Legal

Privacy Policy

Last updated: June 28, 2026

Mosaic ("Mosaic," "we," "us") is a product of Sanctum Solutions. This Privacy Policy explains what information we access, how we use it, and the choices you have. By using Mosaic you agree to this policy.

The short version

We access your email read-only to rebuild your sales pipeline. We never send, edit, or delete your mail.
We use your data only to provide Mosaic to you. We do not sell it or use it for advertising.
You can disconnect and request deletion at any time.

Information we access

Account info: your name and email address from your Google account, used to create and identify your workspace.
Gmail (read-only): the content and metadata of deal-related email threads, used to reconstruct your deals, contacts, and next steps. We do not request permission to send, modify, or delete messages.
Google Calendar (read-only, optional): upcoming events, used to surface key dates and deadlines tied to your deals.
Usage data: basic information about how you use the app (e.g. actions taken) to operate the service and meter your plan.

How we use your information

We use the information solely to provide and improve Mosaic's features for you: reconstructing your pipeline, answering questions about your deals, drafting follow-ups you explicitly request, enriching contacts, generating leads, and metering usage. We do not use your email content to train general-purpose models, and we do not sell or rent your data to anyone.

Google API Services — Limited Use disclosure

Mosaic's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically: we only use Google user data to provide and improve user-facing features that are prominent in Mosaic; we do not transfer or sell this data for advertising, marketing, or other unrelated purposes; and humans do not read your Google data except where you give consent, where required for security or to comply with applicable law, or where the data is aggregated and anonymized.

How your data is stored & protected

Your reconstructed pipeline and connection tokens are stored securely and are accessible only to your own logged-in workspace. Access to Mosaic requires signing in with your Google account; one user can never see another user's data. We retain your data only as long as your account is active or as needed to provide the service.

Payments

Subscriptions are processed by Stripe. We never see or store your full card details — Stripe handles payment information directly under its own privacy policy.

Cookies

We use a single secure, HTTP-only session cookie to keep you signed in. We do not use third-party advertising or tracking cookies.

Your choices & data deletion

You can revoke Mosaic's access at any time from your Google Account permissions. To delete your Mosaic workspace and associated data, email us and we will remove it.

Changes

We may update this policy from time to time. Material changes will be reflected by the "Last updated" date above.

Contact

Questions about privacy or your data? Email [email protected].