1. Introduction
AI Mail Hub ("we", "our", or "the application") is a professional email management tool that enables authorized users to access and manage Gmail accounts through Google's official OAuth 2.0 authorization framework.
This Privacy Policy explains what information we collect, how we use it, and the measures we take to protect it. By using AI Mail Hub, you agree to the practices described in this policy.
2. Information We Collect
AI Mail Hub collects only the information necessary to provide its core functionality:
- Gmail OAuth Tokens — Access tokens and refresh tokens issued by Google after you authorize the application. These are used solely to retrieve email data on your behalf.
- Email Metadata — Subject lines, sender and recipient addresses, timestamps, and Gmail labels of emails in authorized accounts.
- Email Content — The body of emails, used for display, search, and AI-powered summarization features.
- Account Information — The Gmail address associated with each authorized account.
We do not collect Gmail account passwords. All access is granted exclusively through Google's official OAuth 2.0 authorization flow.
3. How We Use Your Information
The information collected is used exclusively for the following purposes:
- Retrieving and displaying emails from authorized Gmail accounts in a unified inbox
- Enabling full-text search across email subjects, senders, and body content
- Generating AI-powered email summaries and category classifications
- Sending notifications when new emails arrive in monitored accounts
- Monitoring account authorization status and alerting administrators when reauthorization is needed
4. Data Storage and Security
All data is stored locally within the application's deployment environment. We implement the following security measures:
- Token Encryption — All OAuth tokens are encrypted at rest using AES-256-GCM encryption before being stored in the database.
- Local Deployment — The application is deployed locally and is not publicly accessible over the internet.
- No Third-Party Sharing — Email data and OAuth tokens are never transmitted to or shared with any third-party services, except for AI processing features which may send email content to a configured AI provider (OpenAI, Anthropic, or DeepSeek) solely for the purpose of generating summaries.
- Minimal Scope — We request only the minimum Gmail API scopes necessary:
gmail.readonly and gmail.labels.
5. Google API Services
AI Mail Hub uses Google's Gmail API to access email data. Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically:
- We only access Gmail data that is necessary for the features described in this policy.
- We do not use Gmail data for advertising purposes.
- We do not allow humans to read user email unless explicitly required for security purposes, to comply with applicable law, or if the user has given explicit permission.
- We do not use or transfer Gmail data for serving ads.
6. Data Retention
Email data is retained in the local database for as long as the associated Gmail account remains active within the application. When an account is removed from the application, all associated email data and OAuth tokens are permanently deleted from the database.
OAuth tokens are immediately revoked and deleted when a user removes their account authorization.
7. Your Rights and Controls
As a user of AI Mail Hub, you have the following rights:
- Revoke Access — You can revoke AI Mail Hub's access to your Gmail account at any time through your Google Account permissions page.
- Data Deletion — You may request deletion of all data associated with your account by contacting us at the email address below.
- Access Information — You may request a summary of what data we hold related to your Gmail account.
8. Children's Privacy
AI Mail Hub is a professional tool intended for use by adults in a legal or business context. We do not knowingly collect information from individuals under the age of 18.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of the application after changes are posted constitutes your acceptance of the revised policy.
10. Contact Us
If you have any questions about this Privacy Policy, or wish to exercise any of your rights described above, please contact us: