Privacy Policy

Last updated: May 22, 2025

InboxGuardianAI ("we", "our", or "us") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, and protect information when you use our service, which helps monitor email accounts for phishing, scams, and malicious content.

1. Information We Collect

• We do not collect or store the content of your emails.
• Email headers (e.g., sender, subject line, date)
• Email body content and attachments (temporarily, for analysis)
• Email message identifiers (used for tracking scans)
• Account metadata (e.g., email address, digest preferences)

We never access your contacts, calendar, or any other data outside of what is needed to perform email scanning.

2. How We Use Your Data

• To scan incoming emails for phishing, scams, and threats.
• To move flagged emails to a user-visible "Quarantine" folder.
• To send daily or weekly summary digests to a designated email address.
• To manage your account settings and scan preferences.

3. Data Retention and Storage

• We do not store any email content or personal messages on our servers.
• Only anonymized, hashed identifiers and scan result logs (non-sensitive) are retained temporarily to avoid duplicate scans.
• OAuth access tokens are securely stored and encrypted for service access, and never shared.

4. Third-Party Services

We may use the following services in conjunction with our application:

• Email delivery providers (e.g., SendGrid or Amazon SES) to send summary digests.
• OAuth providers (e.g., Google, Yahoo) to authorize email access.

These services operate under their own privacy policies. We do not share your personal information with advertisers or third-party analytics services.

5. Security

We take data protection seriously and implement the following security measures:

• End-to-end encryption of data in transit (TLS)
• Encrypted storage of access tokens and configuration
• Role-based access controls and multi-factor authentication (MFA)
• Routine audit logging and system monitoring

6. User Control and Consent

• You may revoke OAuth access at any time via your email provider's security settings.
• You can disable scanning or delete your configuration from within your InboxGuardianAI account.
• You may contact us at any time to request deletion of your stored configuration data.

7. Children's Privacy

InboxGuardianAI is not intended for use by individuals under the age of 13. We do not knowingly collect personal data from children.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes through the app interface or via email. The latest version will always be posted on our website.

9. Contact Us

If you have questions about this Privacy Policy, please contact us:

• Email: support@inboxguardian.ai