The #1 auto typer for Google Docs — now with cloud-based Duey Sessions. Try free →
Duey AI

Privacy Policy

Last updated: January 2026

Accountability

Duey.ai ("Duey.AI," "we," "us," "our") provides services to writers, including AI content generation and paraphrasing based on user inputs and instructions.

Personal Information

We recognize two categories of personal information subject to privacy rights:

Information that Identifies a Specific Person includes name, home address, email, telephone number, social media identifiers, age, physical description, neighborhood, and educational background.

Personal Nature Information About an Identifiable Individual encompasses race, national origin, religion, sex, sexual orientation, educational and medical history, financial status, social security number, fingerprints, and personal opinions on social or political issues.

The Personal Information We Collect

Duey.ai collects the identification details necessary for account creation (name, email, password) and information to enhance services, conduct user relationship audits, and improve overall user experience.

Why We Collect Personal Information and Your Consent

We collect personal information to ensure website functionality, enable service purchases, fulfill contractual obligations, and serve the purposes described in this policy. We do not collect personal information for any other purpose.

Minors Policy: Individuals below the age of majority in their jurisdiction should not use Duey.ai services and must not enter personal information or transact with us.

By using our services, you consent to the collection and use of personal information as outlined in this policy. You may contact our Privacy Compliance Officer at hello@duey.ai with Privacy Inquiry in the subject line to discuss alternatives or object to collection.

Internal Access to Personal Information

Personal information is restricted to Duey.ai employees who need it to develop services and offer user support. We may share information with affiliated companies (parent company, subsidiaries, joint venture partners) under similar privacy policies.

Third-party contractors accessing personal information must maintain confidentiality equivalent to Duey.ai's standards. Services involving such access include data analysis, hosting, marketing, and product development.

External Disclosure of Personal Information

Duey.ai shares personal information with third parties only when a reasonable person would expect such disclosure (for example, user support services).

We will disclose information if required by court order or legal obligation, unless legally prohibited. We will attempt to notify users of such directives.

Personal information may be disclosed to appropriate authorities to report criminal activity, fraud, or protect user security and intellectual property.

We do not sell users' personal information.

Retention of Personal Information

Personal information is retained indefinitely to allow future purchases and provide ongoing updates and support. When disposing of information, we ensure secure deletion to prevent breaches.

If you would like your information deleted, contact our Privacy Compliance Officer at hello@duey.ai with Privacy Inquiry in the subject line.

Safeguards

Duey.ai implements industry-standard administrative and electronic measures, including SSL encryption, to protect personal information from unauthorized access.

Data Breaches

While we take reasonable security steps, no security measures are foolproof, and no data storage or transmission method can be safeguarded entirely against interception or misuse.

In case of significant breach risk, Duey.ai will notify affected users, identify the specific compromised information, advise on risk-reduction steps (such as password changes and account monitoring), notify users when the breach is resolved, and inform government authorities if required by law.

Your Access to Your Personal Information

You have the right to know what personal information we hold about you. To request a copy, contact the Privacy Compliance Officer at hello@duey.ai with Privacy Inquiry in the subject line.

You may also request corrections to inaccurate or incomplete personal information.

Global Availability and Compliance

Duey.ai serves users globally and has built its privacy policy to comply with laws across jurisdictions, with special provisions for California, the European Economic Area (EEA), and the UK. If you believe we have mishandled your personal information, email the Privacy Compliance Officer at hello@duey.ai with Privacy Inquiry in the subject line.

Other Information We Collect

We gather information about user preferences and devices when you visit our website or interact electronically, including date, time, browser type, ISP, IP address, navigation history, and pages viewed.

This information is used to optimize the website, maintain security audits, conduct usage analysis, manage system administration, and gather demographic information for market research. Since this information could identify an individual, we treat it as personal information.

Cookies

Cookies are small text files that enhance functionality, remember preferences, and improve user experience. Duey.ai uses cookies for these purposes, and third-party providers place cookies for analytics and other services.

Google

We use Google Analytics and Google Tag Manager to understand website usage, including user numbers, session statistics, geolocation, and browser/device information. Google Search Console provides search-engine data to help us optimize traffic.

Google's policies require that no personal information be passed to Google.

Ad Services

Duey.ai uses Google Ads to promote its website without disclosing personal information, and Meta Ads to advertise on Facebook and Instagram, sharing only aggregate, anonymous data.

We partner with Microsoft Clarity and Microsoft Advertising to track user interactions through behavioral metrics, heatmaps, and session replays to optimize the site and improve security.

Other Third-Party Service Providers

  • Vercel — application server
  • Cloudflare — web host
  • Google — database and authentication
  • Mixpanel and Google Analytics — analytics
  • SendGrid — email marketing
  • Stripe — payments
  • OpenAI, Google, and Anthropic — generative AI capabilities

User data entered into the website or application may be subject to these providers' policies as permitted by data protection laws.

Service Providers and Personal Information

Duey.ai shares personal information with service providers while maintaining ultimate responsibility for its security. We ensure providers protect and use information lawfully.

Other User-Tracking Technologies

Duey.ai may use web beacons (trackers) to track advertising effectiveness. Web beacons help website owners track the usage of users who click on an advertisement for their product or service on a third-party site.

Web beacons collect cookie reference ID, date, time, and page description but do not collect personal information. You cannot opt out of web beacons but can limit their use by deleting cookies or adjusting your browser settings.

Managing Cookie Settings

You can manage cookie settings to clear or block specific or all cookies through your browser settings. Blocking all cookies may affect website functionality, and clearing all cookies will result in loss of website preferences.

Amendments to This Privacy Policy

Duey.ai updates this privacy policy periodically. Continued website use or service purchases imply consent to collection, use, and disclosure as described.

Google User Data

Duey Sessions is a feature allowing users to schedule progressive drafting of Google Docs. This section explains what Google data Duey accesses, how it uses it, how it stores it, and your rights.

Scopes Requested

Duey requests the Google OAuth scope https://www.googleapis.com/auth/drive.file, described as "See, edit, create, and delete only the specific Google Drive files you use with this app." Duey does not request any broader Drive scope. This scope restricts access to files Duey creates or files you explicitly open with Duey. Duey has no ability to read, list, modify, or delete any other file in your Drive.

Duey also uses standard identity scopes (email, profile, openid) for Google sign-in via Firebase Authentication — unchanged from existing authentication and used only to associate sign-in with Duey accounts.

What We Access and What We Do With It

When you create a Sessions drip, Duey:

  1. Creates a new Google Doc in your Drive via the Google Docs API, scoped to drive.file.
  2. Schedules text-insertion operations stored server-side in Duey's database.
  3. At scheduled times, executes API calls to append your user-authored text into the document.

Duey's access to Google user data is limited to this single document-drafting workflow. We do not access, read, list, share, analyze, or interact with Google Drive files outside of documents Duey created.

Data We Store

To execute scheduled drip operations, Duey stores server-side in Firestore:

  • OAuth refresh token for your Google account, encrypted at rest with AES-256-GCM
  • Document ID of each Google Doc created for Sessions drips
  • Your draft text content, encrypted at rest
  • Scheduling metadata (chunk times, progress state, status)

Duey does not store any content from Google Drive files other than the draft text content you provide directly to Duey.

How We Use Google User Data (Limited Use)

Duey adheres to Google's API Services User Data Policy and Limited Use requirements:

  1. Google user data is used exclusively to provide the user-facing Sessions feature.
  2. Data is not transferred to third parties except as necessary to provide or improve Sessions, for security, to comply with law, or as part of a merger or acquisition with user consent.
  3. Google user data is not used to serve any advertisements.
  4. Humans cannot read Google user data unless: (a) you give affirmative consent, (b) it is necessary for security or abuse investigation, (c) required by law, or (d) the data is aggregated and anonymized.
  5. Google user data is not used for credit-worthiness determination or lending.

User Controls and Revocation

You can revoke Duey's access by:

  • Disconnecting Google Drive in Duey Sessions (Settings → Sessions → Disconnect), which revokes the refresh token, deletes it from Duey's database, and cancels active Sessions.
  • Visiting https://myaccount.google.com/permissions and removing Duey's access.

You can delete individual Sessions and associated encrypted draft text at any time.

Data Retention

  • Refresh tokens are retained only while Google Drive is connected; revocation causes immediate deletion.
  • Draft text is retained only while Sessions are scheduled or in progress; completed, cancelled, or failed Sessions retain text for 90 days for support and audit purposes, then are deleted.
  • Session metadata is retained for 90 days after session completion, then deleted.
  • Deletion of your Duey account triggers immediate deletion of all associated Google user data.

Contact

Questions about Duey's handling of Google user data should be directed to hello@duey.ai.