Short and sharp.

Last updated 2026-05-21. This page is the source of truth. If anything on the marketing pages contradicts it, the privacy page wins.

What butter stores, and where

Everything your widgets need — your todos, your scratchpad, your pomodoro settings, your theme, your layout, your tokens — lives in your browser’s extension storage. It’s a sandbox only butter can read; nothing leaves your device.

If you’re signed into Chrome with sync on, Chrome syncs that data across your devices under your Google account. We never see any of it. None of it touches our servers.

Connecting GitHub, Linear, Google Calendar, and TickTick

To show your PRs, issues, meetings, and tasks, those widgets need an access token. We run a small helper that handles the OAuth handshake (and subsequent refreshes) for you so you don’t have to set up developer apps. It’s deliberately scoped: it sees enough to broker the connection, and nothing else.

Once the connection is made, the helper steps out of the way entirely. From that point on, the widget talks to GitHub, Linear, Google, or TickTick directly from your browser.

Google user data

This section consolidates, in one place, how butter accesses, uses, shares, stores, and deletes data obtained through Google APIs. It applies to the Calendar widget and to the Pro AI Meeting Prep feature, and butter's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Data we access

butter requests a single Google OAuth scope: https://www.googleapis.com/auth/calendar.readonly. Using that scope, the Calendar widget reads upcoming events from your primary calendar — specifically: event title, start and end times, description, location, organizer, attendee names and email addresses, and conferencing/join links (e.g. Google Meet, Zoom). No other Google data — Gmail, Drive, Contacts, Photos, or profile information beyond what is returned by the Calendar API — is requested or accessed.

How we use it

Calendar event data is fetched on demand by the widget running in your browser and rendered as your agenda on the new-tab page. That is the sole purpose. If you are a Pro user with the AI Meeting Prep feature enabled, the title, description, time, location, and attendee names and emails of your next event are also sent at request time to OpenAI to generate a short brief about that upcoming meeting. Google user data is never used for advertising, never sold, and never used to develop, improve, or train generalised AI or ML models. No human at butter reads your Google user data, except as strictly necessary to investigate a support issue you initiate, to respond to a legal request, or for security purposes (e.g. abuse investigation).

How we share it

Google user data is not shared with third parties except as strictly required to provide the feature you asked for:

• Google — the Calendar API call itself, made directly from your browser to www.googleapis.com with your access token.
• Our OAuth helper — handles only the OAuth code-for-token exchange and subsequent token refreshes. It never sees calendar event data.
• OpenAI — only if you are a Pro user with AI Meeting Prep enabled, and only the next-event fields listed above. Requests are made under terms that prohibit training on or retaining your data beyond the request lifecycle.

How we store and protect it

butter does not store Google user data on our servers. Your Google OAuth access and refresh tokens are held in your browser's extension storage, protected by Chrome's extension sandbox and accessible only to butter. Calendar event data is fetched on demand, kept only in memory for rendering, and any caching (including the AI Meeting Prep brief, which is cached for up to two hours) is local to your browser. All API traffic — to Google, to our OAuth helper, and to the AI Meeting Prep endpoint — is transmitted over HTTPS (TLS 1.2+).

How long we keep it, and how to delete it

Because we don't store Google user data on our servers, retention is governed by your browser. You can revoke butter's access at any time, which immediately deletes all Google user data butter holds:

• Disconnect Google Calendar in butter's settings — this removes the stored OAuth tokens and clears any cached event data and meeting briefs from your browser.
• Revoke butter's access from your Google account at myaccount.google.com/permissions.
• Uninstall the butter extension — Chrome removes all extension storage, including your tokens and any cached data.

If you are a Pro user and want us to delete the email address associated with your Pro account, email support@trybutter.xyz and we will remove it.

Third-party APIs widgets call directly

Some widgets call third-party APIs straight from your browser, with no butter middleman:

• Weather — open-meteo.com (no auth, no account required).
• Hacker News — Algolia’s public HN search API.
• Reddit — old.reddit.com’s public JSON endpoints.
• GitHub & Linear — their respective APIs, with your token.
• Google Calendar — Google's Calendar API with read-only scope, with your token. Event titles, times, attendees, and join links are fetched on-demand, cached locally in your browser, and never stored on our servers.
• TickTick — TickTick’s open API with your token. Tasks (titles, due dates, priority, sort order, tags) flow both ways for the synced project; nothing else from your TickTick account is read.
• Are.na — public channel-contents endpoint. Anonymous; no token, no account.

Those providers can see standard request metadata (your IP, the path you fetched). We can’t — those calls don’t pass through us.

AI Inbox

The AI Inbox widget asks OpenAI’s GPT models to triage your open PRs and Linear issues. Free accounts get one successful triage per 24-hour rolling window; Pro accounts are unlimited. To run the triage, the titles, identifiers, and small bits of metadata (state, priority, timestamps) are sent at request time — never the full diffs, never the full issue body, and never your tokens. No training on your data, no persistence of requests, and the widget is opt-in. Turn it off and the rest of butter is unaffected.

Pro: AI Meeting Prep

Calendar's next-meeting brief asks the same OpenAI models to summarise what your upcoming meeting is likely about. To do that, the event title, description, time, attendee names and emails — plus titles and identifiers of your recent GitHub PRs and Linear issues, so it can spot relevant work items — are sent at request time. Never your tokens, never the full PR or issue body. No training on your data, no persistence of requests, and briefs are generated only for Pro users with the Calendar widget on their dashboard. The brief is cached on your device for two hours so opening a new tab doesn't re-run the model.

Pro billing (Stripe)

Pro is billed through Stripe. When you upgrade, Stripe handles the checkout and stores your card details on its own infrastructure — we never see them. We store only what we need to keep your subscription working: your email, your Stripe customer and subscription IDs, and whether your plan is active. That’s it.

Analytics & marketing

This site uses no third-party analytics, no tracking pixels, and no fingerprinting. If you ever want us to delete your email, drop a note to support@trybutter.xyz and it’s gone.

Contact

Questions, concerns, or security reports — drop us a line at support@trybutter.xyz and we’ll get back to you.