← Back

User Delegation Policy

Last updated: May 2026

1. What "delegation" means here

When you connect a third-party account to CUE — such as Google Calendar, TikTok, Instagram, Facebook, YouTube, or a streaming history export — you delegate limited access so we can read taste and scheduling signals on your behalf. This page explains what that means and what we will and will not do with that access.

2. Scope of access

  • We request the narrowest scopes that make the feature work (e.g. read-only calendar events, public engagement signals).
  • We never request write, post, or messaging permissions on your connected accounts.
  • You can review and revoke our access at any time from Connections or directly with the provider.

3. How tokens are stored

OAuth access and refresh tokens are stored encrypted at rest, scoped to your user account, and protected by row-level security so no other user can read them. Tokens are only used server-side to fetch the data needed for your taste profile and recommendations.

4. What we do on your behalf

  • Read recent watch history, likes, follows, or saves to derive taste signals.
  • Read calendar events you choose to sync so we can suggest plans around them.
  • Refresh tokens automatically so syncs keep working.

5. What we will never do

  • Post, comment, message, follow, or like on your behalf.
  • Sell or share your delegated data with advertisers or data brokers.
  • Access scopes beyond what is required for the feature you enabled.

6. Revoking access

Disconnect a provider from your Connections page to delete the stored tokens. You can also revoke CUE from the provider's own security settings (e.g. your Google Account, TikTok app permissions). After revocation, derived taste signals already saved to your profile remain until you delete your account.

7. Contact

Questions about delegated access? Reach us via the contact form or email privacy@thecue.app.