Mist

Privacy Policy

Last updated: May 10, 2026

Mist is a local-first macOS agent. The app is designed to keep its memory, settings, and credentials on the user's computer unless the user chooses to connect an external service, configure a synced folder, or use a model provider.

Information Mist stores locally

Mist may store local app settings, memory notes, integration status, model configuration, OAuth tokens, local task history, and user-approved connector metadata. This data is stored on the user's device or in a user-selected local or synced folder.

Connected services

Mist can connect to services such as Gmail, Google Drive, Google Calendar, Google Docs, Google Sheets, Apple Mail, Apple Calendar, Apple Notes, Exa, GitHub, Railway, Venice, and local command line tools. Mist only accesses a connected service after the user authorizes that connector.

Google user data

If the user connects a Google account, Mist may request access to Gmail, Drive, Calendar, Docs, or Sheets depending on which features the user enables. Mist uses Google user data only to provide the requested assistant functionality, such as reading messages, drafting or sending email, creating or editing documents, searching Drive, or managing calendar events.

Mist does not sell Google user data, use it for advertising, or share it with third parties except when needed to complete an action the user requested and approved. Google OAuth tokens are stored locally on the user's device by the connector tooling. Users can revoke access at any time from their Google Account permissions page.

Model providers

Mist may send task prompts, relevant context, and tool results to the model provider configured by the user. Mist supports privacy-focused setups such as Venice, but the data handling of any model provider is governed by that provider's own terms and privacy policy.

Approval cards

Mist shows approval cards for actions that can affect another person, account, calendar, repository, local system, or external service. These cards are intended to show the tool, account, recipient, and action details before the user approves or rejects the action.

Data retention

Local memory, settings, and logs remain on the user's device until the user deletes them or uninstalls and removes app data. Data stored by third-party services is governed by those services. Screenshots and temporary artifacts should be retained only as needed for the task and may be deleted automatically by the app.

Security

Mist uses local storage, user-controlled connectors, OAuth authorization, and approval prompts to reduce unintended access or actions. No software can guarantee perfect security. Users should protect their computer account, keep macOS updated, and revoke connector access when they no longer need it.

Changes

This policy may be updated as Mist changes. The updated date at the top of the page will reflect the latest published version.

Contact

For privacy requests, use the support or privacy contact published with the Mist download domain or OAuth consent screen.