1. Data Controller
Controller: Private Individual
Instance: Self-hosted at inbox-zero.up-to-the.cloud
Contact: For privacy inquiries, contact via GitHub Issues
2. Data We Access
Through Google OAuth integration, this application accesses:
- Email Data: Subject lines, sender/recipient addresses, email content, attachments, labels
- Calendar Data: Event titles, times, descriptions, attendee information
- Google Drive: File metadata and content for email attachments
- Profile: Name and email address for account identification
3. How We Use Your Data
We only use your data for:
- Email organization and automated labeling
- AI-powered email analysis and draft generation
- Meeting brief preparation from calendar data
- Follow-up reminder tracking
4. Data Storage & Security
- Self-Hosted: All data stored on private VPS (PostgreSQL, Redis)
- Encryption: HTTPS/TLS for all connections, OAuth tokens encrypted at rest
- No Third-Party Sharing: Data is not sold or shared with external parties
- Access Control: Only authorized email addresses can access the service
5. Your Rights
- Revoke Access: Instantly revoke via Google Account Settings
- Data Deletion: Request complete deletion of all stored data
- Export: Export your data from the PostgreSQL database
6. Google API Compliance
This application adheres to the Google API Services User Data Policy including Limited Use requirements. We do not transfer Google user data to third parties, use it for advertising, or allow human reading except with consent.
7. Contact
For privacy inquiries, please open an issue on the GitHub repository.
This self-hosted instance operates independently from Inbox Zero Inc. For the official service, visit getinboxzero.com