Privacy Policy

This Privacy Policy applies to personal information we collect: - when you visit our website, sign up, or create an account; - when you connect a Gmail account or otherwise authorize mailbox access; - when you subscribe to, pay for, or manage a paid plan or trial; - when you contact support, participate in surveys or promotions, or otherwise communicate with us; - when we secure, monitor, operate, improve, support, analyze, or enforce the Service; and - when you interact with our emails, marketing materials, or ads. "Personal information" means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you.

### A. Account and Profile Information - name, email address, and login identifiers; - authentication records, session tokens, two-factor secrets, and recovery codes; - subscription status, plan type, trial status, usage tier, and customer identifiers; - preferences, language, timezone, and notification settings; and - information you voluntarily provide in support requests, surveys, or communications. ### B. Gmail Connection and Inbox Data When you connect Gmail, we may collect or generate: - your Gmail account email address, profile identifiers, and the OAuth scopes you grant; - OAuth access and refresh tokens, token metadata, token expirations, and revocation signals; - Gmail message identifiers, thread identifiers, labels, categories, senders, recipients, subjects, timestamps, size metadata, and mime-type metadata; - Gmail snippets, message bodies (in whole or in part), selected headers, attachment metadata, and inline-image metadata needed to scan, classify, rank, summarize, surface, or act on messages; - derived classification results, confidence scores, reasoning traces, rule assignments, activity history, and usage metrics; - mailbox-management instructions and write-action logs, such as archive, label, mark-as-read, trash, untrash, or restore actions; - calendar-invite detection, attachment detection, unsubscribe-link detection, and similar feature-derived signals; and - related Gmail payload data that may be processed when necessary to support classification, sender analysis, troubleshooting, rule enforcement, or debugging. PureBox is designed to process only the data reasonably necessary to provide inbox-cleanup and related features. We do not sell Gmail-derived personal information, and we do not use it to serve or personalize advertising. ### C. Billing and Transaction Information If you purchase a subscription, our payment providers (principally Stripe) may collect: - plan selection, billing status, invoices, payment history, and subscription lifecycle events; - limited customer, card-brand, card-country, last-four, and transaction metadata (but not full card numbers); - tax residency, VAT or similar tax identifiers if provided, refund records, dispute records, chargeback records, and fraud-prevention signals; and - records required for tax, accounting, and regulatory compliance. We do not store full payment card numbers in PureBox systems. ### D. Device, Usage, and Diagnostic Data We automatically collect: - IP address, user agent, browser type, operating system, device identifiers, screen resolution, and approximate location derived from IP; - session data, page views, feature usage, clicks, referrers, timestamps, and client-side error traces; - performance, reliability, abuse-prevention, and security telemetry; and - cookie, local-storage, session-storage, and similar technology data used for authentication, preferences, analytics, and Service operation. ### E. Communications and Support Data We collect the contents of your support requests, emails, chats, survey responses, and any attachments or follow-up information you provide. These may be stored by our support, ticketing, and email-delivery vendors. ### F. Cookies and Similar Technologies We and our service providers use cookies, pixels, SDKs, local storage, and similar technologies for authentication, session management, security (including CSRF and fraud protection), preferences, load balancing, analytics, performance measurement, feature flags, error monitoring, and limited first-party product analytics. We do not use third-party advertising cookies or cross-site tracking to build user profiles. You can manage cookies through your browser settings; disabling required cookies will prevent the Service from functioning. Where required by applicable law (including in the EEA, UK, and other regions), we will obtain consent before setting non-essential cookies.

We collect information: - directly from you (account registration, checkout, support requests, settings); - automatically through your interaction with the Service (device, usage, diagnostics, cookies); - from Gmail and Google authentication (Gmail content and metadata, profile information); - from our payment, authentication, analytics, observability, and support vendors; and - from public sources, fraud-prevention services, and legal process where applicable.

We use personal information to: - provide, authenticate, personalize, maintain, and secure the Service; - connect to Gmail, scan inbox data, generate suggestions and classifications, and perform user-authorized mailbox actions; - process subscriptions, payments, trials, renewals, cancellations, refunds, chargebacks, and billing support; - communicate with you about your account, security, service changes, updates, and, where permitted, marketing; - improve features, workflows, detection logic, classification quality, evaluation datasets, and user experience; - detect, investigate, prevent, and respond to fraud, abuse, spam, security incidents, policy violations, and legal threats; - comply with legal obligations, respond to lawful requests, and enforce our Terms of Service and policies; - protect our rights, property, customers, vendors, and the public; and - create aggregated or de-identified analytics, benchmarks, product metrics, and operational insights that do not identify you. We do not use the content of your emails to train general-purpose, third-party, or foundation AI models. We may use de-identified or aggregated signals to improve our own classification rules, heuristics, and evaluation.

If you connect Gmail, you authorize us to access and process Google user data as needed to provide the Service features you enable. **PureBox's use and transfer of information received from Google APIs to any other app will adhere to the [Google API Services User Data Policy](https://developers.google.com/terms/api-services-user-data-policy), including the Limited Use requirements.** In practical terms, this means: - we use Gmail data only to provide or improve user-facing features that are prominent in the Service (including scan, classification, cleanup, rules, sender insights, and account management); - we do not transfer Gmail data to third parties except as necessary to provide or improve user-facing features, to comply with applicable law, or as part of a merger, acquisition, or asset sale with continuing privacy protections; - we do not use Gmail data for serving advertising, including retargeting, personalized advertising, or interest-based advertising; - human review of Gmail data is limited to (i) you or someone acting on your behalf, (ii) cases where we have your specific consent, (iii) security, fraud, and abuse investigations, (iv) legal compliance, or (v) where the data is aggregated and used for internal operations under the Limited Use requirements; and - you can revoke Google access through your Google account permissions, disconnect Gmail inside the Service where available, or contact us for assistance.

PureBox uses automated systems, including AI-assisted classification and summarization, to help sort, score, label, and recommend inbox actions. To provide those features, we may send email-derived inputs (such as sender, subject, snippets, selected headers, message metadata, and limited body content) to service providers operating AI or cloud infrastructure on our behalf, under written agreements that restrict their use of the data to providing services to us and prohibit training their foundation models on your content. AI outputs can be inaccurate, biased, incomplete, or fabricated. They are one input into the Service and may be supplemented by deterministic rules, safety checks, and user review. You are responsible for evaluating AI outputs before acting on them. Some AI features may involve automated decision-making. Where required by law (such as under GDPR Article 22), you may request human review of significant automated decisions by contacting us.

We may disclose personal information to: - **Service providers and subprocessors** that host, secure, operate, store, support, analyze, or improve the Service (including Google for OAuth and Gmail APIs, Microsoft Azure for hosting, Supabase for authentication and database, Stripe for billing, AI model providers for classification and summarization, observability and logging vendors, and email-delivery vendors); - **Payment and billing partners** that process subscriptions and related transactions; - **Professional advisors**, auditors, insurers, and legal counsel; - **Law enforcement, regulators, courts, or other parties** when we believe in good faith that disclosure is required by law, subpoena, warrant, or court order, or is reasonably necessary to protect the rights, property, or safety of PureBox, users, or the public, to enforce our Terms of Service, or to detect, prevent, or address fraud, security, or technical issues; - **Potential or actual acquirers, investors, successors, or counterparties** in connection with a financing, merger, acquisition, corporate reorganization, sale of assets, bankruptcy, or similar transaction, subject to customary confidentiality protections; - **You or persons you authorize**, such as account administrators if applicable; and - **Other parties with your consent** or at your direction. We do not sell personal information for monetary consideration, and we do not share personal information for cross-context behavioral advertising. A current list of our core processor categories includes: - Google, for OAuth and Gmail APIs; - Microsoft Azure, for hosting and supporting infrastructure; - AI model providers (for example, Microsoft Azure OpenAI Service and other approved AI providers) for classification and summarization; - Supabase, for authentication, database, and related backend services; - Stripe, for billing and subscription management; - observability, logging, analytics, and support vendors acting on our behalf; and - email-delivery vendors for transactional and support emails. We may update our vendors and subprocessors from time to time. Where required by law, we will provide notice of material changes.

Where EEA, UK, or similar data-protection law requires a legal basis, we process personal information on these grounds: - **Contract**: to provide the Service you request and to take steps you request before entering into a contract; - **Legitimate interests**: to secure, improve, monitor, support, and enforce the Service; to prevent fraud and abuse; to operate and grow our business; and to communicate with users, provided those interests are not overridden by your rights; - **Consent**: where you voluntarily connect Gmail, authorize certain processing (such as non-essential cookies, optional marketing, or sensitive processing), or where law otherwise requires consent; and - **Legal obligation**: to comply with legal, tax, accounting, reporting, safety, or law-enforcement requirements. You have the right to withdraw consent at any time without affecting prior lawful processing; some processing may continue under other legal bases.

We retain personal information only as long as we believe reasonably necessary for the purposes described in this Privacy Policy, including to provide the Service, maintain security, resolve disputes, enforce agreements, and comply with legal obligations. Retention generally works as follows: - **Account data**: retained while your account is active and for a reasonable period after closure; - **OAuth connection data**: retained until you disconnect, revoke access, request deletion, or we no longer need the connection; - **Gmail-derived working records and classifications**: retained in operational tables for up to 30 days by default, unless a longer period is needed for reliability, support, legal claims, abuse prevention, or compliance; - **Activity logs and audit records**: retained for a period consistent with our operational, legal, and security needs; - **Billing, invoicing, tax, and dispute records**: retained as long as required by tax, accounting, regulatory, fraud-prevention, or legal-defense requirements (typically up to 7 years or longer where required); - **Support communications**: retained as long as needed to provide support, analyze trends, and comply with legal obligations; - **Backups and archived security records**: may persist for additional time before deletion cycles complete; and - **De-identified or aggregated data**: may be retained indefinitely. We may delete or anonymize information earlier or later than above when operationally necessary or legally required. Upon account termination, we may delete some or all of your data on our timeline and are not required to provide export tools or grace periods.

We use commercially reasonable administrative, technical, and organizational safeguards designed to protect personal information, including access controls, encryption in transit, authentication controls, vendor restrictions, logging, monitoring, and environment-level security practices. No system is completely secure. We cannot guarantee absolute security, and you use the Service at your own risk. You are responsible for keeping your credentials, recovery codes, and connected-account authentication secure. In the event of a security incident that affects your personal information and requires notification under applicable law, we will notify you and relevant authorities within the time frames and in the manner required by that law. We reserve the right not to provide notice where the incident does not trigger a legal notification obligation.

We and our service providers may process personal information in the United States and other countries where we or our vendors operate. Those jurisdictions may have data-protection laws different from those in your location, and data-protection authorities in your location may not have jurisdiction over our vendors. Where required, we rely on lawful transfer mechanisms, such as the EU Standard Contractual Clauses, UK International Data Transfer Agreement, adequacy decisions, and supplementary technical, contractual, or organizational safeguards, to support cross-border transfers.

Depending on your location and applicable law, you may have rights to: - request access to the personal information we hold about you; - request correction of inaccurate information; - request deletion or erasure, subject to legal exceptions; - request portability of certain information in a machine-readable format; - restrict or object to certain processing; - withdraw consent where processing is based on consent; and - lodge a complaint with your local supervisory authority. You may also be able to: - manage Gmail access through your Google account permissions; - disconnect Gmail inside PureBox where that feature is available; - manage subscriptions through Stripe's billing portal where available; - manage communication preferences from within the Service or via email opt-out links; and - request account or data assistance by contacting us at the address below. We may need to verify your identity and authority before acting on a request, and we may use information from our vendors to perform that verification. We may deny or limit a request when permitted by law, including where doing so would adversely affect others' rights, undermine security, conflict with legal obligations, interfere with our ability to enforce legal claims, or be manifestly unfounded or excessive. We will not discriminate against you for exercising any of your rights.

If U.S. state privacy laws apply to you (including California, Colorado, Connecticut, Virginia, Utah, Texas, Oregon, and similar), this section provides additional disclosures. **Categories of personal information collected.** In the prior twelve (12) months, we have collected the categories described in Section 2 (identifiers, account and commercial information, internet/electronic activity, geolocation derived from IP, Gmail-derived content and metadata, inferences drawn from the foregoing, and communications/support data). **Sources.** See Section 3. **Purposes.** See Section 4. **Recipients.** See Section 7. **Retention.** See Section 9. **Sensitive personal information.** We do not request sensitive personal information. If such information appears incidentally in your Gmail content, we process it only to provide the Service and not for the purpose of inferring characteristics about you. **We do not sell personal information** for monetary consideration, and **we do not share personal information for cross-context behavioral advertising**. We honor Global Privacy Control ("GPC") signals as a request to opt out of sale or sharing to the extent applicable. **California Shine the Light.** California residents may request information about our disclosure of personal information to third parties for their direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes. **Your rights.** Subject to applicable law, you may request to know, access, correct, delete, opt out of sale/sharing, opt out of certain profiling or automated decision-making, and appeal our response. Colorado, Connecticut, Virginia, and similar-state residents may also appeal decisions about their rights requests by replying to our response or by contacting us at the address below. If you are not satisfied with our appeal response, you may contact your state attorney general. **Authorized agents.** You may designate an authorized agent to make requests on your behalf, subject to verification.

If you are located in the EEA, the UK, Switzerland, or a jurisdiction with similar rights, you may exercise the rights described in Section 12. The data controller is Shaked Ilan (individual sole proprietor operating PureBox). You may also contact us about our use of legitimate interests, automated decision-making, or international transfers. You may lodge a complaint with your local supervisory authority. A list of EU authorities is available at [https://edpb.europa.eu/about-edpb/about-edpb/members_en](https://edpb.europa.eu/about-edpb/about-edpb/members_en).

The Service is not directed to children under 18 (or the higher age of majority in your jurisdiction), and we do not knowingly collect personal information from children. If you believe a child provided us personal information, contact us so we can take appropriate action, including account deletion.

Some features of the Service apply automated classification, ranking, or scoring to mailbox messages. Where a decision produces legal or similarly significant effects on you and is based solely on automated processing, and where required by law, you have the right to obtain human review, express your point of view, and contest the decision. Most Service features involve suggestions that you review and apply, so human-in-the-loop review is available by default.

The Service does not respond to Do Not Track ("DNT") browser signals. We honor Global Privacy Control signals to the extent they apply to opt-out of sale/sharing rights under applicable U.S. state law.

We may update this Privacy Policy from time to time. If we make material changes, we may provide notice through the Service, by email, or by other reasonable means. The updated version will become effective when posted unless otherwise stated. Your continued use of the Service after the effective date constitutes acceptance of the updated Privacy Policy.

If you have questions, requests, or complaints about this Privacy Policy or our privacy practices, contact the Operator: Shaked Ilan, Operator of PureBox support@pureboxai.com 1985 Del Amo Blvd, #C0050, Torrance, California (CA) 90501 Because the Service is operated by a single individual on a best-effort basis, we aim to respond to verifiable privacy requests within the time frame required by applicable law (typically 30–45 days). For EEA/UK users, if we appoint an EU or UK representative under Article 27 of the GDPR, their details will be listed here.