We want to be as transparent as possible with your data. If anything isn't crystal clear, please contact us.
This policy was last updated on 24th May, 2018. We will announce any changes, and you can always alter your consent (see below).
What We Store on our Servers
We only store what cannot be easily stored in Gmail itself:
- Your email address, as the identifier for your ActiveInbox account.
- Your ActiveInbox Preferences.
- Your timezone, derived from your IP address, for timezone related functionality and appropriately timed notifications.
- The notes and sub-tasks you add to emails (associated only with the email's ID)
- The rank order of your emails, when you drag up & down (associated only with the email's ID)
- To guide our product development, we store your interaction with our website, which is used to make improvements using aggregate data. We also store how you use the product, but with no personal information (e.g. it'll record "Due Date Set", but not what the due date was).
- Any feedback you optionally give us (e.g. surveys, job role).
All other data related to your emails - tasks, projects, due dates, etc. - are stored only within Gmail, using labels.
Your email bodies are never stored on our server.
What Data Passes Through Our Server
All the data we store (above) passes through our server.
The metadata (from/to/subject/id/labels) of emails you Send Later must be briefly accessed by our server, to trigger the send.
No other sensitive email data ever touches our server.
While we don't transmit your email bodies through our server (excepting partially for Send Later), nor permit our employees to access any data related to you without your consent, it's important to know what's theoretically possible:
This is the standard data exchange mechanism, approved by Google, for working with Gmail. It has different scopes, ranging from just providing an app like us with your email address, to full read/write access of your Gmail account. You approve the scope when you install ActiveInbox. Currently, we ask for the full scope because Gmail lacks the granular control we need, so as of May 2018, the only way for ActiveInbox to update your task labels is with this full permission. But as documented, this data simply never touches our server. We're actively seeking ways to reduce this scope requirement.
We use SSL (https) everywhere, for secure data exchange between your machine and our server.
The data in the database is encrypted to the outside world, and is protected within the Amazon Web Service's ecosystem. Our development employees have access to the data, but are only allowed to temporarily access it with your explicit consent (e.g. to fix a problem).
When you sign up for ActiveInbox, we ask for consent to access your Gmail data (as described above), and to receive emails from us.
We may ask for heightened data scopes at the point a feature needs it. (E.g. the first time you use Send Later, or the GCal integration).
At any time, you can request to know all the information we hold about you, and request it be deleted, or alter your consent from that point forward. (By contacting support, or using any account management tools we provide).
If you no longer want to use ActiveInbox, you can log into your Google Account, and revoke any data permissions you gave ActiveInbox.
You can unsubscribe from our emails at any time.
3rd Party Services Utilised
These services help us deliver ActiveInbox. If you have any reason to distrust them, please contact us.
- Mailchimp, Customer.IO & Mailgun. They deliver our emails (tips, announcements, etc.) on our behalf (we pass them your email address and first name).
- Google Cloud Platform and Amazon Web Services. They host our server. This is where your data (as listed above) gets stored.
- Google Analytics, MixPanel and Facebook Pixel. We these for product and benefit testing - product development, basically. The Facebook Pixel gets used to enable us to promote ActiveInbox benefits to visitors-who-are-also-active-Facebook-users later, by recording (as a cookie) the machine that visited our website. We do not pass your email address to any of these services.
- Facebook Advertising (only for ActiveInbox adverts). If you opt in, we'll occassionally experiment with their Lookalike advertising programme (showing our adverts to people similar to our customers, helping us grow), by including you in a bulk email list. This doesn't happen by default.
- Stripe and PayPal. For payments. Your email address passes through these systems. They process your bank cards (the sensitive bank information is never available to us).
- Xero. For our accounting. We provide them with your email address for the financial record.