Privacy Policy

# Privacy Policy for MailCode

**Effective Date:** October 2, 2025

**Last Updated:** October 2, 2025

---

## 1. Introduction

Welcome to **MailCode** ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application ("App").

By using MailCode, you agree to the collection and use of information in accordance with this policy.

---

## 2. Information We Collect

### 2.1 Personal Information

When you use MailCode, we may collect the following personal information:

- **Google Account Email Address:** Required for authentication and accessing your Gmail account

- **Gmail Messages:** Accessed and cached locally on your device for display purposes

- **Email Templates:** Custom templates you create are stored on our backend server (Supabase)

### 2.2 Automatically Collected Information

- **Device Information:** We do not collect device identifiers (IMEI, UDID, etc.)

- **Usage Data:** We do not collect analytics or tracking data

- **Location Data:** We do not collect or track your location

### 2.3 Information We Do NOT Collect

- ❌ Contacts or phone numbers

- ❌ Photos or media files

- ❌ Browsing history

- ❌ Location data

- ❌ Device identifiers

- ❌ Call logs or SMS messages

---

## 3. How We Use Your Information

We use the information we collect for the following purposes:

### 3.1 Core Functionality

- **Authentication:** To verify your identity using Google Sign-In

- **Email Management:** To display, send, and manage your Gmail messages

- **Template Storage:** To save and sync your custom email templates across devices

### 3.2 Service Improvement

- **Error Reporting:** To diagnose and fix crashes (via Google Play Console)

- **Performance Monitoring:** To improve app speed and reliability

### 3.3 Legal Compliance

- To comply with applicable laws and regulations

- To respond to legal requests and prevent fraud

---

## 4. How We Share Your Information

### 4.1 Third-Party Services

We use the following third-party services:

| Service                    | Purpose         | Data Shared                   | Privacy Policy                                            |

| -------------------------- | --------------- | ----------------------------- | --------------------------------------------------------- |

| **Google Gmail API** | Email access    | Gmail messages, email address | [Google Privacy Policy](https://policies.google.com/privacy) |

| **Google Sign-In**   | Authentication  | Email address, profile info   | [Google Privacy Policy](https://policies.google.com/privacy) |

| **Supabase**         | Backend storage | Email templates, user ID      | [Supabase Privacy Policy](https://supabase.com/privacy)      |

### 4.2 We Do NOT:

- ❌ Sell your personal information

- ❌ Share data with advertisers

- ❌ Use your data for marketing

- ❌ Track you across other apps or websites

---

## 5. Data Storage and Security

### 5.1 Local Storage

- **Gmail Messages:** Cached locally on your device (not on our servers)

- **Authentication Tokens:** Stored securely in Android's encrypted KeyStore

- **Templates:** Stored locally and synced to Supabase

### 5.2 Remote Storage

- **Email Templates:** Stored on Supabase servers (encrypted in transit via HTTPS)

- **Server Location:** Supabase uses AWS (region: configurable, default EU/US)

### 5.3 Security Measures

- ✅ HTTPS/TLS encryption for all network communication

- ✅ OAuth 2.0 authentication (industry standard)

- ✅ Android KeyStore for token encryption

- ✅ No plaintext password storage

---

## 6. Data Retention

### 6.1 How Long We Keep Your Data

- **Gmail Messages:** Cached locally only; cleared when you sign out

- **Email Templates:** Stored until you delete them or your account

- **Authentication Tokens:** Stored until you sign out

### 6.2 Account Deletion

To delete your account and all associated data:

1. Open MailCode app

2. Go to Settings

3. Tap "Sign Out"

4. Uninstall the app

**Result:** All local data is deleted. Email templates on Supabase can be deleted manually before signing out.

---

## 7. Your Rights (GDPR & Privacy Laws)

If you are in the EU, California, or other regions with privacy laws, you have the following rights:

### 7.1 Access

- You can view all your data within the app (templates, cached emails)

### 7.2 Deletion

- You can delete your templates individually

- You can sign out to clear all local data

### 7.3 Portability

- You can export your email templates (feature coming soon)

### 7.4 Opt-Out

- You can stop using the app at any time

- No tracking or analytics to opt out of

### 7.5 Contact Us

- Email: service@job2main.ca

- Response time: 48 hours

---

## 8. Children's Privacy

MailCode is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13.

If we become aware that a child under 13 has provided us with personal information, we will delete it immediately.

---

## 9. Google API Services User Data Policy

MailCode's use of information received from Google APIs adheres to the [Google API Services User Data Policy](https://developers.google.com/terms/api-services-user-data-policy), including the Limited Use requirements.

### Limited Use Disclosure:

- MailCode accesses Gmail only to send and receive emails on your behalf

- We do not transfer your Gmail data to third parties (except Supabase for template storage)

- We do not use Gmail data for advertising or marketing

- We request only the minimum scopes necessary (Gmail send/read)

---

## 10. International Data Transfers

If you are located outside your country of residence, your information may be transferred to and processed in countries with different privacy laws.

- **Supabase:** May store data in US or EU AWS regions (configurable)

- **Google Services:** Global infrastructure (see Google's privacy policy)

By using MailCode, you consent to the transfer of your information to these countries.

---

## 11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

- Posting the new Privacy Policy in the app

- Updating the "Last Updated" date at the top

**Your continued use of the app after changes constitutes acceptance of the updated policy.**

---

## 12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

- **Right to Know:** What personal information we collect and how we use it

- **Right to Delete:** Request deletion of your personal information

- **Right to Opt-Out:** We do not sell personal information (no opt-out needed)

**To exercise these rights:** Contact us at service@job2main.ca

---

## 13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

**Email:** service@job2main.ca

**Response Time:** 48 hours

**App:** MailCode v1.0.0

**Developer:** Jonathan Beilin

---

## 14. Consent

By using MailCode, you consent to:

- This Privacy Policy

- Collection and use of your information as described

- Transfer of data to third-party services (Google, Supabase)

---

*Last Updated: October 2, 2025*

*Version: 1.0.0*

*Effective: October 2, 2025*