Privacy Policy

Introduction

Welcome to Sumletter. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our newsletter summarization service.

Sumletter is a service that connects to your Gmail account to automatically identify newsletters, extract key insights, and present them as concise, digestible summaries in a card-based interface.

Information We Collect

Gmail Data

• Email Content: We access and process newsletters in your Gmail inbox to extract content for summarization
• Email Metadata: Sender information, subject lines, dates, and other metadata to identify and categorize newsletters
• Email Headers: Technical information needed to properly parse and process newsletter content

Account Information

• Google Account Details: Basic profile information (name, email address) obtained through OAuth authentication
• Authentication Tokens: Secure tokens that allow us to access your Gmail account with your permission

Usage Data

• App Usage: How you interact with summaries, card preferences, and app features
• Processing History: Records of which newsletters have been processed to avoid duplicates
• User Preferences: Settings for summary length, filtering preferences, and customization options

How We Use Your Information

Core Service Functionality

• Newsletter Identification: Automatically detect newsletters in your Gmail inbox using sender patterns and subscription indicators
• Content Summarization: Process newsletter content through AI models to generate concise, relevant summaries
• Card Generation: Create digestible cards from summarized content for easy browsing
• Personalization: Customize your experience based on your preferences and usage patterns

Service Improvement

• Quality Enhancement: Improve summarization accuracy and relevance
• Feature Development: Develop new features based on usage patterns and user feedback
• Performance Optimization: Optimize processing speed and reliability

Data Security and Storage

Security Measures

• OAuth Authentication: Secure, industry-standard authentication that doesn't require storing your Gmail password
• Encrypted Transmission: All data is transmitted using secure HTTPS connections
• Limited Access: We only access newsletters and related metadata, not your entire email inbox
• Secure Processing: Newsletter content is processed securely and temporarily for summarization

Data Storage

• Minimal Retention: We store only the generated summaries and essential metadata, not full newsletter content
• Secure Infrastructure: Data is stored on secure, encrypted servers with regular security updates
• Processing Records: We maintain records of processed newsletters to avoid duplicate processing

Data Sharing and Third Parties

AI Processing Services

• Summarization AI: Newsletter content is processed by third-party AI models for summarization
• Data Protection: AI providers are bound by strict data protection agreements and do not retain your content
• Anonymized Processing: Content is processed without identifying information when possible

What We Don't Share

• We do not sell your personal information or newsletter content to third parties
• We do not share your data with advertisers or marketing companies
• We do not use your newsletter content for purposes other than providing our summarization service
• We do not access emails outside of newsletters and related content

Your Rights and Controls

Access and Control

• Gmail Access Control: You can revoke Sumletter's access to your Gmail account at any time through your Google Account settings
• Data Export: Request a copy of your summarized content and app data
• Data Deletion: Request deletion of your account and associated data
• Processing Control: Choose which types of newsletters to process and summarize

Subscription and Quota Management

• Free Tier Limits: Free users can process up to 5 newsletters per day
• Pro Tier Benefits: Pro subscribers can process up to 20 newsletters per day with additional features
• Usage Tracking: We track your daily usage to enforce fair use policies

Data Retention

Retention Periods

• Active Accounts: Summary data is retained while your account is active
• Inactive Accounts: Data may be deleted after 12 months of inactivity
• Account Deletion: All data is permanently deleted within 30 days of account closure
• Processing Records: Email processing records are retained for 90 days to prevent duplicate processing

Cookies and Tracking

Essential Cookies

• Authentication: Cookies necessary to maintain your login session
• Preferences: Store your app settings and preferences
• Security: Protect against fraudulent activity and maintain security

Analytics

• Usage Analytics: Anonymous data about app usage to improve our service
• Performance Monitoring: Track app performance and identify issues
• No Personal Content: Analytics do not include newsletter content or personal information

International Data Transfers

Your data may be processed and stored in countries other than your own. We ensure that all international data transfers comply with applicable privacy laws and are protected by appropriate safeguards.

Children's Privacy

Sumletter is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to us, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes by:

• Posting the updated policy on our website
• Sending an email notification to registered users
• Displaying a notice in the app

Your continued use of Sumletter after changes take effect constitutes acceptance of the updated Privacy Policy.

Legal Compliance

GDPR (European Union)

For users in the European Union, we comply with GDPR requirements:

• Lawful basis for processing personal data
• Right to access, rectify, and erase personal data
• Right to data portability
• Right to object to processing
• Data protection by design and by default

CCPA (California)

For California residents, we comply with CCPA requirements:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of the sale of personal information (we don't sell data)
• Right to non-discrimination for exercising privacy rights

Contact Information

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your privacy rights, please contact us: