Security & Privacy at April

Your trust is our highest priority.



At April, safeguarding your data is fundamental to everything we do. As your voice-powered executive assistant, April securely connects with your email, calendar, and other productivity tools to help you save time—without ever compromising your privacy.

We are CASA Tier 2 compliant for Google OAuth, which means we meet stringent Google security requirements and undergo regular third-party audits to ensure that your data is handled with the highest standards of confidentiality and integrity.


  1. Compliance & Certifications

We align with globally recognized security and privacy standards to give our users complete confidence:

  • CASA Tier 2 (Google OAuth) – Validated by Google for secure API access and proper handling of sensitive data.


2. Data Access & Usage Principles

We believe in minimum necessary access—April only requests the permissions required to provide the services you enable.

  • You control what we can access – April only reads the information necessary to perform the tasks you’ve requested (e.g., emails for drafting replies, calendar entries for scheduling).

  • No use for AI model training – Your data is never used to train April or any third-party AI models.

  • Draft, don’t send – April may prepare responses or suggest updates, but you always have the final decision to send, schedule, or share.

  • Immediate revocation – You can revoke April’s access to your accounts at any time through your connected service provider’s settings.


3. Infrastructure & Security Measures

We operate on a secure, redundant, and continuously monitored infrastructure:

  • 24/7 Security Monitoring – Our systems are monitored around the clock for suspicious activity.

  • Encryption Everywhere – Data is encrypted in transit (TLS 1.2/1.3) and at rest (AES-256).

  • Stateless Architecture – We avoid long-term storage of sensitive content wherever possible.

  • Regular Penetration Testing – Independent security experts test our systems to identify and remediate vulnerabilities.

  • Zero Trust Security Model – We verify every connection and minimize access privileges by default.

4. Transparency & User Rights

We are committed to clear, transparent, and user-friendly security policies:

  • Clear Privacy Policy – Written in plain language so you can understand exactly what happens to your data.

  • Full Data Portability & Deletion – You can export your data or request complete deletion of your account and all related information.

  • Audit & Governance – We maintain documented Business Continuity, Disaster Recovery, Encryption, and Incident Response policies.

5. Your Control, Always

  • Opt-in Features Only – Nothing is enabled without your explicit permission.

  • Reversible at Any Time – Disconnect April from your accounts instantly.

  • No Hidden Access – We do not request or maintain permissions we don’t need.

Summary

Security is not an afterthought at April—it’s part of our foundation. From CASA Tier 2 certification to strict encryption standards, we take every measure to protect your data. You remain in control of what April can access, and we are transparent about how your information is stored, processed, and secured.

If you have any questions about our security practices, please contact us at founders@tryapril.com