← Back

Privacy Policy

Last updated: March 3, 2026

Amailia ("we", "us", or "our") operates the website amailia.ca and provides an email management service. This Privacy Policy explains how we collect, use, and protect your information when you use our service.

1. Information We Collect

We collect only the minimum information necessary to provide our service:

• Account information: Your email address and authentication credentials when you sign up.
• OAuth tokens & credentials: When you connect a Gmail, Outlook, Yahoo, or IMAP email account, we store OAuth tokens or app passwords — encrypted at rest using AES-256-GCM — in order to fetch your emails on your behalf.
• Email metadata: We access your email data (subject lines, senders, email body) solely to display it to you within the app. We do not store your email content on our servers.

2. How We Use Your Information

• To authenticate you and provide access to your account.
• To connect to your Gmail account and display your emails within Amailia.
• To maintain your session and keep your connected accounts active via OAuth token refresh.

We do not sell, rent, or share your personal information with third parties for marketing purposes.

3. Google API Services

Amailia uses Google API Services to access Gmail data on your behalf. Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• We only request access to Gmail data that is necessary to display your inbox.
• We do not use your Gmail data to serve advertisements.
• We do not allow humans to read your email data unless required by law or with your explicit consent.
• We do not use or transfer your Gmail data for any purpose other than providing the Amailia email service.

4. Data Storage and Security

All OAuth tokens, app passwords, and authentication credentials are encrypted at rest using AES-256-GCM encryption before being stored in Google Cloud Firestore. Firestore access controls restrict your data to your account only — no other user or process can access it. All data transmission uses HTTPS/TLS, enforced via HTTP Strict Transport Security (HSTS). Your email content is never stored on our servers — it is fetched live from your email provider and returned directly to you.

5. Cookies & Local Storage

Amailia uses browser cookies and local storage solely for the following essential purposes:

• Authentication: Firebase Auth stores your session token in local storage to keep you signed in between visits.
• Preferences: We store your cookie consent choice in local storage so we don't ask again.
• Push notifications: If you opt in, an FCM token is saved to associate your browser with push notifications.

We do not use advertising cookies, analytics cookies, or any third-party tracking cookies. Because we only use essential cookies necessary to operate the service, you may still use Amailia if you decline optional cookies.

5a. Sponsored Content

The Free plan of Amailia displays a small static sponsor advertisement in the sidebar navigation. This sponsor ad is a simple image link — it does not use tracking pixels, behavioural targeting, or third-party ad networks. No personal data is shared with sponsors. Premium and Pro subscribers do not see any sponsored content.

6. Data Retention

We retain your account data and OAuth tokens for as long as your account is active. You may delete your account and all associated data at any time directly from the app via Profile → Delete Account, or by contacting us at support@amailia.ca. Deletion removes all Firestore data and your authentication record immediately.

7. Your Rights

You have the right to:

• Access the personal data we hold about you.
• Request deletion of your data — use Profile → Delete Account in the app for instant deletion.
• Disconnect any connected email account at any time from within the app.
• Revoke Amailia's access to your Google account at any time via Google Account Permissions.
• Withdraw cookie consent at any time by clearing your browser's local storage.

8. Children's Privacy

Amailia is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page with an updated date.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at:
support@amailia.ca

---

© 2026 Amailia. All rights reserved.