Privacy Policy

Last updated: January 2025

1. Introduction

EaseMail ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our email management platform and AI-powered services.

By using EaseMail, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Personal Information

We collect information that you provide directly to us:

  • Account information (name, email address, password)
  • Profile information (avatar, preferences, signatures)
  • Billing information (payment methods, billing address, tax information)
  • Communication preferences and settings

2.1.1 Billing and Payment Data

For subscription and usage-based billing, we collect:

  • Payment Information: Processed securely through Stripe (we do not store credit card numbers)
  • Billing Address: Required for tax calculation and compliance (US, Canada, EU)
  • Transaction History: Invoices, payment receipts, and billing records
  • Usage Metrics: SMS messages sent, AI requests made, storage consumed
  • Tax Information: Calculated based on your billing address location

2.2 Email Content

When you connect your email account(s) to EaseMail, we access and process:

  • Email messages (subject, body, attachments)
  • Email metadata (sender, recipients, timestamps)
  • Folder structure and labels
  • Contact information from your address book

2.3 AI Processing Data

When you use AI features (summarization, email writing, smart replies):

  • Email content sent to OpenAI for processing
  • AI-generated summaries and drafts
  • Usage metrics and feature interactions

2.4 Automatically Collected Data

  • Device information (browser type, OS, IP address)
  • Usage data (pages visited, features used, session duration)
  • Cookies and similar tracking technologies
  • Error logs and performance metrics

3. How We Use Your Information

We use collected information for:

  • Service Delivery: Providing email management, AI features, and platform functionality
  • Personalization: Customizing your experience and improving AI accuracy
  • Communication: Sending service updates, security alerts, and support messages
  • Analytics: Understanding usage patterns to improve our services
  • Security: Detecting fraud, preventing abuse, and protecting user accounts
  • Billing: Processing payments and managing subscriptions
  • Legal Compliance: Meeting regulatory requirements and enforcing our terms

4. Data Sharing and Third Parties

4.1 Service Providers

We share data with trusted third-party services:

  • Nylas: Email API provider for email synchronization
  • OpenAI: AI processing for summarization and generation features
  • Supabase: Authentication and database hosting
  • Stripe: Payment processing (we do not store credit card numbers)
  • Resend: Transactional email delivery
  • Upstash: Rate limiting and caching infrastructure

4.2 We Do NOT:

  • Sell your personal information to third parties
  • Share your email content for advertising purposes
  • Use your data to train AI models without explicit consent
  • Provide your data to government agencies without legal requirement

5. Data Storage and Security

We implement industry-standard security measures:

  • End-to-end encryption for data in transit (TLS/SSL)
  • Encrypted database storage (PostgreSQL with encryption at rest)
  • Rate limiting and DDoS protection
  • Regular security audits and penetration testing
  • Multi-factor authentication (MFA) support
  • Role-based access controls for admin functions
  • PCI DSS compliance for payment processing (via Stripe)

5.1 Data Retention

We retain your data for as long as your account is active, with the following specifics:

  • Account Data: Retained while account is active
  • Billing Records: Retained for 7 years (tax compliance requirements)
  • Usage Metrics: Retained for 2 years (billing and analytics)
  • Invoices: Retained for 7 years (legal and accounting requirements)
  • Payment Methods: Stored securely by Stripe; deleted immediately upon removal

You may request deletion of account data at any time through your account settings. Note that billing records may be retained for legal compliance even after account deletion.

5.2 Payment Card Industry (PCI) Compliance

We do not directly store, process, or transmit credit card information. All payment processing is handled by Stripe, a PCI DSS Level 1 certified payment processor. This ensures the highest level of security for your payment information.

6. Your Rights (GDPR & CCPA)

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your data ("Right to be Forgotten")
  • Portability: Export your data in a machine-readable format
  • Opt-Out: Unsubscribe from marketing communications
  • Restriction: Limit how we process your data

To exercise these rights, contact us at privacy@easemail.com or use your account settings.

7. Cookies and Tracking

We use cookies and similar technologies for:

  • Authentication and session management
  • User preferences and settings
  • Analytics and performance monitoring (optional)

You can manage cookie preferences through your browser settings or our cookie consent banner.

8. International Data Transfers

Your data may be transferred and processed in countries outside your residence. We ensure appropriate safeguards are in place (EU-US Data Privacy Framework, Standard Contractual Clauses).

9. Children's Privacy

EaseMail is not intended for users under 18 years of age. We do not knowingly collect data from children. If you believe we have collected data from a minor, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or in-app notification. Continued use of EaseMail after changes constitutes acceptance.

11. Usage-Based Billing and Metering

EaseMail uses usage-based billing for certain features. Here's how we track and bill for usage:

11.1 What We Track

  • SMS Messages: Count of SMS messages sent through the platform
  • AI Requests: Number of AI-powered features used (summarization, email generation, etc.)
  • Storage: Total storage consumed by emails, attachments, and other data

11.2 How We Track Usage

Usage is tracked automatically and in real-time when you use billable features. You can view your current usage at any time in your billing dashboard. Usage metrics are calculated hourly and aggregated monthly for billing purposes.

11.3 Billing Process

  • Usage is calculated at the end of each billing period (monthly)
  • You receive an email notification before charges are processed
  • Charges are automatically applied to your payment method on file
  • Failed payments trigger automated retry attempts with email notifications
  • Detailed invoices are available for download in your billing dashboard

11.4 Tax Calculation

Sales tax, VAT, or GST/HST is calculated based on your billing address and applied to all charges. Tax rates are automatically updated to reflect current regulations in your jurisdiction. We collect and remit taxes as required by law.

11.5 Payment Method Requirements

Paid plan subscribers are required to maintain a valid payment method on file. Accounts without a payment method may be subject to service restrictions or suspension after a grace period. You will receive email notifications before any restrictions are applied.

12. Contact Us

For privacy-related questions or concerns:

This Privacy Policy is effective as of January 2025. By using EaseMail, you acknowledge that you have read and understood this policy.