← Home

Privacy Policy

Last updated: March 21, 2026

1. Overview

This Privacy Policy applies to MailClarity (getmailclarity.com). MailClarity ("we", "our", "service") is a digital financial awareness platform available at getmailclarity.com. This privacy policy explains how we collect, use, and protect your personal data.

2. Email Connection and Access Method

MailClarity connects to your email account via the IMAP protocol, supported by providers including Gmail, Yahoo, iCloud, and Outlook. The connection requires your email address and an App Password issued by your email provider — we never request or store your main email password.

The IMAP connection is active only during the scan; it is closed immediately upon completion. Your credentials are stored in encrypted form for the duration of the session and are deleted when you sign out.

3. Data We Collect

MailClarity reads only the following data from your inbox:

• Email headers: Sender address (From), subject line (Subject), date (Date), List-Unsubscribe header
• Email opening lines (snippet): When a payment amount cannot be found in the subject line, the first approximately 500 characters of an email's plain-text body are read. This snippet is processed in memory solely to detect a charge amount and is never written to the database.
• Account identifier: Your email address, used for session management
• Scan results: Subscription and service classifications derived from headers and snippets

Data we do NOT read or store:

• Full email body text (beyond the first ~500 characters)
• Attachments
• Your main email password
• Credit card or banking information extracted from email content
• Your contacts
• Emails you have sent

4. Legal Basis for Data Processing

Your data is processed based on your explicit consent and for the performance of the service agreement. By connecting your email account via IMAP, you provide explicit consent for email analysis. You may withdraw consent at any time by signing out.

5. How We Use Data

We use the data read from your inbox solely for the following purposes:

• Identifying your active subscriptions and digital accounts
• Performing financial risk analysis (forgotten subscriptions, trial conversions)
• Extracting payment amounts from subject lines or opening lines
• Calculating inbox stress score and security score
• Sending weekly summary reports (optional)

We do not use your email data for advertising, profiling, resale, AI/ML model training, data brokerage, or any purpose other than providing MailClarity's user-facing features.

6. Data Storage and Retention

• Raw email headers and snippet content are not permanently stored. Only derived analytics and subscription classifications are retained for reporting purposes.
• Email snippet content (first ~500 characters) is processed in memory only and is never written to the database.
• The App Password is stored in encrypted form for the duration of the session and is deleted upon sign-out.
• Scan results and derived analytics are retained until the user requests deletion.
• All data is completely deleted within 30 days after an account deletion request.

7. Server Location and Hosting

Your data may be hosted on servers located in Turkey, the EU, or the USA. All data transfers are conducted over encrypted connections.

8. Data Sharing

We never sell, rent, or share your personal data with any third party.

Data may only be disclosed when required by law (court order, etc.).

9. Security

• All IMAP connections are encrypted with SSL/TLS (port 993)
• The App Password is stored in encrypted form in the session database
• The IMAP connection is active only during scanning and closed immediately upon completion
• Emails are fetched in PEEK mode — your emails are never marked as read by MailClarity
• Sensitive financial accounts are automatically protected by Security Shield
• Database access is restricted

10. Cookies

MailClarity uses essential cookies for session management. We do not use third-party tracking cookies. We do not use advertising cookies.

11. Account Disconnection and Data Deletion

You can terminate the IMAP connection and your session at any time by signing out of MailClarity. Upon sign-out, the stored App Password and session data are immediately deleted.

Users may request full data deletion at any time by contacting: support@getmailclarity.com

After an account deletion request, all data is completely deleted within 30 days.

12. Your Rights

Under GDPR and applicable data protection laws, you have the right to:

• Request access to your data
• Request correction of your data
• Request deletion of your data
• Object to data processing
• Request data portability

13. Changes

We may update this privacy policy from time to time. We will notify you by email of any significant changes.