Privacy Policy

Maildriply (“we”, “us”) is operated by Maildriply. Questions about this policy can be sent to support@maildriply.com.

This policy describes how Maildriply accesses, uses, stores, shares, and deletes your information when you use the web dashboard, API, or optional Chrome extension. It applies in addition to the Google API Services User Data Policy, which governs information we receive from Google APIs.

3.1 Account information

• Your email address and Google subject ID, obtained when you sign in with Google through Supabase Auth.
• A long-lived Google OAuth refresh token, which we store encrypted at rest and use only to send mail on your behalf.
• The scopes you granted to Maildriply (we only ever request gmail.send, openid, email, and profile).

3.2 Content you create

• Email drafts, subject lines, HTML/text bodies, sender names, and reply-to addresses you compose in Maildriply.
• Reusable templates you save.
• Recipient email addresses you upload or paste into a campaign.

3.3 Engagement and operational data

• Open, click, and unsubscribe events generated when recipients interact with mail sent through Maildriply. We store the IP address and user-agent string of those requests strictly for fraud detection and to filter bot/proxy noise.
• Send logs (timestamp, latency, Gmail provider status code, attempt count) used for retries and debugging.
• Standard server logs of your API requests (method, path, status, duration). We do not log authentication tokens, encrypted secrets, or message bodies.
• Limited browser telemetry through Datadog Real User Monitoring (page views, errors, performance metrics) tied to your user ID.

Information received from Google APIs is used exclusively for the user-facing features of Maildriply:

• Sending the emails you compose via the Gmail API users.messages.send endpoint.
• Displaying which Gmail address is currently connected to your account.
• Maintaining the OAuth refresh token so that future sends do not require you to re-authenticate.

We do not:

• Read your Gmail inbox. The gmail.send scope does not grant read access — technically and contractually we cannot see your messages.
• Transfer Google user data to others except as needed to provide or improve user-facing features, comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to users.
• Use Google user data to serve advertisements, including retargeted, personalized, or interest-based advertising.
• Allow humans to read your data unless we have your affirmative agreement for specific messages, it is necessary for security purposes (e.g. investigating abuse), to comply with applicable law, or the data has been aggregated and anonymized to satisfy internal operations.

Where the GDPR or similar laws apply, we process your data under the following bases: (a) contract, to provide the service you signed up for; (b) legitimate interests, for service security, abuse prevention, and aggregate analytics; (c) consent, for optional features such as the Chrome extension; and (d) legal obligation, where applicable.

• Encryption at rest: Google OAuth refresh tokens are sealed with AES-256-GCM before being written to the database. Only the running application can decrypt them, using an environment-scoped key.
• Encryption in transit: All API and dashboard traffic uses TLS 1.2+. The tracking host uses TLS as well.
• Token integrity: Open, click, and unsubscribe tokens embedded in emails are HMAC-SHA256 signed and verified with a timing-safe comparison so they cannot be tampered with or forged.
• Click safety: Tracking URLs only redirect to destinations we recorded at send time. They cannot be made to point anywhere else (no open-redirect risk).
• Access control: Every API call is authenticated with a Supabase-issued JWT and scoped to the requesting user.
• Hosting: Production infrastructure runs on Heroku (US), Supabase (US/EU), Vercel (global CDN), and Upstash Redis. These sub-processors are bound by their own DPAs.

We rely on the following sub-processors to operate the service. We share only the minimum data each needs to perform its function.

• Google LLC — OAuth, Gmail API for sending.
• Supabase, Inc. — authentication, Postgres database hosting.
• Salesforce / Heroku — backend application hosting.
• Vercel, Inc. — dashboard + marketing hosting and CDN.
• Upstash, Inc. — Redis for asynchronous send queue.
• Datadog, Inc. — application logs and real-user monitoring.

• Account data: retained while your account is active. On deletion, removed within 30 days from primary systems and within 90 days from backups.
• Email content and recipient lists: retained as long as you keep them, or until you delete the campaign or your account.
• Open / click / unsubscribe events: retained for the lifetime of the parent campaign; deleted when the campaign or account is deleted.
• Server logs: rotated within 30 days.

You can delete your data in two ways:

1. In product: Settings → “Delete account & data”. This revokes our OAuth grant at Google, permanently removes every row we hold about you (account, Gmail connection, templates, campaigns, recipients, links, send logs, tracking events), and signs you out.
2. Revoke our access at Google: visit myaccount.google.com/permissions, find Maildriply, and remove it. Subsequent send attempts from Maildriply will fail because the refresh token is invalid. You can additionally email us at support@maildriply.com requesting full deletion of any associated data.

For more detail see our data deletion page.

Subject to applicable law, you have the right to access, correct, export, restrict processing of, or delete your personal information, and to object to processing or withdraw consent. Email support@maildriply.com with your request and we will respond within 30 days.

Maildriply primarily processes data in the United States. If you access the service from another region, you understand that your data may be transferred to and processed in jurisdictions whose data protection laws may differ. We rely on standard contractual clauses with our sub-processors where applicable.

Maildriply is not directed to children under 13 (or 16 in the EEA). We do not knowingly collect data from children. Contact us if you believe a child has provided us with personal information and we will delete it.

We may update this policy from time to time. Material changes will be announced in the dashboard and, where required, by email. The version and effective date at the top of this page always reflect the current text.

For any privacy question, exercise of rights, or data deletion request, email support@maildriply.com.