Privacy Policy for Explain My Email

Effective Date: January 23, 2026

At Explain My Email, we are committed to protecting your privacy and the security of your information. Our service is designed with a strong "email security mindset," employing robust measures to protect your data. This policy explains what information we collect, how we store it, and how we protect it.

1. Information We Collect and Store

To provide the Explain My Email service, we collect and store the following types of information:

• User Account Information: When you create an account, we collect your email address and any other information you provide during registration (e.g., name). This is used for account management, authentication, and to personalize your experience.
• Email Content and Metadata: When you submit an email for analysis, we collect and store the full content of the email (including body, attachments, and headers) and associated metadata (sender, recipients, subject, timestamps). This data is essential for generating the insights you request.
• Generated Insights: The summaries, categories, action items, and other analyses generated from your emails are stored to provide you with a history of insights.
• Usage Data: We may collect anonymous, aggregated usage data (e.g., number of emails analyzed, features used) to improve our service, but this data cannot be used to identify you personally.

2. How We Store and Protect Your Data

Your data is stored securely using industry-standard practices.

• Storage Location: Email content and generated insights are stored using Active Storage, which typically utilizes cloud storage providers such as Amazon S3. User account information is stored in our secure database.
• Encryption at Rest: All data stored in Active Storage (e.g., S3) and our databases is encrypted at rest using strong encryption protocols. This means your data is encrypted when it's not being actively processed.
• Encryption in Transit: All data transmitted between your device and our servers, and between our internal services, is encrypted in transit using industry-standard TLS/SSL protocols.
• Strict Access Controls: Access to your data is strictly limited to authorized personnel who require it to perform their duties (e.g., for support or system maintenance). We employ multi-factor authentication and robust access logging.
• Regular Security Audits: Our systems undergo regular security audits and vulnerability assessments to identify and address potential weaknesses.

3. How We Use Your Information

We use the information we collect solely for the following purposes:

• To provide, operate, and maintain the Explain My Email service.
• To generate and deliver the requested email insights (summaries, categories, action items).
• To manage your user account and provide customer support.
• To improve and optimize our service (using aggregated, anonymous usage data).
• To comply with legal obligations.

4. Data Sharing and Third-Party Processors

**We do not share, sell, rent, or disclose your personal information or email content to any third parties for their marketing or commercial purposes.**

However, to deliver our service, we utilize third-party sub-processors. These processors are contractually bound to protect your data with security measures at least as stringent as our own and are only permitted to process data for the specific purposes of providing our service. These may include:

• **Cloud Hosting Providers:** For storing email data and running our application infrastructure (e.g., AWS S3).
• **AI Model Providers:** For processing email content to generate insights (e.g., Ollama). When data is sent to an AI model for processing, it is done so securely (encrypted in transit), and these providers are contractually obligated not to store, learn from, or use your data for any other purpose than fulfilling our specific request.

5. Data Retention

We retain your email content and associated insights for as long as your account is active or as needed to provide you with the service. You can delete your account and all associated data at any time. Upon account deletion, your data will be permanently removed from our systems within a reasonable timeframe, unless legal obligations require longer retention.

6. Your Data Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• **Right to Access:** Request a copy of the personal data we hold about you.
• **Right to Rectification:** Request that we correct any inaccurate or incomplete data.
• **Right to Erasure:** Request the deletion of your personal data.
• **Right to Restrict Processing:** Request that we limit the way we use your personal data.
• **Right to Object to Processing:** Object to our processing of your personal data.

To exercise any of these rights, please contact us using the details provided below.

7. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top. You are advised to review this Privacy Policy periodically for any changes.

8. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at privacy@explainmyemail.com.