Cue
Get started
PRIVACY

Privacy Policy

Last updated June 8, 2026

Cue is a calm place to see everything that needs your attention — signups, payments, deploys, errors, and the decisions your AI agents are waiting on. To do that well, we handle some of your data. This page explains exactly what we hold, why we hold it, and how long it stays. We have tried to write it the way the product works: plainly, with nothing hidden.

Who we are

Cue is operated at attentioncue.com. When this policy says “we” or “Cue,” it means the team that runs that service. If you reach us with a privacy question, we are the people who answer it.

What we process

We try to collect the least we can while still doing the job. In practice that falls into four buckets.

Account data

When you sign in — typically through GitHub — we store your email address, your display name, an avatar URL, and the provider account ID we use to recognize you on your next visit. We use this to authenticate you, to send the small number of transactional emails described below, and to attribute your streams and cues to you. We do not sell it and we do not use it for advertising.

Streams and cues

A stream is an inbox lane you create; a cue is a single item that lands in one — a notification, or an agent request waiting on a decision. The content of your cues (titles, bodies, source details, timestamps, the metadata a connector attaches, and whether you cleared, snoozed, or decided each one) is stored so we can show you your inbox and keep its state in sync across desktop, web, and phone. This is your operational data; it stays yours.

Connector credentials

A connector is the thing that feeds cues into a stream — GitHub, Stripe, Vercel, Sentry, Linear, a plain webhook, or an MCP agent. Connecting one means trusting us with a credential or token. We store the configuration a connector needs to receive events, and where a connector hands us a long-lived API token we keep it encrypted. We request the narrowest scope a connector can work with, and we never use a connector credential for anything beyond delivering your cues. You can remove a connector at any time, which deletes its stored credential.

Agent decision requests

When one of your AI agents needs a human decision, it raises an agent request over MCP and blocks until you respond. To present that request honestly we store its context, the options it is choosing between, what would be affected, your decision, and the time you made it. We hold this so the agent can act on your answer and so you have a record of what was approved or declined. We do not use the contents of these requests to train models.

How we use what we process

  • To run the service: authenticate you, deliver cues, and keep state synced live.
  • To relay agent decisions: pass your answer back to the waiting agent and record it.
  • To send a few transactional emails — a welcome note, and a heads-up when an agent request is waiting on you. These follow your notification settings.
  • To keep Cue secure and reliable, and to investigate abuse or service problems.

We do not run advertising, we do not sell your data, and we do not build profiles of you for third parties.

How long we keep it

Cues live as long as your account does; clearing or snoozing a cue changes its state but does not immediately erase it, so your history stays intact. Cues that an agent gave an expiry to are aged out after they expire. Sessions expire on their own schedule. Connector credentials are deleted when you remove the connector. If you delete your account, we remove your account data, streams, cues, and connector credentials within 30 days, except where we are legally required to retain a record for longer.

Who we share it with

We share data only with the infrastructure providers that make Cue work — our hosting and edge platform, our database and storage, and our transactional email provider — and only to the extent each needs it to do its job. Connectors you set up necessarily exchange data with the upstream service you connected (that is the point of a connector). We may disclose data if the law compels us, and we will tell you when we are allowed to.

Your choices

You can edit or archive streams, clear or snooze cues, disconnect any connector, adjust your notification settings, and delete your account from within the app. If you want a copy of your data, or you want it erased and would rather we do it, write to us and we will.

Security

Data is encrypted in transit, tokens are stored hashed or encrypted, and connectors run on least-privilege scopes. The full picture lives on our security page.

Changes

If we change this policy in a way that matters, we will update the date at the top and, for material changes, tell you in the app or by email. Continuing to use Cue after a change means the updated policy applies.

Contact

Privacy questions, data requests, or anything that does not sit right — email privacy@attentioncue.com and a person will read it.