You'd be trusting Rafou with the most sensitive thing you own — your inbox, your deals, your client matters. So here's exactly how we treat it. No badges we haven't earned, no fine print.
Only the sources you connect — inbox, calendar, meeting recordings, chats. It reads them to do your work: draft, prep, summarise, surface. Nothing more. You can connect one source or all of them, and add or remove any at any time.
Anything that would leave in your name — a reply, a follow-up, an intro — is created as a draft and waits for your approval. Rafou never sends to the outside world on its own. The boundary that matters isn't "draft or not" — it's "draft vs send," and only you cross it.
Your content is used to work for you — and only that. It is never used to train models, never sold, never shared with third parties for their own purposes. Your context is yours.
You connected it; you can disconnect it. Revoke Rafou's access to any source at any time, and we delete the data tied to it. No retention games, no "contact us to cancel."
The personal, the privileged, the off-limits — Rafou learns your rules and respects them. Tell it "never touch this thread / this matter / this person" and it won't. When in doubt, it asks rather than assumes.
Honestly: we're early. Here's the real status —
If your firm needs a security review before connecting anything, that's exactly the conversation we want to have — bring your questions.
Ask us anything about how your data is handled. We answer directly.
Ask a security question →