Legal

Privacy Policy

Effective June 7, 2026. This page is written for Nakama's early Chrome extension and web service. It should be reviewed by legal counsel before public launch.

Effective date

June 7, 2026

Who we are

Nakama is a Chrome extension and web service operated by Digitalog UK, Ltd. The service is being designed to make Gmail-based work lighter by helping users summarize selected context, draft replies, review writing, translate messages, and create follow-up Todo items.

Information we collect

We collect only the information needed to provide, secure, improve, and support Nakama.

Account information, such as your name, email address, profile image, Google account identifier, sign-in method, and basic account status.
Workspace profile information if you create or join a workspace, such as workspace name, organization name, country, company domain, organization type, business model, employee-size range, default language, and timezone.
Product usage metadata, such as features used, extension version, browser type, event timestamps, error logs, model/provider selection, subscription status, and aggregate usage counts.
Selected work context that you choose to process, such as visible email text, a draft you ask Nakama to review, a thread excerpt, or text you paste into Nakama.
Integration metadata, such as whether Google, Drive, Calendar, Tasks, or an AI provider connection is active. API keys are handled as secrets and should never be logged or exposed in analytics.
Website technical data, such as IP address, user agent, referring page, language route, and security logs.

Google user data

The current prototype requests only basic Google sign-in scopes: openid, userinfo.email, and userinfo.profile. If Gmail, Drive, Calendar, Docs, Sheets, Slides, Forms, Meet, or other Google API features are added, Nakama will request the minimum relevant scopes in context and explain why each permission is needed before access is requested.

Gmail data will be used only for user-facing features such as summaries, reply drafts, writing review, translation, and Todo suggestions requested by the user.
Drive and document data, if authorized later, will be used only for user-facing actions such as selecting files, saving attachments, inserting files into a draft, or creating user-requested work artifacts.
Calendar or Meet data, if authorized later, will be used only for user-facing scheduling, follow-up, and meeting-summary workflows requested by the user.
Nakama does not sell Google user data, use Google user data for advertising, or use Google user data to determine creditworthiness.
Nakama does not allow humans to read Google user data unless you explicitly ask for support involving specific data, it is necessary for security or abuse investigation, or it is required by law.
Nakama's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Google API Services User Data Policy Manage Google account app permissions

How we use information

We use information to operate Nakama and to keep the user in control of work output.

Authenticate users and maintain account or workspace access.
Provide summaries, reply drafts, writing review, translations, Todo extraction, and other requested assistance.
Insert drafts or suggestions only after the user chooses to do so. Nakama does not automatically send email in the MVP.
Personalize default language, tone, timezone, workspace policies, and model/provider preferences.
Measure product reliability and feature adoption using metadata rather than raw email bodies where possible.
Provide support, investigate errors, prevent abuse, enforce Terms, and comply with legal obligations.

AI processing

When you ask Nakama to generate a summary, draft, review, translation, Todo, or similar output, the selected task context may be sent to the AI provider chosen by you or your workspace administrator. This may include Gemini, OpenAI, Anthropic, or another provider enabled in the product. AI outputs may be inaccurate, incomplete, or inappropriate for your situation, so you should review every result before using it.

We do not use your Google user data or selected email content to train generalized AI models unless you have given explicit opt-in consent.
Where provider settings allow it, we configure AI processing to reduce retention and prevent training on customer content.
If you use your own API key, the relevant provider's terms and privacy practices may also apply to your use of that provider.

Storage and retention

Nakama is designed to minimize retention of raw email and document content. We prefer short-lived processing, user-visible saved artifacts, and metadata-based analytics.

Account and workspace records are retained while your account or workspace remains active.
Usage events, audit logs, security logs, and billing records may be retained for product operations, compliance, security, and accounting.
Raw selected email or document content is not stored by default for analytics. If a feature needs to save content, such as a user-created Todo or draft, the product should make that action clear.
Backups and logs may persist for a limited period before deletion according to operational retention schedules.

Sharing and processors

We may share information with service providers that help us operate Nakama, but only for the purposes described in this policy.

Cloud hosting, storage, database, security, monitoring, and support providers.
Google services when you sign in or authorize a Google integration.
AI providers when you request AI assistance and the provider is selected by you or your workspace policy.
Payment and subscription providers if paid plans are enabled.
Professional advisers, authorities, or counterparties where required for legal, security, compliance, or business-transfer purposes.

Your choices and rights

You can control your use of Nakama and the data connected to it.

You can stop using the Chrome extension or remove it from Chrome.
You can revoke Google access from your Google Account permissions page.
You can ask us to access, correct, export, delete, or restrict processing of personal information where applicable law gives you those rights.
You can opt out of non-essential cookies or analytics where those choices are offered.
Workspace administrators may control workspace settings, allowed AI providers, model policies, member access, and audit logs.

Google account permissions

Security

We use reasonable technical and organizational measures to protect information, including access controls, encrypted transport, secret handling, audit logs, and monitoring. No internet service can be guaranteed to be completely secure, and you should use care when choosing what content to process with any AI tool.

International transfers

Nakama may be operated from London, UK and Seoul, Korea, and may use processors in other countries. Where required, we rely on appropriate safeguards such as contractual protections, adequacy decisions, or other lawful transfer mechanisms.

Children

Nakama is not directed to children and should not be used by anyone under 16, or under the age required by local law to use online workplace tools.

Changes

We may update this Privacy Policy as Nakama evolves. Material changes will be communicated through the website, the app, or email before they take effect when required by law or platform policy.

Contact

For privacy questions or data requests, contact privacy@orenonakama.com. For general support, contact support@orenonakama.com.

Back to Nakama