Privacy Policy

When you connect your email account through OAuth authentication, we adhere to the following principles:

• Limited Data Storage: We only store your email address and encrypted access tokens. The access tokens are encrypted using a private key that is rotated quarterly for enhanced security.
• No Email Content Storage: We do not permanently store any email content or attachments. Email data is accessed directly from the provider's servers only when you use the related features.
• No AI Training: We do not use any data obtained through Google Workspace APIs, Microsoft Graph APIs, or any other email integration to develop, improve, or train generalized AI and/or ML models.
• User-Only Access: Email data is only accessible to you, the authenticated user. No other users, including administrators, can access your email data.

We do not share, sell, rent, or trade your personal information with third parties for their commercial purposes.

We may share your information only in the following limited circumstances:

• Service Providers: With trusted service providers who help us operate our business (e.g., cloud hosting providers) under strict confidentiality agreements.
• Legal Requirements: When required by law, such as to comply with a subpoena or similar legal process.
• Protection: When necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Google User Data: We do not share Google user data with any third parties except for the limited purposes described above and in compliance with Google API Services User Data Policy.

We retain your personal information only for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

• Account Information: Retained as long as your account is active or as needed to provide you services.
• Email Integration Data: Access tokens are retained only while your account is active and the integration is enabled. They are immediately deleted when you revoke access or close your account.
• Google User Data: We retain Google user data only for as long as necessary to fulfill the limited purposes for which it was collected. You can revoke access at any time through your Google account settings or by contacting us.

Account Deletion: When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legitimate business or legal purposes.