How Consul Handles Your Data Safely: A Complete Security Guide

The Legitimate Concern

Let's acknowledge the elephant in the room: giving AI access to your workspace feels risky. It should.

Your connected tools contain:

• Confidential business communications
• Personal conversations
• Financial information
• Sensitive documents and attachments
• Years of professional history
• Team conversations and context

Handing this to any third party (AI or otherwise) deserves scrutiny. If you're not at least a little cautious, you probably should be.

This guide explains exactly how Consul handles your data across all connected tools: what we access, what we don't, how data flows through our system, and why the human-in-the-loop model makes AI assistance safe.

What Permissions Consul Requests

When you connect your workspace, Consul requests specific OAuth permissions. Here's exactly what those permissions allow, and what they don't.

Google Workspace Permissions

Slack Permissions

Permissions We Don't Request

We request the minimum permissions required to execute tasks on your behalf. All write actions require your approval.

How Email Data Flows Through Consul

Understanding data flow helps you evaluate risk. Here's exactly what happens when Consul processes your email.

Step 1: Email Arrives

When a new email arrives in your inbox, Google notifies Consul through the Gmail API. We receive:

• Sender information
• Subject line
• Message body
• Thread context (previous messages in the conversation)
• Timestamp

What we don't receive: Attachments are not automatically processed. We see that attachments exist but don't download or store them unless specifically relevant to generating a response.

Step 2: Classification

Consul analyzes the message to determine:

• Is this actionable? (vs. newsletters, notifications, FYI)
• What type of action? (scheduling, follow-up, information request)
• What priority level?
• What response is appropriate?

This analysis happens in memory. The raw email content is not stored in a database.

Step 3: Draft Generation

For actionable messages, Consul generates a draft response by:

• Understanding the request
• Checking relevant context (your calendar, preferences)
• Generating appropriate response text

The draft is stored temporarily, associated with your account, awaiting your review.

Step 4: Your Approval

This is the critical step. Nothing happens without your explicit approval.

You see the draft. You can:

• Approve: Draft sends as-is
• Edit: Modify the draft, then approve
• Reject: Draft is discarded, no action taken

Step 5: Sending (If Approved)

If you approve, Consul sends the message through Gmail's API. The message:

• Comes from your email address
• Appears in your Sent folder
• Is indistinguishable from messages you typed yourself

Step 6: Data Retention

After processing:

We do not maintain a copy of your email archive. Email content passes through our system but doesn't live there.

What Consul Never Does

Clear boundaries matter. Here's what Consul is designed to never do:

Never Sends Without Approval

Every outgoing message requires your explicit approval. There is no "autonomous mode" that sends emails without your knowledge.

Why this matters: Even small mistakes in professional email can damage relationships. Autonomous sending optimizes for speed at the expense of judgment. We optimize for confidence.

Only Accesses Connected Tools

Consul only accesses the specific tools you connect:

• Gmail: Email content and labels
• Google Calendar: Events and availability
• Google Drive/Docs: Documents you reference or need for context
• Google Contacts: Contact information for recipients
• Slack: Messages in channels and DMs you're part of

We cannot access:

• Your browser history
• Other applications you haven't connected
• Your device data
• Organization-wide admin data

Each integration requires separate authorization. You control what Consul can see.

Never Shares Your Data

Your email content is not:

• Used to train AI models
• Shared with third parties
• Sold to advertisers
• Visible to other Consul users

Your data is yours. Period.

Never Stores Content Long-Term

Email content is processed in memory and discarded. We don't build a searchable archive of your communications. Thread metadata (for tracking purposes) is retained; actual message content is not.

The Human-in-the-Loop Difference

The phrase "human-in-the-loop" describes AI systems where humans approve outputs before they take effect. For email, this is crucial.

Why Approval Matters

Scenario 1: Tone mismatch

AI drafts a casual response to your board chair. Without approval, it sends. Relationship damaged.

With approval: You catch it, adjust tone, send appropriately.

Scenario 2: Context the AI missed

Someone emails asking to meet. AI doesn't know you ran into them yesterday and already scheduled something. Without approval, you look disorganized.

With approval: You catch it, respond with the full context.

Scenario 3: Timing issue

AI follows up on a proposal. You learn the recipient just had a family emergency. Without approval, your automated follow-up seems callous.

With approval: You delay or adjust the message.

The Speed vs. Control Tradeoff

Fully autonomous AI could be faster. But the cost of mistakes in professional communication is high. Approval takes 3-5 seconds but prevents:

• Embarrassing errors
• Relationship damage
• Professional reputation harm
• Compliance violations

The tradeoff is overwhelmingly worth it.

How This Compares to Other Email Access

You likely already grant email access to various tools. Here's how Consul compares:

Email Marketing Tools (Mailchimp, etc.)

• Access: Send-only, typically to bulk lists
• Risk: Can send to many people at once
• Your control: Template-based, you design the send

CRM Systems (Salesforce, HubSpot)

• Access: Often full read/write
• Risk: Automated sequences can send without per-message approval
• Your control: Sequence-level, not message-level

Email Plugins (Superhuman, Boomerang)

• Access: Full read access to provide features
• Risk: Data processing for analytics
• Your control: Feature-specific controls

Calendar Tools (Calendly, Cal.com)

• Access: Calendar read/write
• Risk: Can book your time without per-booking approval
• Your control: Availability rules, not individual approvals

Consul

• Access: Email read/write, calendar read/write
• Risk: Mitigated by per-message approval
• Your control: Every individual message approved

The key difference: Consul processes similar data but adds an approval layer that most automation tools skip.

Enterprise Security Considerations

For organizations evaluating Consul:

SOC 2 Compliance

Consul maintains SOC 2 Type II compliance, with annual audits covering:

• Security policies and procedures
• Access controls
• Data encryption
• Incident response

Data Encryption

Access Controls

• Role-based access to internal systems
• Multi-factor authentication required
• Audit logging for all data access
• Regular access reviews

Data Location

Consul processes data in secure US-based infrastructure. For organizations with specific data residency requirements, contact us for regional options.

Vendor Security Assessment

We provide:

• Security questionnaire responses
• Penetration test results (upon request with NDA)
• Architecture documentation
• Compliance certificates

Your Control Panel

Consul provides transparency into exactly what's happening with your account:

Activity Log

See every action Consul has taken:

• Emails processed
• Drafts generated
• Messages sent (after approval)
• Calendar events created

Permission Review

At any time, you can:

• View currently granted permissions
• Revoke access entirely
• Re-authorize with different scope

Data Export

Request a complete export of:

• Your preferences
• Draft history
• Activity logs
• Account settings

Account Deletion

Delete your account and all associated data. When you delete:

• All preferences erased
• All metadata removed
• OAuth tokens revoked
• No data retained

Frequently Asked Questions

Can Consul read all my old emails?

Technically, the Gmail API grants access to your mailbox. Practically, Consul only processes new incoming mail that requires action. We don't crawl your archive or analyze historical messages.

What if someone gains unauthorized access to Consul?

Consul's systems require authentication. Even if breached, attackers would find minimal stored email content (since we don't retain it). Your Gmail account has its own security layer. Revoking Consul's OAuth access immediately cuts off all access.

Can Consul access attachments?

Consul sees attachment metadata (filename, size) but doesn't automatically download or process attachment content. For drafting responses, attachment content is rarely needed.

What tools does Consul integrate with?

Currently, Consul integrates with Gmail, Google Calendar, Google Drive, Google Docs, Google Contacts, and Slack. Outlook/Microsoft 365 integration is planned with equivalent security model.

Can I use Consul without connecting all tools?

Yes. You can connect just Gmail and Calendar to start. Each additional integration (Drive, Docs, Contacts, Slack) is optional and enhances Consul's context but isn't required.

What happens if Consul makes a mistake?

You catch it in approval. If a draft looks wrong (wrong tone, wrong content, wrong timing), reject it and respond manually. Nothing sends without your explicit okay.

Who at Consul can see my emails?

No Consul employee has routine access to customer email content. Support access to account data requires explicit authorization and is logged. Email content isn't stored in systems employees can access.

How is Consul different from AI that trains on my data?

Consul processes your email to generate drafts, like how Gmail scans email for spam filtering. We do not use your email content to train AI models. Your communications remain private.

The Bottom Line

Giving AI access to your workspace requires trust. Trust should be earned through transparency, not demanded through convenience.

Here's what Consul commits to:

1. Minimal permissions: We request only what we need for each integration
2. No content storage: Data passes through, doesn't live here
3. Human approval: Every write action requires your okay
4. Full transparency: See exactly what we're doing across all connected tools
5. Easy exit: Revoke access and delete data anytime

AI assistance can be safe. It requires the right architecture (human-in-the-loop approval) and the right principles (minimal access, maximum transparency).

That's how Consul handles your data safely.

---

Ready to try safe AI assistance?

Create your assistant and connect your tools. Start with Gmail and Calendar, add Slack and Drive when you're ready. Review your first AI-drafted response. Approve it only if it looks right.

You stay in control. AI handles the logistics. That's the balance.