Privacy Policy

1. Introduction

Welcome to naavu.dev ("we," "our," or "us"). We are committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy explains how we collect, use, store, and protect your information when you use our email management service.

By using naavu.dev, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

• Account Information: When you sign up using Google OAuth, we collect your name, email address, and profile information provided by Google.
• Gmail Access Credentials: OAuth 2.0 access tokens and refresh tokens to access your Gmail account on your behalf.

2.2 Information We Access from Your Gmail

• Email Metadata: Sender information, subject lines, dates, and labels for emails you choose to search and manage.
• Email Content: We access email content only when you explicitly search for specific keywords or perform cleanup operations.
• Filter Information: Details about Gmail filters you create through our service.

2.3 Automatically Collected Information

• Usage Data: Information about how you use our service, including cleanup history and filter creation records.
• Log Data: IP addresses, browser type, pages visited, and timestamps for security and troubleshooting purposes.

3. How We Use Your Information

We use the collected information for the following purposes:

• Service Provision: To provide, maintain, and improve our email cleanup and management features.
• Gmail Operations: To search, filter, delete, and manage emails in your Gmail account based on your explicit instructions.
• Filter Management: To create, modify, and track Gmail filters you request through our service.
• Account Management: To authenticate your identity and manage your account.
• Communication: To send you service-related notifications, updates, and security alerts.
• Security: To monitor and prevent fraudulent activity and ensure the security of our service.
• Analytics: To understand how users interact with our service and improve user experience.

Important: We do NOT read, store, or use your email content for any purpose other than the specific operations you request (search, delete, filter creation).

4. How We Store Your Information

• Secure Database: All user data is stored in encrypted PostgreSQL databases with industry-standard security measures.
• OAuth Tokens: Gmail access tokens are encrypted and stored securely. We never store your Google password.
• No Email Storage: We do not store the content of your emails on our servers. We only access emails temporarily during operations you initiate.
• History Records: We maintain records of cleanup operations and filter creations for your reference, which include metadata only (not email content).

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• With Your Consent: When you explicitly authorize us to share specific information.
• Service Providers: With trusted third-party service providers who assist in operating our service (e.g., hosting providers), under strict confidentiality agreements.
• Legal Requirements: When required by law, court order, or governmental authority.
• Protection of Rights: To protect our rights, property, or safety, or that of our users or the public.

We never share your email content or Gmail data with any third parties for marketing or advertising purposes.

6. Google API Services User Data Policy

Our use of information received from Gmail APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we:

• Only request access to Gmail data necessary for our email management features
• Use Gmail data solely to provide and improve our email cleanup service
• Do not transfer Gmail data to others unless necessary to provide our service, comply with law, or with your explicit consent
• Do not use Gmail data for serving advertisements
• Do not allow humans to read Gmail data unless we have your explicit consent, it's necessary for security purposes, or to comply with law

7. Your Rights and Choices

7.1 Access and Control

• Account Access: You can access and update your account information at any time through your dashboard.
• Gmail Access Control: You can view and manage the Gmail permissions granted to naavu.dev through your Google Account settings.
• Data Export: You can request a copy of your data by contacting us at support@naavu.dev.

7.2 Revoke Access

You can revoke naavu.dev's access to your Gmail at any time by:

• Disconnecting your Gmail account from your naavu.dev dashboard
• Removing access through your Google Account permissions at https://myaccount.google.com/permissions

7.3 Account Deletion

You can delete your account at any time. Upon deletion:

• All your data will be permanently removed from our servers within 30 days
• Gmail access tokens will be immediately revoked
• Your cleanup history and filter records will be deleted

8. Data Retention

• Active Accounts: We retain your data as long as your account is active and you continue to use our service.
• Inactive Accounts: If your account remains inactive for 12 consecutive months, we may delete your data after providing you with prior notice.
• Deleted Accounts: Data from deleted accounts is permanently removed within 30 days.
• Legal Requirements: We may retain certain information as required by law or for legitimate business purposes.

9. Security Measures

We implement industry-standard security measures to protect your information:

• Encryption: Data transmission is encrypted using SSL/TLS protocols. Sensitive data at rest is encrypted.
• Access Control: Strict access controls ensure only authorized personnel can access user data.
• Regular Audits: We conduct regular security audits and vulnerability assessments.
• Secure Authentication: We use OAuth 2.0 for secure authentication with Google.

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

• Maintain your login session
• Remember your preferences
• Analyze service usage and improve user experience
• Ensure security and prevent fraud

You can control cookies through your browser settings. However, disabling cookies may affect your ability to use certain features of our service.

11. Children's Privacy

Our service is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately at support@naavu.dev.

12. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. By using our service, you consent to such transfers.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by:

• Posting the updated policy on this page with a new "Last Updated" date
• Sending an email notification to your registered email address
• Displaying a prominent notice on our service

Your continued use of naavu.dev after such changes constitutes your acceptance of the updated Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: support@naavu.dev
• Website: https://naavu.dev

We will respond to your inquiry within 30 days.