The Corner Company

Effective: June 26, 2026

Privacy Policy

This Privacy Policy explains how The Corner Company LLC (“The Corner Company,” “we,” “us”) collects, uses, and protects information across the apps and services we offer (each, a “Service”). It applies to all of our apps, including FIRST5. Where a particular app handles data differently, those specifics are described in its own section below.

1. Who we are

Our apps and services are provided by The Corner Company LLC, located at 8216 34th Ave., Apt. 2G, Jackson Heights, NY 11372, USA. For any privacy question or request, contact [email protected].

2. Information we collect and store

Across our Services we may store:

• Account identity — your email address and sign-in provider (Apple, Google, or email).
• Content you provide — information you enter into an app (for example, goals or preferences).
• Service output — content our apps generate for you (for example, your daily list).
• Settings and usage signals — your app settings and counters that help us improve your experience.

What each app accesses from connected accounts, and what it does and does not store, is described in the app-specific sections below.

3. App-specific practices

FIRST5

FIRST5 generates a short, ranked list of your daily priorities. With your explicit permission, it connects to your Google account using read-only access and requests no ability to write, send, or delete:

• gmail.readonly — to read email subject lines and short snippet previews (~200 characters) from recent messages.
• calendar.readonly — to read upcoming event titles, times, and attendee counts.

This information is retrieved only when needed to generate your list and held only transiently in memory during that processing; the email and event content is never written to our database. FIRST5 does not access email bodies, attachments, or calendar event descriptions on the Standard plan.

When a task is generated from one of your emails or calendar events, we store a link (URL) to that originating message or event alongside the task, so you can tap a task to open the exact email in Gmail or the exact event in Google Calendar. This link is a reference only — it does not contain the message body, snippet, or event details, and opening it loads the item directly from Google, not from us.

What FIRST5 stores vs. never stores

Stored	Never stored
Your generated list, a link to the originating email or calendar event for each task, the priorities/preferences you provide, ranking counters, streaks, settings, and an encrypted Google authorization token.	Email subject lines or snippets, email bodies or attachments, calendar titles or descriptions, or any other raw Gmail/Calendar content — processed in memory, then discarded.

The rule: Gmail and Calendar content is never written to a database. We store the AI’s derived output (your task list) and, for each task, a link back to the source email or event so you can open it.

Google API Services — Limited Use

FIRST5’s use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Data obtained through Gmail and Google Calendar scopes is used only to provide and improve the user-facing features of FIRST5, is not transferred to others except as necessary to provide those features or as required by law, is not used for advertising, and is not used to train generalized AI/ML models. Humans do not read this data except with your consent for support, to comply with law, or for security purposes.

4. How we use information

• To provide each app’s core features (for example, generating your FIRST5 list).
• To personalize and improve your experience based on your inputs and behavior.
• To operate, secure, support, and improve our Services.
• To send you service notifications, per your settings.

We do not use your information for advertising, and we do not sell it.

5. Service providers

We share information only with providers that process it on our behalf, under contract, to run our Services — never for their own purposes:

• Anthropic (Claude AI) — generates app output from the inputs you provide; your content is not used to train models or retained for that purpose. (Used by FIRST5.)
• Supabase — authentication and database hosting (United States).
• Google Cloud Platform — backend functions and processing (United States).
• Google — OAuth sign-in and, where you authorize them, the Gmail/Calendar APIs. (Used by FIRST5.)

6. Security

• Data is encrypted in transit (TLS) and at rest (AES-256).
• Any connected-account authorization (refresh) token is encrypted at rest with a separately managed key; access tokens are short-lived and never logged.
• Application logs record metadata only (timestamps, token counts, success/failure) — never your content.
• Your Google or Apple password is never seen or stored by us; authentication is handled entirely by them.

7. Data location and retention

• Data is stored in the United States.
• Generated lists and similar app output are retained for 90 days, then automatically deleted.
• On account deletion, all associated data is permanently deleted within 30 days.

8. Your rights and choices

• Disconnect a connected account at any time in the app, or revoke access at your Google Account permissions.
• Access or delete your data via in-app account deletion or by emailing [email protected].
• Depending on where you live (e.g., the EEA/UK under GDPR, or California under the CCPA/CPRA), you may have rights to access, correct, delete, or port your data, and to object to certain processing. We honor these requests.

9. Children

Our Services are not directed to children under 16, and we do not knowingly collect their information.

10. Changes

We may update this Policy from time to time. We will post the updated version here and revise the “Effective” date above; material changes will be communicated in the app or by email.

11. Contact

Questions or requests: [email protected]