Mailsome AI Logomailsome.ai

Privacy Policy

Last Updated: January 25, 2025

Summary

We only access the email you explicitly select when you click "Generate." These contents are processed temporarily, never permanently stored, and never sold or used for advertising purposes.

Overview

Mailsome.ai ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how our Chrome Extension collects, uses, and safeguards your information when you use our AI-powered email assistant for Gmail.

Information We Collect

1. Authentication Information

  • What we collect: Google OAuth email address, name, and authentication token
  • Why we collect it: To authenticate users and provide personalized access
  • How it's stored: Locally in your browser's secure storage

2. Email Content (Temporary Processing Only)

  • What we access: The email you select when clicking "Generate"
  • Why we access it: To provide context for AI-generated replies
  • How it's processed: Transmitted to our secure API, processed in memory only, and discarded immediately after generation. No permanent storage on our servers.

3. Usage Information

  • What we collect: Number of generated emails, subscription status
  • Why we collect it: To enforce usage limits and manage subscriptions
  • How it's stored: Linked to your account on our secure servers
  • Note: Payment information is not stored by us, but processed exclusively by Stripe.

4. User Preferences

  • What we collect: Language, theme settings, and tone preferences
  • Why we collect it: To personalize your experience
  • How it's stored: Synced via Chrome's storage across your devices

Information We Do Not Collect

  • Browser history
  • Personal communications outside of the drafted email
  • Financial data (handled by Stripe)
  • Location data
  • Keystrokes or general activity tracking
  • Emails you receive or send outside of the selected draft

How We Use Your Information

  1. 1. To provide the core service (AI-generated replies)
  2. 2. To authenticate and secure your account
  3. 3. To improve the service (through anonymized usage analytics)
  4. 4. To manage subscriptions and enforce usage limits
  5. 5. To send important service updates (if subscribed)

Data Security

  • All API communication is encrypted with TLS
  • OAuth tokens are securely stored in Chrome's local storage
  • Email content is processed only in memory and immediately discarded
  • Industry-standard practices are followed (TLS 1.3, AES-256, role-based access control, regular security reviews)

Cookies and Local Storage

Essential Cookies (no tracking or ads):

Essential Cookies

  • auth-token: HTTP-only, 7 days, for API authentication
  • mailsome-auth-token: 7 days, indicates login state
  • connect.sid: Session-only, used during OAuth process
  • subscription-session: HTTP-only, 24 hours, subscription management

Local Storage

  • authToken: Extension authentication backup
  • userProfile: Cached name and email
  • cookiesAccepted: Cookie preference

⚠️ Blocking essential cookies will prevent login, subscription access, and service functionality.

Data Sharing

We never sell or share data for advertising.

We only share data with:

  • OpenAI API: For AI processing of the selected email (may contain personal data). No permanent storage by us.
  • Stripe: For subscription and payment processing
  • Google OAuth: For user authentication

Legal Basis for Processing (GDPR)

  • • Art. 6(1)(b) GDPR: Contract fulfillment (service delivery)
  • • Art. 6(1)(a) GDPR: Consent (when you click "Generate")

Your Rights

You have the right to:

  • Access the data we hold about you
  • Delete your account and data
  • Export your data (data portability)
  • Object to processing
  • File a complaint with your local data protection authority

Data Retention

  • Email content: Not stored (discarded immediately after processing)
  • Authentication data: Retained while your account is active
  • Usage statistics: Retained for 12 months
  • Account data: Deleted 30 days after account closure

Children's Privacy

Our service is not directed to users under 13. We do not knowingly collect data from children.

Changes to this Policy

We may update this Privacy Policy from time to time. Significant changes will be communicated via the extension or by email.

Compliance

We comply with:

  • • Chrome Web Store Developer Program Policies
  • General Data Protection Regulation (GDPR)
  • • California Consumer Privacy Act (CCPA), where applicable

Consent

By using the Mailsome.ai Chrome Extension, you consent to this Privacy Policy and our data practices.

Contact