Privacy Policy
DawnCue
Last updated: 14 June 2026
DawnCue is a morning briefing app for iOS. This policy explains what data DawnCue uses, why it is needed, how long it is kept, and the choices available to you.
DawnCue is operated by Clemens Koprolin. Privacy questions can be sent to [email protected].
1. Your DawnCue account
DawnCue does not require your name or email address to create an account.
When you first use the app, a random account identifier is created. It does not directly contain your name or email address, but it may be linked to your settings, subscription status, device token, saved routes, and enabled integrations. We therefore treat it as personal data.
You may optionally add your first name for use in your greeting.
2. Data used for your briefing
DawnCue processes only the information needed for the modules you choose to enable.
Weather and location
DawnCue may use your device location to determine your city or approximate area. Precise GPS coordinates are not stored on DawnCue’s servers.
You can also enter a city manually. The city or coarse location needed for a forecast may be sent to a weather provider.
Calendar
With your permission, DawnCue reads only the titles and start and end times of events occurring today.
This information is sent to DawnCue’s servers and to our AI provider to compose the calendar section of your briefing. DawnCue does not edit your calendar or create events.
If you connect an inbox, DawnCue retrieves a limited number of recent unread messages to identify information that may be relevant to your morning briefing.
For Gmail, DawnCue currently accesses only the sender and subject metadata of those messages. DawnCue does not currently access Gmail message bodies, snippets, or attachments.
Email data is used only to identify important information and create the email section of your briefing.
If DawnCue later supports additional Gmail data or different email-provider access, the app and this policy will be updated before the new processing begins, and any required permission or consent will be requested.
Commute and transport
If you enable commute features, DawnCue stores the routes you choose, including origin, destination, and transport mode.
The minimum information required for a request may be sent to routing, traffic, mapping, or public-transport providers. DawnCue does not attach your name or DawnCue account identifier to these requests, although locations such as a home or workplace may still be personal data.
Health and activity
With your explicit permission, DawnCue may use a limited snapshot from Apple Health or Withings, such as:
- Steps
- Workouts
- Active energy
- Exercise minutes
- Sleep duration
DawnCue does not access heart rate, weight, blood pressure, ECG, blood glucose, or other medical data unless the app and this policy are updated first.
Health summaries are informational only and are not medical advice.
News
DawnCue may use your selected topics, sources, language, or region to retrieve public news headlines for your briefing.
The built-in news catalogue is limited to sources DawnCue is permitted to include. You may also add your own RSS or Atom feed URLs. If you do, DawnCue stores the feed title, URL, enabled status, and related news preferences, and retrieves recent public feed entries from that URL when composing your briefing. You are responsible for adding only feeds you have permission to use in DawnCue.
Custom sections
Instructions you enter for custom sections are stored with your settings and sent to our AI provider when the section is generated.
Please do not include passwords, financial details, medical records, government identifiers, or other highly sensitive information in custom instructions.
3. AI processing
DawnCue uses Google Cloud Vertex AI / Gemini Enterprise Agent Platform to compose briefing text.
Depending on the modules you enable, a request may include weather information, today’s calendar events, Gmail sender and subject metadata, commute information, health and activity data, news headlines, your optional first name, and custom-section instructions.
DawnCue currently sends these requests through Google Cloud’s Vertex AI endpoints in Europe. Google Cloud processes this data on DawnCue’s behalf. It is not used for advertising or to train or fine-tune Google’s models without DawnCue’s permission.
DawnCue does not keep logs of LLM requests or responses. DawnCue does not write assembled AI prompts, model request bodies, model responses, or raw generated model output to application logs, analytics, crash reports, or debugging logs. The request and response are handled in memory only long enough to compose the Dawn Card.
DawnCue’s briefing integration is designed not to use Vertex AI request-response logging, Google Search grounding, Google Maps grounding, the File API, explicit context caching, or Gemini Live session resumption for briefing generation. These features can involve additional storage by Google Cloud.
DawnCue’s configuration is intended to minimise AI data retention. Google Cloud may still process limited data for safety, abuse prevention, service reliability, or legal reasons according to its terms and enabled project controls. Google’s Gemini service may also use project-isolated, in-memory caching with a short time-to-live unless disabled at the Google Cloud project level; this cache is not stored at rest.
AI-generated content can occasionally be incomplete or inaccurate and should not be treated as medical, legal, financial, or other professional advice.
4. Google user data
This section applies to information DawnCue receives through Google APIs when you connect a Google account.
Google data DawnCue accesses
DawnCue uses Google OAuth to obtain your permission and the Gmail API to access a limited number of recent unread messages.
For Gmail, DawnCue currently accesses only:
- The message sender
- The message subject
DawnCue does not currently access Gmail message bodies, snippets, attachments, contacts, drafts, sent messages, or the ability to send, edit, or delete email.
DawnCue also receives and stores the OAuth tokens and related authorisation information needed to maintain the connection to your Google account.
How DawnCue uses Google user data
Gmail sender and subject metadata is used only to identify messages that may be important and to create the email section of your requested DawnCue briefing.
DawnCue does not use Google user data for advertising, targeted advertising, retargeting, creditworthiness, lending, or the creation of marketing profiles.
DawnCue does not sell Google user data and does not use it to train or improve general-purpose artificial-intelligence or machine-learning models.
How Google user data is stored and protected
Gmail sender and subject metadata may be transmitted to DawnCue’s backend for briefing composition. It is deleted after the briefing has been composed and no later than 24 hours after collection.
Google OAuth access tokens, refresh tokens, and related credentials are encrypted in transit and at rest. Access is restricted to systems and authorised persons who need it to operate, secure, or support DawnCue.
DawnCue does not create a permanent archive or database of Gmail messages or Gmail metadata.
How Google user data is shared
Gmail sender and subject metadata may be processed by Google Cloud Vertex AI / Gemini Enterprise Agent Platform, acting as a service provider to DawnCue, solely to generate the briefing you requested.
DawnCue does not disclose Google user data to advertising platforms, data brokers, information resellers, or other third parties for their own independent purposes.
Google user data may otherwise be disclosed only where necessary to provide the feature you requested, protect the service or users, comply with applicable law, or complete a corporate transaction where any consent required by Google’s policies or applicable law has first been obtained.
DawnCue does not permit humans to read Google user data except where you have explicitly agreed to access to specific data, where access is necessary to investigate a security or support issue, or where access is required by law.
Retention, disconnection, and deletion
Raw Gmail sender and subject metadata is deleted after briefing composition and no later than 24 hours after collection.
A generated briefing containing information derived from Gmail metadata is retained only until successful delivery or for a maximum of 24 hours.
You can disconnect your Google account at any time in DawnCue’s settings. DawnCue then deletes its stored Google credentials and, where supported, revokes the relevant Google token.
Deleting your DawnCue account also deletes stored Google credentials and other active Google-related account data, except for information that must temporarily remain for security, backup rotation, or legal reasons. Encrypted backup copies are removed through the normal backup rotation within one week.
Google Limited Use compliance
DawnCue’s use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
5. Connected accounts and credentials
DawnCue may support email accounts from Google, Microsoft, and Apple, as well as Withings.
Tokens or credentials needed for these connections are encrypted in transit and at rest. Depending on the provider, they may be stored on your device, on DawnCue’s servers, or both.
You can disconnect an integration at any time. DawnCue then removes its stored credential and, where supported, revokes the provider token.
Additional information about Google user data is provided in Section 4.
6. Notifications
DawnCue uses Apple Push Notification service to deliver scheduled and test briefings.
Apple receives the device push token and the notification payload needed for delivery. Depending on your notification settings, the payload may include briefing text or a short preview.
The token is used only for DawnCue notifications and is removed when you delete your account.
7. Subscriptions
Subscriptions are processed by Apple through the App Store and StoreKit.
DawnCue does not receive your payment-card or bank-account details. Apple may provide information needed to verify your purchase, such as product, transaction, purchase, renewal, and entitlement information.
This data is used only to provide subscription access, restore purchases, prevent fraud, provide support, and meet legal obligations.
8. Technical and security data
DawnCue may process limited technical information needed to operate and protect the service, including:
- IP address
- Request time
- App and operating-system version
- Device information
- Delivery status
- Error or crash information
- Security events
This data is used to maintain reliability, diagnose problems, prevent abuse, and investigate security incidents. It is not used for personalised advertising or cross-app tracking.
9. How long data is kept
| Data | Retention |
|---|---|
| Account identifier and preferences | Until you delete your account |
| First name | Until you remove it or delete your account |
| Raw calendar data, Gmail sender and subject metadata, other processed email data, and health data | Deleted after briefing composition and no later than 24 hours after collection |
| Assembled AI prompt and raw LLM response | Not stored or logged by DawnCue; handled in memory only during briefing composition |
| Generated briefing | Until successful delivery or for a maximum of 24 hours |
| Delivery, diagnostic, and security logs | Up to 30 days, unless needed longer for a specific incident or legal obligation |
| Saved commute routes | Until you remove them or delete your account |
| News preferences, custom RSS/Atom feed titles and URLs, and custom instructions | Until you remove them or delete your account |
| Push token | Until account deletion or replacement by Apple |
| Connected-account credentials, including Google OAuth tokens | Until disconnection, expiry, revocation, or account deletion |
| Encrypted backups | Removed through the normal backup rotation within one week |
Data deleted from active systems may remain briefly in encrypted backups until the next backup rotation.
10. Where data is processed
DawnCue’s core backend is hosted in Europe. AI briefing requests currently use Google Cloud’s Vertex AI endpoints in Europe.
Some providers, including Apple, email services, weather services, transport operators, mapping services, selected news sources, and operators of custom RSS or Atom feeds you add, may process limited information in other countries.
Where required, DawnCue relies on recognised legal safeguards for international transfers, such as adequacy decisions or the European Commission’s Standard Contractual Clauses.
11. Service providers
Depending on the features you enable, DawnCue may use:
- Apple for push notifications, subscriptions, Calendar, Health, Maps, and Weather
- Google for Gmail and Google Cloud Vertex AI
- Microsoft for Outlook or Exchange
- Withings for connected health and activity data
- HERE or public-transport operators for routes, delays, and departure information
- Selected weather and news providers, including operators of custom RSS or Atom feeds you add
These providers receive only the information needed for the relevant service.
DawnCue does not sell personal data and does not use calendar, email, health, commute, or custom-section data for advertising.
12. Legal basis
DawnCue processes data:
- To provide the service and features you request
- With your consent for optional modules and connected services
- With your explicit consent for health and fitness data
- For legitimate interests such as security, reliability, abuse prevention, and support
- Where required by law
You can withdraw consent at any time by disabling the relevant module, disconnecting the integration, or changing the relevant iOS permission. Withdrawal does not affect processing that was lawful before consent was withdrawn.
13. Your rights
Depending on your location, you may have the right to:
- Access your personal data
- Correct inaccurate data
- Delete your data
- Restrict or object to certain processing
- Export eligible data in a machine-readable format
- Withdraw consent
- Complain to a data protection authority
Access, export, and deletion controls are available in:
Settings → Data & Privacy
You can also contact [email protected].
DawnCue normally responds to valid requests within one month. We may ask for information needed to confirm that a request relates to the correct account.
DawnCue does not use your data to make automated decisions that produce legal or similarly significant effects.
14. Account deletion
You can delete your account in:
Settings → Data & Privacy → Delete Account
This removes your active account data, settings, saved routes, custom sections, push token, and connected-service credentials, including stored Google OAuth credentials, except for information that must temporarily remain for security, backup rotation, or legal reasons.
Encrypted backup copies are removed within one week.
15. Security
DawnCue uses measures designed to protect personal data, including encryption in transit, encryption at rest for stored credentials and sensitive information, restricted access, data minimisation, and short retention periods.
No online service can guarantee absolute security, but DawnCue works to reduce risk and respond to identified incidents.
16. Children
DawnCue is not intended for children under 16 and does not knowingly collect their personal data.
If you believe a child has provided data to DawnCue, contact us so we can investigate and remove it where appropriate.
17. Changes to this policy
DawnCue may update this policy when its features, providers, technical implementation, or legal obligations change.
For material changes, the “Last updated” date will be revised and an in-app notice may be shown.
Where a change requires consent, DawnCue will ask for it separately before the new processing begins.
18. Contact
For privacy questions or requests:
Clemens Koprolin
[email protected]