Privacy Policy

Effective Date: February 5, 2026. At DeclutrMail.ai, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

DeclutrMail.ai's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically: (1) We only access Gmail data necessary to provide email cleanup functionality—specifically email metadata (sender, subject, date, labels, attachment size) and a short preview (~160 characters) for categorization. (2) We do NOT read, store, or transmit full email body content. (3) We do NOT use Gmail data for advertising, market research, or to train AI/ML models. (4) We do NOT share Gmail data with third parties except as necessary to provide the service (e.g., Supabase for secure storage of metadata). (5) Human access to Gmail data is restricted to debugging with user consent, investigating security issues, or complying with legal requirements.

We collect information you provide directly to us, such as when you create an account, connect your Gmail, or contact our support team. This includes: (1) Account information: email address and name from Google sign-in. (2) Gmail metadata: sender addresses, subject lines, dates, labels, attachment sizes, and a short preview (~160 characters) for categorization. (3) Authentication tokens: securely encrypted and stored to maintain your Gmail connection. We do NOT store or process the full content (body) of your emails. Full email bodies are never read, processed, or transmitted to our servers.

We use the information we collect solely to: (1) Provide, maintain, and improve our email cleanup services, (2) Identify emails matching your cleanup criteria based on metadata, (3) Process your requests to archive or trash emails, and to process permanent delete only if additional Gmail permission is granted and you explicitly trigger it, (4) Display your cleanup history and undo options, (5) Respond to your comments and questions, (6) Detect and prevent fraud and abuse. We do NOT use your data for advertising or marketing purposes. We do NOT sell your data to third parties.

We retain your account information for as long as your account is active. Logs of archived emails (email headers and short preview) are retained for 7-365 days depending on your plan settings. Full email content is never stored on our servers. When you disconnect Gmail or delete your account, we immediately revoke our access and delete your stored data within 24 hours.

We implement industry-standard security measures: (1) All data is encrypted in transit using TLS 1.3. (2) Authentication tokens are encrypted at rest using AES-256. (3) We use Supabase's enterprise-grade infrastructure with SOC 2 Type II compliance. (4) Access to production systems is restricted and logged. (5) We conduct regular security reviews of our codebase.

You have the right to: (1) Disconnect your Gmail account at any time from Settings. (2) Request deletion of all your data. (3) Export your cleanup history. (4) Access information about what data we store. To exercise these rights, contact privacy@DeclutrMail.ai or use the controls in your Settings page.

We use the following third-party services: (1) Google OAuth for secure sign-in and Gmail access. (2) Supabase for secure database and authentication infrastructure. (3) Paddle/Razorpay for payment processing (they do not access your Gmail data). These services have their own privacy policies that govern their use of your information.

If you have questions about this Privacy Policy or our data practices, please contact us at privacy@DeclutrMail.ai.