Privacy Policy

Last updated: February 14, 2026

At NextEmail.ai, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Name (optional)
  • Password (securely hashed)

Email Data

When you connect your email account, we access:

  • Email metadata (sender, recipient, subject, date)
  • Email content for AI classification
  • Folder structure

Important: All email processing happens on your infrastructure or our secure servers. Your email content is never sent to third-party AI services.

Usage Data

We automatically collect:

  • Log data (IP address, browser type, pages visited)
  • Device information
  • Usage patterns to improve our service

2. How We Use Your Information

We use collected information to:

  • Provide and maintain our service
  • Process and classify your emails using AI
  • Send service-related communications
  • Improve and optimize our service
  • Detect and prevent fraud or abuse

3. Data Storage and Security

Your data security is our priority:

  • All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • OAuth tokens are encrypted using Fernet encryption
  • We never store your email password
  • Email data is stored in isolated per-user databases
  • Enterprise customers can deploy entirely on-premise

4. Data Sharing

We do not sell your personal information. We may share data only:

  • With your consent
  • To comply with legal obligations
  • To protect our rights and safety
  • With service providers who assist our operations (under strict confidentiality)

5. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data
  • Export your data
  • Opt out of marketing communications

6. Data Retention

We retain your data as long as your account is active. When you delete your account:

  • Account data is deleted within 30 days
  • Email databases are securely deleted
  • Backups are purged within 90 days

7. Cookies

We use essential cookies for:

  • Authentication and security
  • Remembering your preferences
  • Analytics to improve our service

8. Third-Party Services

We integrate with:

  • Microsoft Graph API (for Office 365 email access)
  • Google Gmail API (for Gmail email access)
  • Stripe (for payment processing)

These services have their own privacy policies.

9. Google API Services Disclosure

NextEmail.ai's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Limited Use Disclosure

NextEmail.ai's use of information received from Gmail APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Gmail data to provide and improve the email organization features described to you
  • We do not transfer Gmail data to third parties except as necessary to provide our service, with your consent, or as required by law
  • We do not use Gmail data for serving advertisements
  • Human review of Gmail data is limited to investigating security issues, abuse, or when required by law, or with your explicit consent

Gmail Permissions We Request

When you connect your Gmail account, we request the following permissions:

  • gmail.readonly - To read and analyze your email messages for AI-powered classification and organization
  • gmail.modify - To apply labels and move emails to organized folders based on AI classification
  • gmail.labels - To create and manage labels for organizing your emails into categories

How We Use Gmail Data

We use your Gmail data exclusively to:

  • Analyze email content to classify messages by sender, topic, and importance
  • Detect phishing attempts and spam to protect your inbox
  • Create organized folder structures and apply labels
  • Enable natural language search across your emails

What We Do NOT Do With Gmail Data

  • We do NOT use Gmail data for advertising or marketing purposes
  • We do NOT sell, rent, or share Gmail data with third parties
  • We do NOT use Gmail data to build user profiles for advertising
  • We do NOT allow humans to read your emails (only our AI processes them)

Revoking Access

You can revoke NextEmail.ai's access to your Gmail data at any time by:

When you revoke access, we will delete your Gmail data from our servers within 30 days.

10. Children's Privacy

Our service is not intended for users under 16 years of age. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this policy periodically. We will notify you of significant changes via email or through our service.

12. Contact Us

For privacy-related questions or concerns:

GDPR Compliance

For EU residents, NextEmail.ai complies with GDPR requirements. You can exercise your rights under GDPR by contacting us at privacy@nextemail.ai.