Privacy Policy

Last updated: November 2025

This Privacy Policy describes how Caspian AI (“we”, “our”, or “us”) collects, uses, and protects your information when you use our email management service. We are committed to protecting your privacy and being transparent about our data practices.

Overview

Caspian AI is an AI-powered email management tool that helps you automatically archive low-priority emails. We are designed with privacy as a core principle—we only process email metadata, never full email content.

Information We Collect

Gmail OAuth Tokens

When you connect your Gmail account, we use Google OAuth to obtain access tokens. These tokens allow us to:

  • Read email headers and metadata (sender, subject, date, labels)
  • Archive emails on your behalf (modify permissions required for archiving)
  • Never read or store full email content

Email Metadata

We process the following email metadata:

  • Sender email address and name
  • Email subject line
  • Date and time received
  • Email labels and categories
  • Email snippet (first few lines for context)

We do NOT collect or store:

  • Full email body content
  • Email attachments
  • Personal information from email content

Account Information

When you sign up for Caspian AI, we collect:

  • Your email address (for account creation and communication)
  • Authentication information (handled by Clerk authentication service)

How We Use Your Information

We use the information we collect to:

  1. Email Classification: Analyze email metadata to classify emails based on their temporary importance and relevance horizons
  2. Auto-Archiving: Automatically archive emails after their relevance period expires (based on assigned horizons: 2 days, 7 days, 30 days, or event-based)
  3. Service Improvement: Improve our AI classification accuracy (using anonymized patterns)
  4. Account Management: Provide you with access to your account and dashboard

Data Storage and Security

Encryption

  • All Gmail OAuth tokens are encrypted at rest using AES-256-GCM encryption
  • Your credentials are never stored in plain text
  • All data transmission uses HTTPS/TLS encryption

Data Retention

  • Email metadata is retained only as long as necessary to provide the service
  • To delete your account and all associated data, please contact support
  • Archived emails remain in your Gmail account (we only change their labels)

Third-Party Services

We use the following third-party services:

  • Clerk: For user authentication and account management
  • OpenAI: For AI-powered email classification (we send anonymized email metadata, never full content)
  • Gmail API: For email access and archiving

Your Rights and Control

You have full control over your data:

  1. Turn Service On/Off: You can enable or disable the automation service at any time from your dashboard
  2. Override Classifications: You can review and override any AI classification before archiving
  3. Access Your Data: You can view all data we have about you through your dashboard
  4. Disconnect Gmail: To disconnect your Gmail account, please contact support
  5. Delete Account: To delete your account and all associated data, please contact support

Data Sharing

We do NOT:

  • Sell your data to third parties
  • Share your email data with advertisers
  • Use your data for purposes other than providing the Caspian AI service

We may share anonymized, aggregated data (that cannot identify you) for:

  • Service improvement and analytics
  • Research purposes

Children’s Privacy

Caspian AI is not intended for users under the age of 13. We do not knowingly collect information from children under 13.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on this page
  • Updating the “Last updated” date
  • Sending an email notification (for significant changes)

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Compliance

We are committed to complying with applicable data protection laws, including:

  • GDPR (General Data Protection Regulation) for EU users
  • CCPA (California Consumer Privacy Act) for California residents

Your privacy matters to us. If you have any concerns or questions, please don’t hesitate to reach out.