Privacy Policy

Effective February 27, 2026

What is Snailmail?

Snailmail is an AI-powered email cleanup tool that connects to your Gmail account via OAuth. It automatically identifies unwanted newsletters and marketing emails, unsubscribes from them, and applies labels to keep your inbox organized.

Snailmail is operated by Jeffrey Mailey. If you have any questions about this policy, you can reach us at jmpshft@gmail.com.

What data we collect

When you use Snailmail, we collect and store the following:

Email address — collected when you sign up via Supabase authentication
Gmail message metadata — sender address, subject line, snippet, and headers. We do not read or store the full body content of your emails.
OAuth tokens — stored encrypted in our database so Snailmail can access your Gmail on your behalf

Why we access your Gmail

Snailmail accesses your Gmail account for three specific purposes:

To scan message metadata and identify unwanted newsletters and marketing emails
To unsubscribe from those emails on your behalf
To apply labels (like "Jmail-Scanned") so you can see what's been processed

Gmail scopes we use

When you connect your Gmail account, Snailmail requests the following permissions:

gmail.modify — to unsubscribe from emails and apply labels
gmail.readonly — to read message headers and metadata
userinfo.email and userinfo.profile — to identify your account

What we do NOT do

To be completely clear:

We do not read the full body content of your emails — only metadata (sender, subject, headers, snippet)
We do not sell, share, or transfer your data to third parties
We do not use your Gmail data for advertising purposes

Data storage and security

Your data is stored in Supabase (PostgreSQL) with row-level security enabled, hosted in the United States. OAuth tokens are stored encrypted. Only your account can access your own data.

Data retention

Gmail tokens and flagged email metadata are retained while your account is active. You can delete all of your data at any time by disconnecting your Gmail account or deleting your Snailmail account entirely.

Revoking access

You can revoke Snailmail's access to your Gmail at any time by:

Disconnecting Gmail from the Snailmail dashboard
Removing Snailmail from your Google Account permissions

Cookies

Snailmail only uses Supabase authentication session cookies to keep you logged in. We do not use tracking cookies, analytics cookies, or any third-party cookies.

Google API Services disclosure

Snailmail's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Changes to this policy

If we make significant changes to this privacy policy, we'll notify you by email or through the Snailmail dashboard. Minor updates will be reflected by updating the effective date at the top of this page.

Contact

Questions or concerns? Reach out at jmpshft@gmail.com.