NeatMailNeatMail
Get NeatMail
// legal

Privacy Policy.

Passthrough by design. Encrypted at rest. Compliant by default.

Last updated · June 5, 2026

1. Introduction

Welcome to Neatmail ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our email management application.

By using Neatmail, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Email Data

When you connect your Gmail or Outlook account to Neatmail, we access and process the following:

  • Message IDs: We store only the unique identifiers of your emails from the last 60 days. We do NOT store the content, subject lines, or metadata of your emails.
  • Sender Information (Encrypted): Sender email addresses are stored encrypted at rest. A single encryption key unique to NeatMail is used and never leaves our secure server environment.
  • Real-time Access: We establish a secure WebSocket connection with Gmail to fetch email metadata temporarily for display purposes only.

2.2 Account Information

We collect account-related information through our authentication provider, Clerk:

  • Email address
  • Name (if provided)
  • Profile picture (if provided)
  • Authentication credentials

2.3 Usage Data

We automatically collect certain information when you use our service:

  • Device information (browser type, operating system)
  • IP address
  • Usage statistics and interaction patterns
  • Log data and error reports

2.4 Label Corrections

When you correct an email's label or category, we collect and store the following in Pinecone, our vector database:

  • The original label assigned by the system
  • Your corrected label or category
  • Email context used for improving future classification accuracy

2.5 Draft Email Context

When you create a draft email, we pull relevant context from your email history and store it in Pinecone to assist with draft generation. This includes:

  • Conversation history and recent messages relevant to the draft
  • Subject line of the email thread
  • Sender and recipient information from the email thread

3. How We Use Your Information

We use the collected information for the following purposes:

Service Provision:To provide, maintain, and improve Neatmail's functionality
Email Management:To display and organize your emails in a streamlined interface
Draft Management:To temporarily store and sync your email drafts
Authentication:To verify your identity and secure your account
Customer Support:To respond to your inquiries and provide technical assistance
Service Improvement:To analyze usage patterns and enhance user experience
Legal Compliance:To comply with applicable laws and regulations

4. Data Storage and Retention

✓ What We Store

  • Message IDs: Retained for a maximum of 60 days, then automatically deleted
  • Draft Context (Pinecone): Retained for the duration of your membership. Deleted upon account deletion.
  • Label Corrections (Pinecone): Retained as long as your account is active.
  • Account Data: Retained as long as your account is active
  • Automatic Deletion: All data deleted if account inactive for 30 days.

× What We Don't Store

  • Email message content (except for draft context)
  • Attachments
  • Email headers (except sender and subject for draft context)
  • Full email metadata outside specific contexts

5. Third-Party Services

We use the following trusted third-party services to operate Neatmail:

5.1 Gmail API & Outlook API

We use Google's Gmail API and Microsoft's Outlook API to access your email data. Your use of these services is also subject to their respective Privacy Policies and Terms of Service.

5.2 Clerk (Authentication)

We use Clerk for user authentication and account management.

5.3 Supabase (Database)

We use Supabase as our backend database service to store message IDs and draft emails.

5.4 Dodo Payments (Payment Processing)

If you subscribe to paid features, payment information is processed by Dodo Payments. We do not store your credit card or payment information on our servers.

5.5 Pinecone (Vector Database)

We use Pinecone as our vector database to store and query embeddings of label corrections and draft context.

5.6 OpenAI

We use OpenAI's API services to power AI-driven email classification, label suggestions, and draft generation. Email content may be processed by OpenAI temporarily in-memory for these purposes. OpenAI does not retain or store your email data beyond the processing request.

6. Data Security

We implement industry-standard security measures to protect your information:

  • ✓End-to-end encryption for data transmission
  • ✓Secure WebSocket connections (WSS)
  • ✓Encrypted database storage
  • ✓Regular security audits and updates
  • ✓Access controls and authentication protocols
  • ✓Automatic data deletion after retention periods

7. Your Rights and Choices

You have the right to:

  • ✓Access your personal data we store
  • ✓Request correction of inaccurate data
  • ✓Request deletion of your data
  • ✓Export your data in a portable format
  • ✓Revoke email access permissions at any time
  • ✓Delete your Neatmail account

8. Cookies and Tracking

We use essential cookies to maintain your login session, remember your preferences, and analyze service usage and performance.

9. Children's Privacy

Neatmail is not intended for users under the age of 13. We do not knowingly collect personal information from children.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the last updated date.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the CCPA:

  • ✓Right to know what personal information is collected
  • ✓Right to delete personal information
  • ✓Right to opt-out of the sale of personal information (Note: We do not sell personal information)
  • ✓Right to non-discrimination for exercising your rights

13. European Privacy Rights (GDPR)

If you are in the EEA, you have rights under GDPR:

  • ✓Right to access
  • ✓Right to rectification
  • ✓Right to erasure
  • ✓Right to restrict processing
  • ✓Right to data portability
  • ✓Right to object
  • ✓Right to withdraw consent

14. Google API Services User Data Policy

Neatmail's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

  • ✓Only requests the minimum Gmail permissions necessary
  • ✓Does not use Gmail data for advertising
  • ✓Does not transfer Gmail data to third parties except as necessary
  • ✓Does not allow humans to read Gmail data unless required for security

15. AI Privacy Settings

Neatmail includes an optional AI Privacy Setting that enables advanced AI processing to improve email classification and automation quality.

For AI-powered features, Neatmail uses OpenAI services to process relevant email content securely in-memory during classification and automation tasks. No personal email data is stored.

16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us at:

Email: [email protected]

We will respond to your inquiry within 30 days.