This is a plain-English summary of how Nexamail handles your data. We aim for clarity over legalese.
What we store
- Account information you provide (email, name, plan).
- The minimum email metadata needed to surface drafts, follow-ups, and reminders.
- AI memory you explicitly accept, which you can clear from Settings → Privacy at any time.
What we never do
- We never sell your data.
- We never use your emails to train AI models.
- We never send messages or accept calendar invites without your approval.
Your rights (GDPR, UK GDPR, CCPA)
- Access & export — download everything we hold from Settings → Privacy.
- Deletion — wipe your account and all associated rows from Settings → Privacy → Danger zone.
- Rectification — edit your profile and preferences any time.
- Portability — exports are provided in JSON and CSV.
Subprocessors
We use Supabase (database & auth), Cloudflare (edge delivery), Stripe (billing), and OpenAI / Google for AI inference. AI providers process prompts transiently and do not retain content for training under our enterprise terms.
Retention
Active account data is kept while your account is active. Deleted accounts are erased within 30 days. Backups roll off within 30 days.
Contact
Questions or requests: privacy@nexamail.ai