Privacy Policy

Effective Date: 29-06-2025

Last Updated: 06-05-2026

1. Introduction

Welcome to Inbox Sweeper! This Chrome extension helps users manage their Gmail inbox by Extracting all unique email IDs, deleting all emails of selected email ID and exporting all unique email IDs list. We value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use and protect your information.

Privacy-First Design: All data processing is performed locally within your browser. We do not store your Gmail data on external servers.

2. Information We Collect

2.1 Data You Provide

When using Inbox Sweeper, you may grant access to your Gmail inbox through Google OAuth 2.0 authentication. We only access email metadata (sender email addresses, subject lines, and snippets) for filtering and organization purposes.

2.2 Automatically Collected Data

We use Google’s Gmail API to retrieve your emails but do not store them on any external servers. The extension stores necessary data locally on your browser (Chrome Storage API) for temporary usage.

3. How We Use Your Information

We use the collected data to:

• ✅ Allow users to Extract all unique email IDs, deleting all emails of selected email ID and export all unique email IDs list.
• ✅ Provide email management features within Gmail.
• ✅ Improve user experience and functionality.

We do not:

• ❌ Store or share your email data on external servers.
• ❌ Sell, trade, or rent your personal information.
• ❌ Read or modify your emails beyond the actions you initiate.

4. Data Storage and Security

All data is stored locally on your browser using Chrome Storage. We do not transfer data to third-party servers. Google manages OAuth authentication, ensuring a secure login process. Users can remove stored email data by clearing the extension’s local storage.

5. Third-Party Services

Inbox Sweeper integrates with Google Gmail API and OAuth authentication. By using this extension, you also agree to Google’s Privacy Policy and Terms of Service.

6. User Control & Data Deletion

Users can:

• Revoke Gmail access anytime from Google Security Settings.
• Uninstall the extension to remove all locally stored data.

7. Children's Privacy

Inbox Sweeper is not intended for children under 13. We do not knowingly collect data from minors.

8. AI/ML Model Training Privacy Policy Disclosure for Workspace APIs

8.1 Introduction

Inbox Sweeper respects user privacy and ensures compliance with Google's policies regarding AI/ML model training. This disclosure explains how our application interacts with Google Workspace APIs and whether user data is used for AI/ML model training.

8.2 No AI/ML Model Training with User Data

Inbox Sweeper does not use any user data obtained from Google Workspace APIs (such as Gmail API) for AI/ML model training. We strictly adhere to Google’s data policies and only access user data to provide the intended functionality of our extension.

8.3 How User Data is Used

We access user data solely for the following purposes:

• ✅ Extracting email lists within the user's Gmail inbox.
• ✅ Deleting selected emails upon user request.
• ✅ Exporting email lists as CSV file.

Important: All data processing is done in real-time and is not stored beyond the necessary duration to complete user actions.

8.4 Compliance with Google’s Policies

Inbox Sweeper complies with Google's Limited Use Policy, ensuring:

• No use of user data for advertising or AI/ML model training.
• No unauthorized data sharing with third parties.
• Secure handling of user data with OAuth 2.0 authentication.

9. Data Protection and Security

We take data protection seriously and have implemented industry-standard security measures to safeguard all user data, including any sensitive information.

Security Measures Include:

• Use of HTTPS encryption for all data transmission.
• OAuth 2.0 for secure authentication with Google APIs.
• Limited scope access — we only request the minimum necessary permissions needed to perform app functions.
• We do not store or share your personal or sensitive data on our servers.
• Access tokens are securely stored and automatically invalidated after session expiration.
• Internal access to sensitive information is limited to authorized personnel only and governed by strict confidentiality agreements.

We are committed to ensuring the confidentiality, integrity, and availability of your data and continually review and enhance our security practices to align with evolving standards.

10. WhatsApp Integration Privacy

Inbox Sweeper offers an optional feature that sends PDF versions of your latest Gmail messages directly to your verified WhatsApp number using the official WhatsApp Cloud API.

How it works:

• ✅ The extension captures the content of newly received Gmail messages using browser-rendered print view.
• ✅ It then converts the content into a PDF locally using tools like html2canvas and jsPDF.
• ✅ This PDF is transmitted to WhatsApp only after successful OTP-based verification of the user's mobile number.

Privacy Highlights:

• 🔒 Local Processing Only: The PDF is generated entirely within your browser—no email content or files are uploaded to our servers.
• 🔐 Token Security: WhatsApp API tokens are fetched securely through a Cloudflare Worker and never exposed to the frontend or stored in your browser.
• 📱 Number Verification: We verify your WhatsApp number using a secure 4-digit OTP system to prevent unauthorized access.
• 🛑 Opt-In Only: This feature is disabled by default. Users must explicitly enable it and verify their mobile number to activate it.

We do not retain any logs, files, or numbers related to WhatsApp transmission. Inbox Sweeper strictly follows WhatsApp and Meta API policies, and your messaging data is never used for analytics or third-party sharing.

11. Chrome Web Store – Privacy Practices Answers

• 🔹 Does your extension collect or use user data?
  ✔ Yes — only to provide core functionality
• 🔹 What data do you collect?
  ✔ Email addresses (senders)
  ✔ Email metadata (subject, snippet)
  ✔ User settings (local storage)
• 🔹 Is data transmitted off device?
  ❌ No (except when explicitly required for Gmail API or WhatsApp API actions initiated by user)
• 🔹 Is data sold or shared?
  ❌ No
• 🔹 Is data used for advertising?
  ❌ No
• 🔹 Is data used for AI/ML training?
  ❌ No
• 🔹 Where is data stored?
  ✔ Locally on user's device (Chrome Storage)
• 🔹 Is data encrypted?
  ✔ Yes (HTTPS + OAuth)
• 🔹 Does the extension track users?
  ❌ No tracking
• 🔹 Does it use remote code?
  ❌ No (confirm based on your implementation)
• 🔹 Does it collect personally identifiable information (PII)?
  ✔ Limited — only email addresses required for functionality

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Changes will be reflected in the Effective Date above.

13. Contact Us

For any questions or concerns regarding this Privacy Policy, please contact:

📧 Email: dogetpost@gmail.com