Privacy Policy

Emaile (“we”, “us”, “our”) is an AI-powered email secretary service. We take your privacy seriously. This policy explains exactly what data we collect, how we use it, and what we will never do with it.

By using Emaile, you agree to the practices described in this policy.

We collect only the minimum data needed to provide the service:

• Account information — your name, email address, and password (hashed and never stored in plain text).
• Email metadata — sender, recipient, subject, date, and a short preview snippet of emails in your connected inbox.
• AI-generated summaries — short, machine-generated summaries of your emails created by our AI layer to help you triage your inbox.
• Connected account tokens — OAuth tokens from your email provider (via Nylas) that allow us to read and send emails on your behalf. These tokens are encrypted at rest.
• Usage data — basic logs such as which features you use, to help us improve the product. No behavioral tracking or advertising profiles.

Your data is used exclusively to provide the Emaile service:

• Syncing and displaying your emails in the dashboard.
• Running AI analysis (categorization, summaries, draft replies) on your email content.
• Delivering your morning briefing email.
• Applying automation rules you configure.
• Authenticating you securely.

We do not use your data to train AI models. Email content sent to the AI layer is processed in real-time and not stored by Anthropic beyond the request.

• We will never sell your data to third parties.
• We will never share your email content with advertisers, data brokers, or any company for commercial purposes.
• We will never use your emails to build advertising profiles.
• We will never read your emails ourselves — all analysis is automated and machine-generated.
• We will never retain email body content beyond what is necessary to display it in your session.

All data is stored in Supabase, a PostgreSQL database provider, in the EU region (Frankfurt, Germany). Data is encrypted at rest and in transit using AES-256 and TLS 1.3.

Email OAuth tokens are stored encrypted. Passwords are hashed using bcrypt and never stored in plain text. We enforce row-level security (RLS) so your data is only accessible to you.

We retain your data for as long as your account is active. When you delete your account, all associated data is permanently deleted within 30 days.

Emaile uses the following third-party services to operate:

• Nylas — Email connectivity layer. Nylas handles OAuth authentication with Gmail, Outlook, and other providers and reads/sends emails on our behalf. Your email provider credentials are never shared with Emaile directly. Nylas is SOC 2 Type II certified.
• Anthropic (Claude API) — AI analysis engine. Email metadata and snippets are sent to Anthropic's Claude API for categorization, summarization, and draft generation. Anthropic does not train on API data by default.
• Supabase — Database and authentication provider. Your account data and email metadata are stored in Supabase's infrastructure. Supabase is SOC 2 Type II certified.
• Vercel — Application hosting. Our web application is hosted on Vercel's infrastructure in the EU region.

You have the following rights regarding your data:

• Access — you can view all data we hold about you in your account dashboard.
• Disconnect — you can disconnect your email account at any time from Settings. This immediately revokes our access to your inbox.
• Delete — you can request full account deletion by emailing us. All data is deleted within 30 days.
• Export — you can request a copy of your data by contacting us.
• Correction — you can update your profile information directly in Settings.

Emaile uses essential session cookies only — to keep you logged in. We do not use tracking cookies, advertising cookies, or any third-party analytics cookies.

If we make material changes to this policy, we will notify you by email at least 14 days before the changes take effect. Continued use of the service after that date constitutes acceptance of the new policy.

For privacy-related questions, data requests, or to report a concern, contact us at privacy@emaile.ai.