Privacy Policy - GentleMail Anonymous Email Service

1. Introduction

GentleMail ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our anonymous message relay service ("the Service"). By using GentleMail, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Account Information

When you register, we collect:

Full name
Email address
Password (encrypted with industry-standard hashing)
Account creation date and timestamp

2.2 Technical Information

We automatically collect technical data when you use the Service:

IP address (logged for security and fraud prevention)
Browser type and version
User agent string
Device information and operating system
Referring website URLs
Access times and dates

2.3 Message Data

For each message you send, we collect and temporarily store:

Recipient email address
Message subject line
Message body content (encrypted)
Send timestamp
AI moderation results and classifications
Delivery status (sent, rejected, failed)

Retention: Message content is only retained temporarily for moderation and delivery purposes. Successfully delivered messages are not permanently archived. Metadata (recipient, timestamp, status) is retained for operational and security purposes.

2.4 Payment Information

Transaction IDs and purchase history
Credit balance and usage history
Payment amount and timestamp

Note: Credit card details are processed and stored exclusively by Stripe. We never have access to your full credit card numbers.

2.5 Reply Data

When recipients reply to your messages:

Reply content and metadata are stored in your account inbox
Reply tokens linking conversations are maintained
Read/unread status is tracked

3. How We Use Your Information

3.1 Service Operation

Processing and delivering your messages
Managing your account and credits
Authenticating your identity
Enforcing rate limits and usage policies

3.2 Content Moderation

Screening messages using AI moderation (OpenAI API)
Preventing abuse, spam, and policy violations
Protecting recipients from harmful content

3.3 Security and Fraud Prevention

Detecting and preventing fraudulent activities
Investigating suspected violations of our Terms
Identifying patterns of abuse or misuse
Protecting against unauthorized access

3.4 Legal Compliance

Responding to legal requests (subpoenas, court orders)
Cooperating with law enforcement when legally required
Enforcing our Terms and Conditions

3.5 Service Improvement

Analyzing usage patterns and performance metrics
Improving content moderation accuracy
Enhancing user experience
Troubleshooting technical issues

4. Information Sharing and Disclosure

4.1 Third-Party Service Providers

We share limited data with trusted service providers:

Stripe: Payment processing (name, email, transaction amounts)
Mailgun: Email delivery infrastructure (recipient addresses, message content)
OpenAI: AI content moderation (message text only, no personal identifiers)

These providers are contractually obligated to protect your data and use it only for specified purposes.

4.2 Legal Requirements

We may disclose your information if required to:

Comply with valid legal processes (subpoenas, warrants, court orders)
Respond to government or law enforcement requests
Protect our rights, property, or safety
Prevent fraud, security breaches, or illegal activities
Enforce our Terms and Conditions

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. You will be notified via email of any such change.

4.4 Aggregate Data

We may share anonymized, aggregated statistics that do not identify individual users (e.g., "10,000 messages sent this month").

5. Data Retention

Account Data: Retained while your account is active and for 90 days after deletion
Message Content: Temporarily stored for delivery; not permanently archived after successful delivery
Message Metadata: Retained for 12 months for security and operational purposes
Technical Logs: Retained for 90 days
Payment Records: Retained for 7 years for tax and accounting compliance

6. Data Security

We implement industry-standard security measures:

SSL/TLS encryption for all data transmission
Encrypted password storage using bcrypt hashing
Encrypted message content at rest
Regular security audits and updates
Access controls and authentication requirements
Monitoring for suspicious activity

However, no method of electronic storage or transmission is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Your Privacy Rights

7.1 Access and Correction

You have the right to:

Access your account information through your profile page
Update your name, email, or password at any time
View your message history and credit balance

7.2 Data Deletion

You may request account deletion by contacting support@gentlemail.io. Upon deletion:

Your account and personal information will be permanently deleted within 30 days
Message metadata may be retained for up to 90 days for security purposes
Payment records will be retained for legal compliance (7 years)
Unused credits are forfeited without refund

7.3 Data Portability

You may request a copy of your data in a machine-readable format by emailing support@gentlemail.io.

7.4 Marketing Opt-Out

You may opt out of promotional emails by clicking "unsubscribe" in any marketing message. Transactional emails (receipts, security alerts) cannot be opted out of.

8. Cookies and Tracking

We use cookies and similar technologies:

Essential Cookies: Required for authentication and session management
Analytics: Google Analytics for usage statistics (anonymized)
Preference Cookies: Remember your settings and preferences

You can disable cookies in your browser settings, but this may limit Service functionality.

9. Third-Party Links

The Service may contain links to external websites. We are not responsible for the privacy practices of third-party sites. We encourage you to review their privacy policies.

10. Children's Privacy

GentleMail is not intended for users under 18 years of age. We do not knowingly collect information from children. If we discover that a child's information has been collected, we will delete it immediately.

11. International Users

The Service is operated in the United States. If you are accessing from outside the US, your information will be transferred to and processed in the United States, which may have different data protection laws than your country.

12. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

Right to know what personal information is collected
Right to delete personal information
Right to opt-out of data sales (we do not sell personal information)
Right to non-discrimination for exercising privacy rights

To exercise these rights, email privacy@gentlemail.io with "California Privacy Request" in the subject line.

13. European Privacy Rights (GDPR)

European users have rights under the General Data Protection Regulation:

Right of access to your personal data
Right to rectification of inaccurate data
Right to erasure ("right to be forgotten")
Right to restrict processing
Right to data portability
Right to object to processing

To exercise these rights, email privacy@gentlemail.io.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email at least 14 days before taking effect. Continued use of the Service after changes constitutes acceptance of the updated policy. The "Last Updated" date at the bottom indicates the most recent revision.

15. Contact Us

For privacy-related questions, concerns, or requests, contact us at:

Email: privacy@gentlemail.io
Support: support@gentlemail.io
Website: https://gentlemail.io

Last Updated: December 5, 2025
Effective Date: December 5, 2025