We do not use cookies,
pixels, fingerprinting, or any other tracking technology.
Data Retention and Deletion
Your data remains on your device for as long as you use the app. You can delete individual accounts (which cascades to all
associated data) or use Settings > Data & Privacy > Delete All Data to permanently remove everything, including Keychain
credentials and cached data.
Uninstalling the app removes all locally stored data. If iCloud Sync was enabled, you can remove synced data through
Apple's iCloud settings.
Children's Privacy
Chief of Staff is not directed at children under 13 and does not knowingly collect data from children.
Changes to This Policy
If we update this policy, we will post the revised version at this URL with an updated date. Continued use of the app after
changes constitutes acceptance.
Contact
If you have questions about this privacy policy, contact:
Jacob Douylliez
Email: jacdouy@icloud.com