MailMindly
ProductPricingFAQContact
Log inGet started →
ESENITDECAT
ProductPricingFAQContact
Log inGet started →
ESENITDECAT

Privacy Policy

Last updated: July 5, 2026

At MailMindly we take the privacy of your data very seriously. This policy explains what information we collect, how we use it, how long we keep it, and what rights you have over it, in accordance with the General Data Protection Regulation (GDPR, EU 2016/679) and applicable Spanish law.

Data controller

Owner: Jesús Romero Aguado

Service: MailMindly (mailmindly.com)

Contact: legal@mailmindly.com

Jurisdiction: Spain

1. What data we collect

Account data

  • Full name and email address.
  • Password (stored encrypted using bcrypt hashing; never in plain text).
  • Usage profile (Personal, Professional, Business or Student) and subscribed plan.

Data from your connected email accounts

When you connect your Gmail, Outlook or other provider accounts via OAuth, MailMindly accesses:

  • The content of your emails (subject, sender, body) in order to classify and summarize them with artificial intelligence.
  • Your calendar and cloud files (Drive/OneDrive), if you authorize those permissions, to display events and documents.
  • OAuth access tokens, which are stored encrypted (AES-256-GCM) in our database.

Payment data

Payments are processed through Stripe. MailMindly does not store your card details; these are handled directly by Stripe in accordance with its own security standards (PCI-DSS).

2. Limited Use of Google data (Google API Services)

MailMindly's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including its Limited Use requirements.

Specifically, regarding your Google account data (including Gmail data):

  • We only use this data to provide and improve user-facing features of the service (classification, summarization and organization of your email).
  • We do not transfer this data to third parties except as necessary to provide the service, for security purposes, or to comply with applicable law.
  • We do not use this data for advertising purposes.
  • No human reads your Google data unless you expressly authorize it, it is necessary for security reasons (e.g. investigating abuse), it is required by law, or the data is aggregated and anonymized.
  • We do not use this data to train generalized or third-party artificial intelligence models.

3. Legal basis for processing

  • Performance of the contract: processing your emails and account data is necessary to provide the service you have contracted.
  • Consent: connecting your email, calendar and file accounts is done through your explicit consent via OAuth, which you can withdraw at any time.
  • Legitimate interest: to improve the service, ensure its security and prevent abuse.

4. How we use your data

  • Classifying, prioritizing and summarizing your emails using artificial intelligence agents.
  • Showing you your calendar, deadlines, drafts and files in an organized way.
  • Managing your account, subscription and billing.
  • Communicating with you about the service.

AI processing is performed through the Anthropic API (Claude). Content is sent for analysis and is not used to train models.

5. Who we share your data with

MailMindly does not sell your data. We share information only with the providers strictly necessary to deliver the service:

  • Anthropic (AI processing of email content).
  • Stripe (payment processing).
  • Google / Microsoft (through their OAuth APIs, to access the data you authorize).

6. Data retention

We keep your data for as long as you maintain an active account. If you cancel your account, we will delete your personal data and the tokens of your connected accounts within a reasonable period, unless we are legally required to retain them (for example, billing data).

7. Your rights

Under the GDPR, you have the right to:

  • Access: know what data we hold about you.
  • Rectification: correct inaccurate data.
  • Erasure: request deletion of your data ("right to be forgotten").
  • Portability: receive your data in a structured format.
  • Objection and restriction: object to or restrict certain processing.
  • Withdraw consent: disconnect your accounts at any time from the settings.

To exercise any of these rights, write to us at legal@mailmindly.com. You also have the right to file a complaint with the Spanish Data Protection Agency (AEPD).

8. Security

We apply technical and organizational measures to protect your data: encryption of OAuth tokens (AES-256-GCM), passwords with bcrypt hashing, secure connections, HTTP security headers and access restrictions. However, no system is 100% infallible and we cannot guarantee absolute security.

9. Cookies

MailMindly uses local storage and strictly necessary cookies to keep you signed in and remember your preferences. We do not use advertising or third-party tracking cookies.

10. Changes to this policy

We may update this policy from time to time. We will notify you of significant changes through the service or by email.

MailMindly

Built with AI to give you your time back.

PrivacyTermsContact
© 2026 MailMindly