Security FAQ

Security overview for business users.

Discere summarizes emails from contacts you choose. This page explains what Discere accesses, what is stored, what is sent to AI, and what risks a business should evaluate before use.

Access

Discere reads relevant mailbox data.

Discere searches your connected mailbox for emails from tracked contacts. It does not need you to forward all mail manually, but connected mailbox permissions can technically allow broader access depending on the provider scope.

Storage

Account data and summaries are stored.

Discere stores settings, contacts, schedules, generated summaries, summarized email IDs, and limited source email data needed to show summaries and avoid duplicate processing.

What data is read?

Gmail: Discere uses Google OAuth to sign you in and read Gmail messages through the Gmail API read-only scope. Gmail OAuth does not use IMAP.
Microsoft: Discere uses Microsoft OAuth to sign you in, read mailbox content through Microsoft Graph mailbox access, and refresh tokens for scheduled reports.
Report emails: Discere sends requested and scheduled reports from Discere's report email system, not from your connected mailbox. You can choose whether those emails include the full report or only an Email Notification message.
Private manual clients: Manual mailbox connections are not part of the public Gmail/Microsoft product path. They are available only for approved private clients and use encrypted connection details.
Contacts filter: The summarizer is designed to process only emails whose actual sender matches your tracked contacts.
Tracked contacts: Adding a tracked contact does not notify that person, and summaries are sent only to your connected account email.

What gets sent to AI?

To generate summaries, Discere sends relevant email text and thread context to OpenAI through the OpenAI API. This can include sender, recipient, subject, message date, body text, and summary preferences.

Attachment contents are sent to AI only if the user enables AI attachment access. If that setting is off, Discere limits attachment use to metadata such as filenames.

OpenAI states in its published API data controls that API inputs and outputs are not used to train or improve OpenAI models by default unless the API organization explicitly opts in. Discere has not opted in to share API inputs or outputs for OpenAI model training or improvement, so Discere’s OpenAI API inputs and outputs are not used to train or improve OpenAI models. OpenAI may still retain limited API data, which can include prompts and responses, for abuse monitoring, safety, legal compliance, and API operation under its published API data controls. OpenAI’s published API data controls say abuse-monitoring logs are retained for up to 30 days by default unless a longer period is required by law or needed to protect OpenAI’s services or others from harm.

What is stored?

Account settings	Email address, sign-in method, profile name, preferences, timezone, contacts, and schedules.
Credentials and tokens	OAuth tokens or mailbox credentials are encrypted and stored where needed.
Summary data	Generated summaries, combined reports, and limited source data needed to display and manage summaries.
Operational data	Analytics events, bug reports, and logs used for support, abuse prevention, debugging, and reliability.

How does deletion work?

Users can delete individual summaries. This means that the email will be rediscovered if you run the summarizer again.
Users can delete their account from Settings. This removes account data, summaries, source email files, attachments, schedules, and related user records, except limited records retained where reasonably necessary for security, legal compliance, dispute resolution, fraud prevention, or backup integrity.
Read or done summaries have source email bodies and saved attachments purged after 20 days, while summarized email IDs remain to prevent accidental duplicate summaries.
Provider access can also be revoked directly from Google Account permissions, Microsoft account consent management, or Microsoft My Apps, depending on the provider and account type.

Business risk summary

Discere needs access to selected email content so it can create summaries. That means relevant email text is processed by Discere and sent to the OpenAI API to generate the summary. Discere is hosted on cloud infrastructure, so account data, summaries, and needed settings are stored on Discere’s server rather than only on your own computer.

For everyday business email, this may be reasonable. For very sensitive inboxes, such as legal, medical, financial, government, board-level, or confidential customer data, review your own company rules before connecting that inbox. Discere uses safeguards such as account separation, encrypted credentials, secure cookies, rate limits, deletion controls, and backups, but no internet service can remove every risk.

OAuth consent screen wording

Google and Microsoft consent screens should describe Discere consistently with this behavior:

App purpose: Discere summarizes emails from contacts selected by the user.
Mailbox read access: Gmail uses Gmail API read-only access. Microsoft uses Microsoft Graph mailbox access.
Tracked contacts: Discere does not notify contacts when you add them or summarize their emails.
Report delivery: Requested and scheduled reports are emailed from Discere, not from the user's connected mailbox. Users can choose Full Report or Email Notification mode.
Profile/email access: Google does not request a separate Google profile/email scope; Discere identifies the Gmail address through Gmail API read-only access. Microsoft uses profile/email sign-in access to sign the user in and identify the connected Microsoft mailbox.
Offline/refresh access: Google uses offline access and Microsoft uses offline/refresh access so scheduled reports and mailbox access can keep working without forcing a new login every run.

Questions

For security, privacy, or business review questions, contact disceresupport@gmail.com.