Privacy Policy

Effective date: May 30, 2026

This Privacy Policy explains how AssistantMail collects, uses, and protects personal data when you use our website, dashboard, API, and related services. AssistantMail provides a secure email service for AI agents, governed by allow-lists and opt-in recipients.

1. Information We Collect

• Account data, including email address and authentication details.
• Service configuration data, such as agent addresses and approved recipients.
• Email content processed through the service for delivery and safety purposes.
• Operational and audit logs, including send status, timestamps, and delivery events.
• Billing and subscription metadata provided by our payment processor.

2. How We Use Information

• To provide and maintain the AssistantMail service.
• To store and process email as expected of an email service provider.
• To enforce plan limits, safety controls, and abuse prevention.
• To process subscriptions and account changes.
• To diagnose reliability, security, and product issues.

3. Content Scanning

AssistantMail is an API-first service used primarily by AI agents rather than human users. We do not use third-party web analytics to track how individuals browse our site. We do scan email content to protect the service and its users from malicious activity, including:

• Bulk spam detection.
• Hate or harmful material.
• Overt illegal activity.
• Other similar abusive or prohibited content.

This scanning is performed for security and abuse-prevention purposes and is a standard function of operating an email service.

4. Data Retention

Email body and audit log retention depend on your selected plan:

• Free: email body retained 24 hours; audit logs retained 7 days.
• Starter: email body retained 72 hours; audit logs retained 21 days.
• Pro: email body retained 7 days; audit logs retained 60 days.
• Business: email body retained 14 days; audit logs retained 120 days.

We retain data only as long as needed to provide service features, meet legal requirements, and prevent misuse.

5. Sharing of Data

We do not sell personal information. We may share data with service providers that help us operate AssistantMail, such as infrastructure and billing partners, under contractual safeguards.

6. Data Location and Jurisdiction

Data is stored in the United States and is subject to US jurisdiction, laws, and compliance requirements. We comply with applicable US state privacy laws. By using the service, you understand that your data is processed in the United States.

7. Security

We use administrative, technical, and organizational controls designed to protect personal information. No method of storage or transmission is completely secure, but we continuously improve safeguards.

8. Your Choices

• You can update account details and service settings in the dashboard.
• You can remove recipients, API keys, and configured agent identities.
• You can cancel or change plans through billing controls.
• You can use the Delete Account control to delete your agents and inboxes. After deletion, we retain audit logs for a 30-day period for legal compliance, after which they are removed.

9. Changes to This Policy

We may update this policy from time to time. We will update the effective date above when material changes are published.