Security and Privacy
How Grais handles your data and keeps it secure.
How does Grais handle my data?
Grais is local-first by default. Cloud processing is used when you request features that require it, such as AI-generated replies or sync.
Data is encrypted in transit and at rest. Grais is designed to use the conversation context you attach or open for the active workflow, rather than reading unrelated browser activity.
What privacy controls do I have?
- You choose the conversation context Grais uses for drafting and planning.
- You can keep sensitive contacts in review-first mode.
- Grais does not send messages unless the workflow and trust level allow it.
- You can delete memories, conversations, and synced records in the product.
- You can request full account and data deletion by email.
Does Grais use third-party AI providers?
Yes. Some features use third-party AI providers (such as OpenAI and Anthropic) for processing. These providers are contractually bound to handle your data securely and only for the purposes we specify. See our Privacy Policy for details.
Does Grais read every page I visit?
No. Grais is built around the conversation workflow. It uses the context needed for the active reply, planning, memory, or sync feature rather than acting as a general browser recorder.
If you do not want Grais involved in a thread, do not open or attach it to that conversation.
Can I control what gets sent?
Yes. The standard workflow is human-in-the-loop: Grais drafts, you review, and you decide what gets inserted or sent. Higher-trust behavior should only be enabled where you are comfortable with it.
For sensitive conversations, keep the trust level on review and avoid sending unreviewed drafts.
How can I request data deletion?
You can delete data directly in the product. For a full account and data deletion, email hello@grais.ai.
Include the email address connected to your Grais account. Do not include passwords, payment card numbers, or sensitive third-party credentials in the deletion request.