Privacy Policy

1. Who we are

MailguardAI-247 provides email security screening for Gmail and Microsoft 365 mailboxes. For privacy inquiries contact support@mailguardai247.com.

2. Information we collect

• Account data: sign-in email, display name, and avatar from your identity provider (Google or Microsoft via Auth0).
• Mailbox metadata: message identifiers, headers, labels/folders, sync cursors, and actions you take (allow, block, trust).
• Message content: subject, body snippets, attachments metadata, and links when needed for threat analysis, SafeView previews, and Mailguard Advisor.
• Billing data: plan tier and Stripe customer/subscription identifiers (payment cards are handled by Stripe, not stored on our servers).
• Usage and diagnostics: product events, API errors, and security logs to operate and improve the service.
• Consent records: timestamps and version for Terms and AI analysis consent.

3. How we use information

We do not sell your personal information. We do not use mailbox content for advertising or unrelated profiling.

• Screen incoming mail, quarantine or release messages, and show results in the Trust Center.
• Run automated checks and, when warranted, send content to Anthropic Claude Haiku for security analysis.
• Provide Mailguard Advisor responses within your plan quotas.
• Process subscriptions, trials, and upgrades through Stripe.
• Detect abuse, enforce fair-use limits, and protect platform integrity.
• Comply with law and respond to lawful requests.

4. AI processing

When you consent to AI email analysis, message content and metadata may be transmitted to Anthropic for Claude Haiku inference. Anthropic processes data under its own terms and data handling policies as our subprocessor.

We minimize content sent for analysis using deduplication, preprocessing, and tiered screening before invoking Haiku.

5. Service providers

Providers are bound by contractual obligations appropriate to their role and may only use data to deliver services to us.

• Auth0 — authentication and session management.
• Google Gmail API and Microsoft Graph — mailbox access when you connect those providers.
• Anthropic — AI security analysis (Claude Haiku).
• Stripe — payments and subscription management.
• Cloud hosting and database providers that run our API and web application.

6. Retention

Screened messages and related analysis are retained for up to seven (7) days in our journal, then deleted unless law requires longer retention.

Account settings, billing records, consent timestamps, and aggregated analytics may be kept longer for legal, accounting, and security purposes.

7. Security

We use encryption in transit (TLS), access controls, and least-privilege OAuth scopes. No method of transmission or storage is 100% secure; report concerns to support@mailguardai247.com.

8. Your choices and rights

• Disconnect mailboxes in Profile to stop new screening.
• Request account deletion through Profile danger zone or support.
• Depending on your location, you may have rights to access, correct, delete, or port personal data, or object to certain processing.
• You may withdraw AI analysis consent by disconnecting mailboxes and closing your account; withdrawal does not affect prior lawful processing.

9. International transfers

We and our subprocessors may process data in the United States and other countries. Where required, we rely on appropriate safeguards for cross-border transfers.

10. Children

MailguardAI is not directed to children under 18. We do not knowingly collect data from children.

11. Changes to this policy

We may update this Privacy Policy. Material changes will be noted by an updated effective date and, where required, renewed consent in the product.

12. Contact

Privacy questions: support@mailguardai247.com.