Back to Email Wrapped
Endflow Logo

Endflow Privacy & Data Protection Policy

Last updated: December 2024

Executive Summary

Endflow is an email intelligence tool that helps you understand your communication patterns. We take your privacy extremely seriously and operate on a "zero-storage" principle for sensitive data. We never store email contents or OAuth refresh tokens - all email processing happens in-memory only and is immediately discarded.

Data We Collect

We collect and process only the minimum data necessary to provide our service:

  • Basic Profile Information:
    • Email address (for account identification)
    • Display name (as provided by Google/Microsoft)
  • Required Email Metadata:
    • Email ID (unique identifier for each email)
    • Thread ID (for conversation tracking)
    • Date (timestamp of the email)
  • Optional Email Metadata: The following fields ARE NOT stored by default:
    • Subject lines (for categorization)
    • From address
    • To addresses
    • CC addresses
    • Email labels
    • Brief snippets
  • Generated Analytics:
    • Communication pattern insights
    • Email statistics (word count, email type classification)
    • Relationship analytics

Note: While we process full email contents to generate insights, we only permanently store the metadata listed above. All email body content is processed in-memory and immediately discarded.

What We Don't Store

To maintain maximum security and minimize risk, we explicitly DO NOT store:

  • Email Contents: The body/content of any emails is only processed in-memory and immediately discarded
  • Attachments: Email attachments are never stored or processed
  • OAuth Refresh Tokens: We use temporary access tokens only and never store refresh tokens
  • Passwords: We never have access to your email account passwords
  • Personal Contact Information: We don't collect or store phone numbers, addresses, or other personal contact details

AI/ML Training & Development Policy

We want to be explicitly clear about our stance on artificial intelligence and machine learning with regards to all email data, including both Google Workspace and Microsoft Outlook:

  • No AI/ML Training: We do not use any data obtained through Google Workspace APIs (including Gmail) or Microsoft Outlook APIs to develop, improve, or train generalized artificial intelligence (AI) or machine learning (ML) models. This applies to all email data processed through our service, regardless of the email provider
  • No Data Retention for AI: We do not retain or store any email contents, attachments, or sensitive data from any email provider that could be used for AI/ML training purposes. All sensitive data is processed transiently and immediately discarded
  • Limited Statistical Analysis: Our analysis is limited to computing basic statistics and metrics (such as word counts, email frequency, and response times) which are immediately associated with your account and not used for any broader AI/ML development or training purposes
  • Temporary Processing Only: Any processing of email content happens in-memory only, is immediately discarded after analysis, and is never used to train or improve AI/ML systems. This applies to all email processing, regardless of the source

While we may use secure cloud-based enterprise language models and embedding services to help analyze your emails, this processing:

  • Is Temporary: Happens transiently in-memory and is immediately discarded after generating your insights
  • Is One-Way: Uses existing models without contributing to or improving them in any way
  • Is Private: Occurs on secure enterprise infrastructure with strict data handling protocols

Our commitment: We will never use your data from Google Workspace APIs, Microsoft Outlook APIs, or any other email provider to train, develop, or improve AI/ML models. Any analysis we perform is strictly for providing you with personal insights about your own email usage patterns, and this data remains private to your account. We maintain strict data separation and ensure that no email content or sensitive data is retained or used for any purpose beyond generating your personal email analytics.

Email Access & Processing

Our email processing follows strict privacy-first principles:

  • Temporary Processing: All email content processing occurs in memory only and is immediately discarded after analysis
  • Minimal Storage: We only store anonymous patterns and metadata necessary for providing our service
  • No Content Retention: Email contents are never saved to disk or stored in any database
  • Secure Access: We use temporary access tokens that expire quickly and never store permanent access credentials

Google API Services User Data Policy

Our use and transfer of information received from Google APIs adheres to theGoogle API Services User Data Policy, including the Limited Use requirements.

  • Limited Use: We only use access to Gmail APIs to:
    • Provide our email intelligence and productivity features
    • Process emails for generating insights you've requested
    • Maintain and improve our service
  • Data Transfer: We do not transfer or sell your Gmail data to third parties
  • Advertising: We do not use your Gmail data for advertising purposes
  • Human Review: We do not store any sensitive data - emails or contents of emails (including attachments) are never stored. For statistics and associated email IDs, our employees may only access your data with your explicit consent, for security purposes, or when required by law.

Technical Security Measures

  • Encryption: Industry-standard encryption for our Database and API through Amazon Web Services, including AES-256-GCM for data at rest and TLS for data in transit
  • Infrastructure: Built on enterprise-grade cloud infrastructure with regular security updates
  • Access Controls: Strict role-based access control (RBAC) authentication and authorization controls with secure session management including principle of least privilege
  • Data Protection: Email content is processed in-memory only and never stored permanently
  • Monitoring: 24/7 security monitoring and automated threat detection

Data Processing & Retention

  • Email Processing: All email processing occurs in isolated, ephemeral containers
  • Memory Management: Strict memory cleanup procedures after processing
  • Retention Period: Insights data retained for until account deletion
  • Data Location: All processing occurs in US-based data centers

Data Retention & Deletion

We maintain clear policies around how long we keep your data and how you can request its deletion:

  • Retention Period: We store your personal information only for as long as necessary to:
    • Provide our email intelligence and automation services to you
    • Comply with our legal obligations
    • Resolve any disputes
    • Enforce our agreements
  • Data Categories & Retention:
    • Account Information: Retained until account deletion
    • Email ID, Thread ID, and Date: Retained until account deletion
    • Generated Analytics: Retained until account deletion
    • Email Contents: Never stored - processed in-memory only
  • Automatic Deletion: When the retention period expires or you delete your account:
    • All your personal data is permanently deleted
    • Email metadata and analytics are purged from our systems
    • Account information is completely removed
  • Requesting Deletion: You can request deletion of your data in several ways:
    • Through the Settings page in your account dashboard
    • By emailing privacy@endflow.com
    • By revoking access through your Google Account settings
  • Deletion Timeline: Upon receiving a deletion request:
    • We begin the deletion process immediately

Note: Even after deletion, some minimal records may be retained if required by law or for legitimate business purposes, such as preventing fraud or ensuring security. These records are strictly limited and do not include email contents or personal information.

Compliance & Certifications

  • GDPR compliant data processing procedures
  • CCPA (California Consumer Privacy Act) compliant
  • Regular third-party security assessments
  • OAuth 2.0 certified application

User Rights & Controls

  • Data Access: Request your data export within 48 hours
  • Data Deletion: Immediate account deletion with data purge in the settings
  • Permission Control: Granular control over what data we can analyze
  • Transparency: Access to detailed logs of how your data is used
  • OAuth Scope: You can review and modify Gmail access permissions at any time in yourGoogle Account Settings
  • Data Retention: You can request complete deletion of your data at any time through our settings page
  • Access Request: You can request a copy of all data we hold about you
  • Service Emails: We may send you essential service-related emails even if you opt out of other communications

Third-Party Access

We do not share, sell, or provide access to your data with any third parties. The only exceptions are:

  • When legally required by valid court order
  • With explicit user consent for specific integrations
  • Essential service providers (e.g., cloud infrastructure) bound by strict DPAs

Incident Response

  • Dedicated security incident response team
  • 72-hour notification guarantee for security incidents
  • Regular incident response drills and updates
  • Transparent post-mortem reports for any incidents

Contact & Support

Privacy Questions:security@endflow.com
Data Requests:contact@endflow.com
Other Concerns:support@endflow.com

Address: 2261 Market St, San Francisco, California, 94114, United States