Legal

Privacy Policy

We believe privacy is a right, not a feature. This page explains exactly what we access, what we don't, and how we protect your information.

Last updated: February 2026

The short version

  • We only read email metadata — subject, sender, date, size, labels.
  • We never read or store your email body content or attachments.
  • We never sell your data to anyone, ever.
  • You can revoke our access instantly at any time from Google settings.

1. Who We Are

CleanInbox ("we," "us," or "our") is an email management service that helps users scan their Gmail inboxes, categorize emails by type and size, and safely delete unwanted messages. Our service is available at app.cleaninbox.cc.

If you have questions about this policy, contact us at [email protected].

2. What Data We Access

To provide our service, we request access to your Gmail account via Google OAuth 2.0. We access only the minimum data necessary to perform email scanning and categorization.

Email metadata we access:

  • Email subject lines
  • Sender email addresses and display names
  • Email dates and timestamps
  • Email size (in bytes)
  • Gmail labels (e.g., Promotions, Social, Inbox)
  • Email thread IDs and message IDs (for identification only)
  • Email headers used for categorization (e.g., List-Unsubscribe, Precedence)

Google API scopes we request:

  • gmail.modify — to read email metadata for scanning and categorization, and to move emails to Trash when you request deletion
  • drive.metadata.readonly — to display your Google storage usage (how much space is used vs. available)
  • userinfo.email and userinfo.profile — to display your name and email in the app

3. What We Never Access

We are explicit about what we do not do, because trust requires clarity.

  • We never read the body content of any email
  • We never open, download, or inspect email attachments
  • We never access files in Google Drive, Docs, Calendar, or other Workspace apps (we only read your storage quota from the Drive API)
  • We never access your Google contacts
  • We never request or store your Google account password
  • We never access your Google account profile beyond your name and email address (used for display purposes only)

4. How We Use Your Data

The data we access is used solely to provide the CleanInbox service to you. Specifically:

  • Scanning: We query Gmail API to retrieve email metadata and count, size, and categorize messages.
  • Categorization: We analyze metadata (labels, headers, sender patterns) to group emails into categories like Newsletters, Promotions, Large Attachments, and Social.
  • Deletion: When you choose to delete emails, we call the Gmail API to move those specific message IDs to Trash (or permanently delete, if you explicitly choose that option).
  • Session state: We store a minimal server-side session to keep you logged in. This includes your display name, email, and scan settings. Your session expires automatically after 24 hours.
  • Storage display: We query the Google Drive API to show how much of your Google storage is used. We only read the quota — we never access your Drive files.

We do not use your email data to train machine learning models, build advertising profiles, or for any purpose other than the direct delivery of the CleanInbox service.

5. Data Retention

We retain as little data as possible and for the shortest time necessary.

  • Scan results are cached on our server for the duration of your active session. They are discarded when you log out or your session expires (24 hours maximum).
  • OAuth tokens are encrypted at rest using AES-256 (Fernet) and stored in our database. When you log out or revoke access, they are deleted.
  • Email metadata is retrieved on-demand from Gmail for display during your session. It is not stored permanently beyond the session cache.
  • Account data includes your email address, display name, and subscription tier. This is stored as long as your account exists.
  • Log files may capture anonymized request metadata (timestamps, error types) for operational purposes. These do not contain email content or personal identifiers.

6. Third-Party Services

We do not sell, rent, or share your personal data or email metadata with any third parties for any commercial purpose.

The third-party services we use are:

  • Google Gmail & Drive APIs — we query Gmail and Drive on your behalf, using the OAuth token you granted. Google's privacy practices are governed by Google's Privacy Policy.
  • Stripe — our payment processor for subscriptions. Stripe receives your email address to create a customer record and process payments. Stripe does not receive any email metadata or scan data. Stripe's privacy practices are governed by Stripe's Privacy Policy.

We may use infrastructure providers (hosting, CDN) to operate the service. These providers process data only as necessary to deliver our service and are bound by appropriate data processing agreements.

7. Security

We take the security of your data seriously:

  • All communication between your browser and our servers is encrypted via TLS/HTTPS.
  • OAuth tokens are encrypted at rest using Fernet (AES-256-CBC with HMAC) before being stored in our database. They are decrypted only when needed to make API calls on your behalf.
  • Sessions use cryptographically random tokens stored in HTTP-only, Secure, SameSite cookies.
  • We do not store credentials, tokens, or sensitive data in plaintext anywhere in our system.
  • We follow the principle of least privilege — requesting only the OAuth scopes necessary for the service to function.

8. Your Rights

You have full control over your data and our access to your account:

  • Revoke access: You can instantly revoke CleanInbox's access to your Gmail at any time by visiting myaccount.google.com/permissions and removing CleanInbox. This immediately invalidates our OAuth token.
  • Log out: Logging out of CleanInbox deletes your session cookie and all in-memory scan data.
  • Data deletion request: To request deletion of any data we may hold, email us at [email protected]. Given our stateless design, there is typically no persistent data to delete, but we will investigate and confirm within 30 days.
  • Access request: You may request a summary of any data we hold about you by emailing [email protected].

9. GDPR Compliance (EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

  • Legal basis: We process your data based on your explicit consent, which you provide by connecting your Google account through OAuth.
  • Right to erasure: You may request deletion of your personal data at any time.
  • Right to portability: You may request a copy of your data in a portable format.
  • Right to object: You may object to processing of your personal data at any time by revoking OAuth access.
  • Right to rectification: If we hold inaccurate data about you, you may request correction.
  • Right to restrict processing: You may request that we restrict processing of your data.

To exercise any of these rights, contact [email protected]. We will respond within 30 days.

10. Children's Privacy

CleanInbox is not directed at individuals under the age of 13. We do not knowingly collect personal data from children. If you believe we have inadvertently collected information from a child, please contact us immediately at [email protected].

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of the service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We aim to respond to all privacy-related inquiries within 5 business days.