Inline
Legal
OverviewPrivacyTermsAcceptable UseSubprocessorsDPA

Privacy Policy

Last updated: May 15, 2026.

Inline is a work chat app for teams and communities. This Privacy Policy explains how Inline ("Inline", "we", "us", or "our") collects, uses, shares, and protects personal information when you use our websites, apps, APIs, SDKs, bot surfaces, MCP server, and related services (the "Services").

This policy covers personal information we process for our own purposes. When an organization uses Inline for its workspace, it may control some workspace content and account settings. If your account is managed by an organization, contact that organization for questions about its own privacy practices.

Information We Collect

Account and profile information

We collect information needed to create, secure, and operate your account, such as your name, username, email address, phone number, verification status, profile photo, time zone, and account settings.

Workspace and communication content

We process content you and other users create in Inline, including spaces, chats, messages, message edits, reactions, replies, attachments, files, photos, videos, voice messages, bot commands, message actions, thread metadata, and related records needed to sync and display conversations.

Device, session, and technical data

We collect technical data needed to run and protect the Services, such as IP address, client type, app version, operating system version, device identifiers, session activity, authentication token hashes, push notification tokens, error logs, crash reports, and security/audit events.

Integrations and developer surfaces

If you connect an integration or developer surface, we process the data needed to provide it. This can include encrypted OAuth tokens, selected Notion or Linear workspace IDs, bot tokens, MCP authorization data, API request metadata, uploaded media, and the content you ask an integration, bot, or assistant to act on.

Support, feedback, and website data

If you contact us, join a waitlist, report a bug, or send feedback, we collect the information you provide and related context needed to respond. Our website may collect basic technical and analytics data, such as page visits, device/browser details, referral information, and approximate location inferred from IP address.

How We Use Information

We use personal information to:

  • provide, sync, and improve chat, file sharing, search, notifications, APIs, bots, MCP, and integrations
  • authenticate users, maintain sessions, and protect accounts
  • send service emails, login codes, security alerts, support replies, and product updates
  • process user-requested actions through integrations such as Notion, Linear, Loom link previews, and AI-assisted features
  • detect, prevent, and investigate spam, abuse, security incidents, and service misuse
  • debug, monitor, and improve reliability and performance
  • comply with legal obligations and enforce our legal terms

We do not sell personal information. We do not use workspace messages or files for advertising.

AI and User-Enabled Integrations

Some Inline features can send selected content to third-party services at your request or as part of a feature you enable. For example, Inline may use OpenAI or Anthropic for AI-assisted actions, Notion or Linear for task workflows, Loom for link preview metadata, or Apple Push Notification service for notifications.

We limit these transfers to the information needed for the requested feature. You are responsible for the third-party services you connect and for making sure you have permission to send content to them.

How We Share Information

Other users and workspace participants

Inline is a communication service. Your profile, messages, reactions, files, and activity may be visible to the people in the chats, spaces, bots, or integrations you use, depending on product behavior and workspace settings.

Service providers and subprocessors

We use third-party providers to host infrastructure, store files, send email and SMS codes, deliver push notifications, monitor errors, measure usage, and provide optional integrations. Our current list is available at Subprocessors.

User-directed third parties

We share information with third parties when you instruct us to, such as when you connect Notion or Linear, send content through a bot, use MCP tools, create an external task, or trigger an AI-assisted feature.

Legal, safety, and business transfers

We may disclose information when we believe it is necessary to comply with law, respond to valid legal process, protect users or the Services, enforce our terms, investigate fraud or abuse, or support a merger, acquisition, financing, reorganization, or sale of assets.

Security

We use technical and organizational safeguards designed to protect personal information. Current measures include TLS for data in transit, encryption at rest for sensitive server-side data, encrypted storage for sensitive tokens and push credentials, signed media access URLs, limited production access, and encrypted local data in Apple apps.

Inline is not currently end-to-end encrypted. This allows features such as history sync, search, bots, public threads, AI-assisted workflows, and integrations to work across devices and teams. We continue to evaluate stronger privacy and encryption options.

No internet service can guarantee absolute security. If you believe you found a vulnerability, contact with the subject line Security.

Retention

We keep account information, workspace content, and integration data for as long as needed to provide the Services, comply with legal obligations, resolve disputes, enforce agreements, and maintain security. Deleted messages, accounts, or integrations are removed from active systems according to product behavior and may remain for a limited period in backups, logs, or audit records.

System logs, crash reports, and operational telemetry are kept only as long as reasonably needed for security, debugging, and reliability. Some operational logs are designed to expire after approximately 90 days.

Your Choices and Rights

Depending on where you live, you may have rights to access, correct, export, delete, restrict, or object to processing of your personal information. You can also opt out of non-essential communications.

You can request help with privacy rights by emailing . We may need to verify your identity before completing a request.

California residents may have rights under the CCPA/CPRA, including the right to know, delete, correct, and opt out of sale or sharing. Inline does not sell personal information or share personal information for cross-context behavioral advertising.

European Economic Area, United Kingdom, and Swiss residents may have GDPR-style rights, including access, correction, deletion, restriction, objection, portability, and the right to lodge a complaint with a supervisory authority.

Children

Inline is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child provided personal information to Inline, contact us and we will take appropriate steps.

International Processing

We and our providers may process information in the United States, Europe, and other countries. When required, we use appropriate safeguards for international transfers, such as contractual commitments with subprocessors.

Changes

We may update this Privacy Policy from time to time. The latest version will be posted on this page. If a change is material, we will take reasonable steps to notify users, such as by email or in-product notice.

Contact

For privacy questions or requests, email .

InlineWork chat for high-performance teams.
DocsSecurityTermsPrivacySubprocessors