Privacy Policy

Last updated: February 18, 2026

1. Overview

InboxIQ ("we", "our", or "us") is committed to protecting your privacy. This policy explains what data we collect, why we collect it, and how we handle it. We keep this simple and honest — no legalese designed to obscure what we're actually doing.

2. What We Collect

Demo Mode (no account required)

The interactive demo uses only your browser's localStorage to store demo state (which emails you've archived, snoozed, etc.). None of this leaves your device. We collect no data in demo mode.

Paid Accounts

With Gmail integration, we access your Gmail data via OAuth to perform AI triage. We read email metadata and content only to classify urgency. We do not store email content beyond what's needed to generate triage results. You can revoke access at any time from your Google account settings.

3. How We Use Data

  • To provide and improve the InboxIQ service
  • To notify users about product updates and new features
  • To process payments via Stripe (we never see your card details)
  • To debug errors and monitor service health

We do not use your email content to train AI models. We do not sell data to advertisers.

4. Third-Party Services

  • Google Gmail API — for reading and triaging emails (paid tier only)
  • OpenAI / Anthropic — AI models for email classification (no data retention per their enterprise policies)
  • Stripe — payment processing (PCI compliant)
  • Vercel — hosting and serverless functions
  • Supabase — database (hosted in EU)

5. Data Retention

Waitlist entries are deleted 90 days after launch or upon your request. Account data is deleted within 30 days of account deletion. Email content is never stored — only triage classifications are cached temporarily to avoid redundant AI calls.

6. Your Rights

You can request deletion of your data at any time by emailing us. If you're in the EU, you have rights under GDPR including access, rectification, erasure, and portability of your personal data.

7. Security

We use HTTPS everywhere, store OAuth tokens encrypted at rest, and never log sensitive data. Gmail access uses read-only scopes where possible. Access tokens are stored in your session, not in our database.

8. Contact

Questions about privacy? Email us at inboxiqaidev@gmail.com. We aim to respond within 48 hours.

← Back to InboxIQ