Privacy Policy

Last updated: April 9, 2026

1. Introduction

AI Email Assistant ("the Service") helps you work with your Gmail inbox using AI. This Privacy Policy explains what data is collected, how it is used, and your rights.

2. Information We Collect

When you use the Service, we access the following information through Google OAuth:

Profile Information

Your name, email address, and profile picture from your Google account. This is used solely to display your identity in the interface.

Email Data

Email content (subject, body, sender, recipients) is accessed on-demand when you ask the AI to read, summarize, or search your inbox. Email data is processed in real-time and is not permanently stored on our servers.

Chat History

Your chat messages with the AI assistant may be stored temporarily for session continuity. Chat history does not contain raw email content.

3. How We Use Your Information

  • To respond to your chat requests (summarize emails, search, draft replies).
  • To display your profile information in the interface.
  • To send emails on your behalf — only when you explicitly approve a draft.

We do not:

  • Sell, share, or transfer your data to third parties.
  • Use your data for advertising or marketing purposes.
  • Train AI models on your personal email content.
  • Store your emails permanently on our servers.

4. Data Security

Authentication tokens are handled securely: refresh tokens are stored in encrypted, HttpOnly cookies and are never exposed to client-side JavaScript. All communication between the frontend and backend uses HTTPS in production. However, as a demonstration project, the Service may not implement all enterprise-grade security measures.

5. Third-Party Services

The Service integrates with:

  • Google APIs— for authentication and Gmail access. Google's own Privacy Policy applies to their services.
  • AI Language Models — your chat messages are sent to AI model providers for processing. No personally identifiable email content is sent beyond what is necessary to fulfill your request.

6. Google API Services User Data Policy

The Service's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

7. Data Retention & Deletion

Email content is processed in real-time and discarded after the response is generated. Chat session data may be retained for the duration of your session.

To delete all your data and revoke access, visit your Google Account permissions page and remove "AI Email Assistant" from the list of connected apps.

8. Your Rights

You have the right to:

  • Revoke access to your Google account at any time.
  • Request deletion of any stored chat data.
  • Review what data the Service has access to via your Google Account settings.

9. Changes to This Policy

This Privacy Policy may be updated from time to time. Continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact

If you have questions about this Privacy Policy or want to request data deletion, please reach out via the project's GitHub repository.