Control
You decide what Consul can access. Permissions are yours to set, change, and revoke at any time.
Security
Your data stays yours
We don't sell your data, we don't train AI on it, and we don't keep it longer than we need to. Here's how we keep things safe.
How we think about security
Private by default. Always.
Visibility
Every action is logged. You can see exactly what happened, when, and why.
Data protection
Your data is encrypted every time it moves. It's never sold, never shared, never used to train models.
Always on
Our systems are monitored around the clock. Dependency vulnerabilities are flagged automatically.
Under the hood
How we keep your data safe.
Encryption
Everything moving in or out of Consul is encrypted. We block older, less secure connections entirely.
Infrastructure
Consul runs on managed cloud infrastructure with tightly controlled access. No one on our team logs into a production server directly.
Access control
Our systems only talk to services we've explicitly approved. Nothing gets through that we haven't allowed.
Requests
Control plane
Protected
Layer
Database
Encrypted records and token storage
Layer
Gateway
Approved request routing and controls
Layer
Intelligence
Context-aware processing with approval
Your content
We process it. We don't keep it.
Email content is read, not stored
When you connect Gmail, we read message headers and body text to classify, summarize, and help you respond. We don't store copies of your emails or download attachments.
Docs and Drive stay in Google
If you connect Google Docs or Drive, we fetch content only when you ask. Your files live in Google's infrastructure — we access them on demand, not in bulk.
AI processing is ephemeral
When your content is sent to AI for summaries or drafts, it's processed and discarded. It's never used to train models and isn't retained by our AI providers.
1 · Access
Email + docs read on demand
Never stored
2 · Process
AI processes content
Discards immediately
Active
3 · Discard
Nothing retained. No copies.
Zero persistence
Discarded
Always on
Monitoring and response.
Before you ask.
Automated monitoring
Our services include health checks that run continuously. Errors are caught and reported to our team through Sentry in real time.
Dependency scanning
We use automated tools to watch for known security issues in the software we depend on. Vulnerabilities are flagged and tracked as soon as they're published.
Abuse prevention
Login attempts are rate-limited and tracked per account. Repeated failures trigger automatic lockouts to prevent unauthorized access.
Security operations
Live response surface
Health checksPassing
Dependency scanningWatching
Abuse preventionProtected
Event rail
Health
Scan
Lockout
Data governance & privacy
Your data, your rules.
We don't train AI on your data
Your information is never used to improve or train AI models — not by us, and not by the AI providers we work with.
Delete your account anytime
If you want to leave, you can delete your account and we'll remove your data from our systems. No hoops to jump through.
Connected accounts are protected
When you connect Gmail, Calendar, or other services, the login tokens are encrypted before we store them. You can disconnect at any time.
Passwords checked against breaches
When you set a password, we check it against known data breaches. If it's been compromised before, we ask you to pick a different one.
Compliance
Standards we follow.
GDPR
Data rights, deletion, and privacy controls for EU residents
CCPA
Privacy protections and data control for California residents
CASA
Google's security assessment for apps accessing user data via OAuth
SOC 2
Independent audit of security, availability, and confidentiality controls
PendingGet in touch
Questions? We're here.
Contact
If you need specifics — how we're built, what we can share, or custom requirements — our team is the right conversation.
support@consul.soPrivacy
Data deletion requests, access rights, or questions about how we handle your information.
support@consul.soSmart enough to run your work.
Safe enough to trust it.
Set up in 60 seconds. Cancel anytime.