Table of Contents
Introduction
Reply Assistant for Gmail ("we," "our," or "the Extension") is committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your information. This Privacy Policy explains our data practices when you use our Gmail extension that provides AI-powered email reply suggestions.
Information We Collect
Email Content Processing
- Email Content: When you click the "AI Reply" button, we temporarily process the content of the email you're replying to in order to generate contextually appropriate responses
- Tone Preferences: Your selected tone preferences (Professional, Friendly, Casual, Concise, Apologetic) are stored locally in your browser using Chrome's storage API
- Generated Responses: AI-generated reply suggestions are created in real-time and are not stored on our servers
Information We Do NOT Collect
- Personal Identification: We do not collect names, email addresses, phone numbers, or other personal identifiers
- Email Metadata: We do not access or store email headers, sender information, recipient lists, or timestamps
- Gmail Account Data: We do not access your Gmail contacts, folders, labels, or account settings
- Browsing History: We do not track your browsing activities outside of Gmail
- Authentication Credentials: We do not store your Gmail login credentials or OAuth tokens
How We Use Your Information
Primary Functions
- AI Reply Generation: Email content is sent to our secure backend service powered by Google's Gemini AI to generate contextually appropriate replies
- Tone Customization: Your tone preferences are used to customize the style of generated replies
- Extension Functionality: Technical data helps us maintain and improve the extension's performance
Data Processing Flow
- You click "AI Reply" button in Gmail compose window
- Email content is temporarily extracted and sent to our backend service
- Our service uses Google's Gemini AI API to generate a reply
- The generated reply is returned to your browser and inserted into the compose window
- Email content is immediately discarded from our servers after processing
Data Storage and Retention
Local Storage
- Tone Preferences: Stored locally in your browser using Chrome's storage API
- Extension Settings: Cached locally for improved performance
- No Personal Data: No personal information is stored locally
Server-Side Processing
- Temporary Processing: Email content is processed in real-time and immediately discarded
- No Data Retention: We do not store or retain any email content, generated replies, or user data on our servers
- Processing Time: Data exists on our servers only for the duration of the AI generation request (typically 1-3 seconds)
Third-Party Services
Google Gemini AI
- Service Provider: Google LLC
- Purpose: AI-powered email reply generation
- Data Shared: Email content and tone preferences are sent to Google's Gemini AI API
- Privacy Policy: Google's Privacy Policy
- Data Processing: Google processes your email content according to their AI service terms and privacy policies
Railway (Hosting)
- Service Provider: Railway Corp
- Purpose: Backend infrastructure hosting
- Data Shared: Email content passes through Railway's infrastructure during processing
- Privacy Policy: Railway's Privacy Policy
Your Rights and Controls
Data Control
- Opt-Out: You can stop using the extension at any time by disabling or uninstalling it
- Tone Preferences: You can change or reset your tone preferences at any time through the extension interface
- No Account Required: The extension works without creating an account or providing personal information
Browser Permissions
The extension requests only the minimum necessary permissions:
- Active Tab: To access the current Gmail tab when you're composing an email
- Storage: To save your tone preferences locally in your browser
- Host Permissions: To communicate with our backend service for AI reply generation
Data Security
Technical Safeguards
- HTTPS Encryption: All data transmission between your browser and our servers uses HTTPS encryption
- Secure Backend: Our backend service is hosted on Railway with industry-standard security measures
- No Data Persistence: Email content is processed in memory and never written to disk or databases
- Limited Access: Only authorized system processes can access data during the brief processing period
Data Transmission Security
- Encrypted Communication: All API requests use TLS 1.2+ encryption
- Secure Endpoints: Our backend API endpoints are secured and authenticated
- No Data Logging: Email content is not logged or stored in any server logs
Children's Privacy
This extension is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us immediately.
International Data Transfers
- Google Gemini AI: Your email content may be processed by Google's AI services, which may involve international data transfers subject to Google's privacy policies
- Railway Hosting: Our backend infrastructure is hosted on Railway's servers, which may be located in different jurisdictions
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will:
- Notify Users: Post the updated policy in the extension and update the "Last Updated" date
- Significant Changes: For material changes, we will provide additional notice through the extension interface
- Continued Use: Your continued use of the extension after changes constitutes acceptance of the updated policy
Contact Information
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
- Developer: Lucky Garg
- Email: garg.lucky1810@gmail.com
- Subject Line: Privacy Policy - Reply Assistant for Gmail
- Response Time: We aim to respond to privacy inquiries within 7 business days
Legal Compliance
This extension and our data practices comply with:
- Chrome Web Store Policies: Google's developer policies and privacy requirements
- General Data Protection Regulation (GDPR): For users in the European Union
- California Consumer Privacy Act (CCPA): For users in California
- Other Applicable Laws: Regional privacy laws where users are located
Data Minimization Principle
We follow the principle of data minimization by:
- Collecting Only Necessary Data: We only process email content when you explicitly request AI reply generation
- Temporary Processing: Data is processed only for the time needed to generate replies
- No Data Hoarding: We do not retain data for secondary purposes or future use
- User Control: You maintain full control over when and how your data is processed
Transparency Report
We are committed to transparency about our data practices:
- No Government Requests: We have not received any government requests for user data
- No Data Breaches: We have not experienced any data breaches since our launch
- No Data Sales: We do not sell, rent, or share user data with third parties for marketing purposes