Privacy Policy

Lexicon (“Lexicon,” “we,” “us”) is a team messaging and collaboration app that provides group chats, AI‑assisted meeting notes, events, and optional calendar scheduling. This policy explains what we collect, how we use it, and the choices you have. It applies to the Lexicon web and mobile apps.

Information we collect

•  Account information — your email address (for sign‑in via magic link or password), name, role, and profile photo.
• Content you create — messages, voice notes, attachments, shared links, decisions, action items, events, and RSVPs.
• Organization data — the organizations and chats you belong to and your role within them.
• Usage data — basic technical information needed to operate the service (e.g., timestamps, error logs).

Google user data

If you choose to connect your Google Calendar, Lexicon requests the following Google API scopes and uses the data only to provide the features you request:

• Create events (calendar.events) — when you tap “Add to my Google Calendar,” we create that single event on your primary calendar. We do not read, modify, or delete your other events.
• Suggest meeting times (calendar.readonly / free‑busy) — to suggest times that work for a group, we read only free/busy information (the time ranges you are busy). We do not read event titles, descriptions, attendees, or any other event details.

How Google data is stored and shared. Your Google OAuth tokens are stored securely on our backend (Supabase, encrypted at rest) and are restricted to your account; they are never exposed to other users or to the browser. Free/busy data is fetched at the moment you request a time suggestion and is not stored — only the resulting suggested time slots are shown, within your own chat. We do not sell Google user data, use it for advertising, or share it with third parties except as required to provide the feature (i.e., calls to Google’s own APIs).

Limited Use disclosure. Lexicon’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

You can disconnect Google Calendar at any time from your profile, which deletes the stored tokens.

AI features

Lexicon uses AI to generate meeting summaries, extract decisions and action items, and explain decision context. To do this, relevant chat content is sent to our AI provider (Anthropic) solely to generate that output. This content is not used to train third‑party models.

Other service providers

We rely on trusted providers to run Lexicon: Supabase (database, authentication, storage), Vercel (hosting), Anthropic (AI features), and LiveKit / Deepgram (optional voice and video). Each processes data only as needed to provide their part of the service.

Data retention & deletion

We keep your information for as long as your account is active. You can disconnect Google Calendar (removing tokens) at any time. To delete your account and associated data, contact us at the address below.

Security

We use industry‑standard measures including encryption in transit and at rest, and row‑level access controls so your data is only accessible to you and the people you share it with.

Children

Lexicon is not directed to children under 13, and we do not knowingly collect their personal information.

Changes

We may update this policy; material changes will be reflected by the “Last updated” date above.

Contact

Questions about this policy or your data? Email sarahandjeffhan@gmail.com.

Terms of Service · Home