Back to Home

Privacy Policy

Last updated: January 1, 2025

1. Introduction

Serious Email ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Gmail paywall/whitelist service.

2. Information We Collect

2.1 Information You Provide

  • Google account information (name, email address)
  • Gmail access tokens for authentication
  • Whitelist preferences and settings
  • Bypass passwords you create

2.2 Information We Access from Gmail

  • Email metadata (sender, recipient, subject, date)
  • Email headers for processing
  • Contact information from your Gmail contacts
  • Email count statistics for contacts during signup

2.3 Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers or other sensitive payment information on our servers.

3. How We Use Your Information

We use your information to:

  • Provide and maintain our email filtering service
  • Process incoming emails according to your whitelist settings
  • Send payment requests to non-whitelisted senders
  • Process payments and deliver held emails
  • Count sent/received emails during initial setup
  • Respond to your requests and support inquiries
  • Improve our service and develop new features

4. Gmail Data Usage and Sharing

Our use of information received from Gmail APIs adheres to Google's Limited Use requirements:

  • We only access the minimum Gmail data necessary to provide our service
  • We do not sell, share, or transfer your Gmail data to third parties
  • We do not use Gmail data for advertising purposes
  • We do not allow humans to read your email content (processing is automated)

4.1 Google User Data Disclosure

We explicitly do NOT share, transfer, or disclose your Google user data (including Gmail data, contacts, and authentication information) with any third parties, except in the following limited circumstances:

  • With your explicit consent: Only when you specifically authorize us to share data
  • For legal compliance: When required by law, subpoena, or other legal process
  • To protect rights and safety: When necessary to protect our rights, property, or safety, or that of our users or the public
  • Service providers under strict confidentiality: Limited data may be processed by our infrastructure providers (hosting, database) who are contractually bound to maintain confidentiality and cannot use this data for any other purpose

Important: We never share your Google user data for marketing, advertising, or data brokerage purposes. Your Gmail content, contacts, and authentication tokens remain private and are used solely to provide the Serious Email service to you.

5. Data Storage and Security

We implement appropriate technical and organizational measures to protect your data:

  • Data is encrypted in transit using TLS/SSL
  • Access tokens are securely stored and encrypted
  • We use secure cloud infrastructure providers
  • Access to user data is restricted to authorized personnel only
  • We regularly review and update our security practices

6. Third-Party Services and Data Sharing

We use the following third-party services and here's what data we share with each:

  • Google: For Gmail access and OAuth authentication
    • We receive your Gmail data through Google's APIs but do NOT send any of your data back to Google except for standard OAuth authentication
    • Google can see that you've authorized our app but does not receive any of your Serious Email usage data
  • Stripe: For payment processing
    • We share only the email address of the sender making a payment
    • We do NOT share any of your Google/Gmail data with Stripe
    • Payment information is handled directly by Stripe; we never see credit card details
  • Cloud Infrastructure (Hosting Providers): For hosting and data storage
    • Your encrypted data is stored on our secure cloud servers
    • Infrastructure providers cannot access your data content due to encryption
    • These providers are bound by strict confidentiality agreements

Key Point: Your Google user data (Gmail content, contacts, etc.) is NEVER shared with any third-party services except our infrastructure providers who store encrypted data. These services have their own privacy policies, and we encourage you to review them.

7. Data Retention

We retain your data only as long as necessary to provide our service:

  • Account data is retained while your account is active
  • Email processing logs are retained for 90 days
  • Payment records are retained as required by law
  • You can request deletion of your data at any time

8. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Revoke Gmail access at any time
  • Opt out of non-essential data processing

9. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date and, where appropriate, through email notification.

12. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

Email: privacy@seriousemail.com
Website: https://seriousemail.com

13. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect and the right to request deletion of your information.

14. European Privacy Rights

If you are in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the right to data portability and the right to object to certain processing.