Privacy Policy

Last updated: March 2026 · Effective immediately

1. Who we are

MailAI is an AI-powered email management tool that connects to your Microsoft Outlook account. For privacy inquiries, contact us at privacy@mailai.pro

2. What data we collect

• Microsoft OAuth tokens — stored in encrypted server sessions, expire after 24 hours. - Email metadata — subject lines, sender addresses, timestamps displayed in your inbox. Never stored in our database. - Email content excerpts — up to 500 characters sent to Anthropic's Claude API for AI analysis. Processed in real-time, never stored. - AI analyses — stored only in your browser's localStorage. Never leave your device.

3. How we use your data

We use your data solely to display your emails, generate AI summaries and reply drafts, and categorize your inbox. We never sell your data or use it for advertising.

4. Third-party services

• Microsoft Graph API — to read and send emails. Governed by Microsoft's Privacy Policy. - Anthropic Claude API — to generate AI summaries. Only email excerpts (max 500 chars) are sent. Anthropic does not use API data for model training. - Railway — our EU hosting provider (europe-west4).

5. GDPR & your rights (EU users)

You have the right to: Access, Deletion, Portability, Objection, and to Withdraw consent at any time. Contact privacy@mailai.pro to exercise these rights.

6. Data retention

• OAuth tokens: deleted on logout or after 24 hours - Email content: never stored - AI analyses: stored in your browser only - Account data: deleted within 30 days of deletion request

7. Security

All data transmitted over HTTPS/TLS. OAuth tokens in encrypted HTTP-only sessions. No email content stored in databases.

8. Cookies

We use one essential session cookie to keep you logged in. No tracking or advertising cookies.

9. Contact

Email: privacy@mailai.pro · Response within 72 hours (GDPR requirement)