Privacy Policy

Last updated: February 2026

This Privacy Policy describes how Caspian AI (“we”, “our”, or “us”) collects, uses, and protects your information when you use our email management service. We are committed to protecting your privacy and being transparent about our data practices.

Overview

Caspian AI is an AI-powered email management tool that helps you automatically archive low-priority emails. We are designed with privacy as a core principle — we only process email metadata (sender, subject, preview text), never full email content.

Information We Collect

Gmail OAuth Tokens

When you connect your Gmail account, we use Google OAuth to obtain access tokens. These tokens allow us to:

  • Read email headers and metadata (sender, subject, date, labels)
  • Archive emails on your behalf (modify permissions required for archiving)
  • Never read or store full email content

Email Metadata

We process the following email metadata:

  • Sender email address and name
  • Email subject line
  • Date and time received
  • Email labels and categories
  • Email snippet (a short preview, typically the first ~256 characters)

We also cache sender-level information (e.g., sender domain, company name, typical email purpose) to improve classification accuracy over time.

We do NOT collect or store:

  • Full email body content
  • Email attachments
  • Personal information from email content

Account Information

When you sign up for Caspian AI, we collect:

  • Your email address (for account creation and communication)
  • Authentication information (handled by Clerk authentication service)

Early Access Signup

When you sign up for early access, we collect:

  • Your email address
  • IP address and country (derived from request headers)
  • Browser user agent

This information is used to manage the waitlist and prevent abuse.

Feedback

When you submit feedback through the app, we collect:

  • Your feedback message and optional rating
  • The page you submitted it from
  • Your account information (to follow up if needed)

How We Use Your Information

We use the information we collect to:

  1. Email Classification: Analyze email metadata to classify emails based on their temporary importance and relevance horizons (2 days, 7 days, 30 days, or durable/keep forever)
  2. Auto-Archiving: Automatically archive emails after their relevance period expires
  3. Daily Digest: Send you a summary of recently archived emails
  4. Service Improvement: Improve our AI classification accuracy
  5. Account Management: Provide you with access to your account and dashboard

Data Storage and Security

Encryption

  • All Gmail OAuth tokens are encrypted at rest using AES-256-GCM encryption
  • Your credentials are never stored in plain text
  • All data transmission uses HTTPS/TLS encryption

Data Retention

  • Email metadata is retained only as long as necessary to provide the service. Metadata for emails that have been archived is periodically removed from our database.
  • Archived emails remain in your Gmail account (we only change their labels — nothing is deleted from Gmail)
  • You can delete your account and all associated data at any time (see Your Rights and Control below)

Cookies

We use cookies strictly for:

  • Authentication: Session management via Clerk (required for the service to function)
  • Analytics: Google Analytics cookies in production (see Analytics below)

We do not use advertising or third-party tracking cookies.

Third-Party Services

We use the following third-party services:

  • Clerk: For user authentication and account management
  • OpenAI: For AI-powered email classification. We send email metadata (sender address, subject line, and snippet) — never full email content or your personal account information.
  • Gmail API: For email access and archiving
  • Resend: For sending transactional emails (welcome emails, daily digests, invitations)
  • Sentry: For error monitoring in production. May include request context and user identifiers to help us diagnose issues.
  • Google Analytics: For anonymous pageview analytics in production (no personally identifiable information is tracked)

Your Rights and Control

You have full control over your data:

  1. Turn Service On/Off: You can enable or disable the automation service at any time from your dashboard
  2. Override Classifications: You can review and override any AI classification before archiving
  3. Access Your Data: You can view all data we have about you through your dashboard
  4. Disconnect Gmail: You can disconnect your Gmail account from your dashboard. This revokes our access and deletes all associated email data from our systems.
  5. Delete Account: You can delete your account through your profile settings. This permanently removes all your data from our systems, including email metadata, classifications, and account information.

Data Sharing

We do NOT:

  • Sell your data to third parties
  • Share your email data with advertisers
  • Use your data for purposes other than providing the Caspian AI service

We may share anonymized, aggregated data (that cannot identify you) for:

  • Service improvement and analytics
  • Research purposes

Children’s Privacy

Caspian AI is not intended for users under the age of 13. We do not knowingly collect information from children under 13.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on this page
  • Updating the “Last updated” date
  • Sending an email notification (for significant changes)

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Compliance

We are committed to complying with applicable data protection laws, including:

  • GDPR (General Data Protection Regulation) for EU users
  • CCPA (California Consumer Privacy Act) for California residents

Your privacy matters to us. If you have any concerns or questions, please don’t hesitate to reach out.