Mailgrip stores the minimum amount of data required to provide service, and only shares it with third parties when necessary to provide additional functionality.
To facilitate login, your email address is stored. Your password is hashed (not stored in plain text) using bcrypt. The date and time of your most recent log-in is also stored.
The contents of emails sent to your Mailgrip inboxes are stored, along with their metadata (headers, senders, additional recipients, etc).
Fly.io provides web hosting services for Mailgrip. The data stored (per above) resides on Fly.io's servers in Colorado, USA.
Amazon Web Services processes emails received to your Mailgrip inboxes in the us-east-1 (North Virginia, USA) region.
If you have Summarization enabled for an inbox, plain text contents of your messages are shared with OpenAI for processing. Only the message contents of an email are shared. Your details, the sender's details, and other metadata associated to the email (headers, timestamps, etc) are not shared.
Disabling Summarization for an inbox will immediately stop sending message contents to OpenAI.
Anonymised operational logs from Mailgrip's servers are shared with Grafana Labs and Honeybadger. These logs don't include any personally identifiable information, but may include a reference to your Mailgrip user ID for purposes of debugging issues with the system.
Anonymised analytics for visits to mailgrip.io are captured with Plausible Analytics. Your IP address does not get stored, and your browser's "Do Not Track" settings are respected. For more info see Plausible's data policy.
Only one cookie is set on your browser: a session identifier to keep you logged in to Mailgrip. You may delete this at any time using your browser's settings (note that doing so will log you out of Mailgrip).
If at any stage you wish to delete your account and all its data, send me a request to: firstname.lastname@example.org.