Privacy Policy

SpamRescue ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

SpamRescue is operated by Studio Eleven SARL, a company registered in France. We are committed to ensuring that your privacy is protected and that we comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

The data controller responsible for your personal data is:

Studio Eleven SARL

12 rue de la Part-Dieu

69003 Lyon, France

Email: contact@studioeleven.cc

For any privacy-related inquiries, please contact us at: support@spamrescue.io

We collect the following types of information:

Account Information:

• Email address (from your Google account)

• Name (from your Google account)

• Profile picture (from your Google account)

Email Metadata (from your spam folder only):

• Sender email address

• Sender name

• Email subject line

• Date and time received

• We do NOT store the full email content

AI-Generated Data:

• Lead scores (0-100)

• Brief AI-generated summaries (only for detected leads)

• Email categorization

Usage Data:

• Log data and analytics

• Device and browser information

• IP address (anonymized)

Payment Information:

• Processed securely by LemonSqueezy

• We do not store credit card details

We use your information for the following purposes:

Service Delivery:

• Scanning your spam folder for potential leads

• Generating AI analysis and lead scores

• Sending notifications about detected leads

Account Management:

• Creating and managing your account

• Processing subscriptions and payments

• Communicating about your account

Service Improvement:

• Analyzing usage patterns to improve our AI

• Debugging and fixing issues

• Developing new features

Legal Compliance:

• Complying with legal obligations

• Responding to legal requests

• Protecting our rights and preventing fraud

We will never sell your personal data to third parties.

What We Store:

• Account information: Stored until account deletion

• Email metadata: Stored temporarily based on your plan

• Lead summaries: Stored until you delete them or your account

Retention Periods for Email Metadata:

• Free plan: 7 days

• Pro plan: 30 days

• Business plan: 90 days

Non-lead emails have their metadata automatically deleted after scanning. We only retain metadata and AI summaries for emails identified as potential leads.

Where We Store Data:

• All data is stored in the European Union (EU)

• We use Vercel Postgres for database hosting

• Data is encrypted at rest and in transit (AES-256, TLS 1.3)

What We Never Store:

• Full email content

• Email attachments

• Emails from your inbox, sent folder, or any folder other than spam

We share your data with the following third-party services:

Authentication:

• Clerk (user authentication)

• Google OAuth (Gmail connection)

Payment Processing:

• LemonSqueezy (subscription management)

Infrastructure:

• Vercel (hosting and database)

• OpenAI (AI analysis - email metadata only, no full content)

Analytics & Monitoring:

• BetterStack (error tracking and logs)

All third-party providers are GDPR-compliant and have appropriate data processing agreements in place. We do not sell, trade, or rent your personal information to others.

Under GDPR, you have the following rights:

Right to Access:

You can request a copy of all personal data we hold about you.

Right to Rectification:

You can request correction of inaccurate personal data.

Right to Erasure ("Right to be Forgotten"):

You can request deletion of your personal data. You can delete your account at any time from your settings.

Right to Restrict Processing:

You can request that we limit how we use your data.

Right to Data Portability:

You can request your data in a machine-readable format.

Right to Object:

You can object to processing of your personal data.

Right to Withdraw Consent:

You can withdraw consent at any time by disconnecting your Gmail account or deleting your account.

To exercise any of these rights, please contact us at support@spamrescue.io

We implement robust security measures to protect your data:

Technical Measures:

• Encryption at rest (AES-256)

• Encryption in transit (TLS 1.3)

• Secure OAuth 2.0 authentication

• Regular security audits

Access Controls:

• Limited access to personal data

• Role-based access controls

• Audit logging

Infrastructure:

• EU-based data centers

• SOC 2 Type II certified providers

• Regular backups

Gmail Access:

• We only request access to your spam folder

• Read-only access (we cannot modify or delete emails)

• You can revoke access at any time from your Google account settings

We use essential cookies for the functioning of our service:

Essential Cookies:

• Authentication cookies (Clerk)

• Session management

• Security tokens

Analytics:

• We use privacy-friendly analytics

• No third-party advertising cookies

• No cross-site tracking

You can manage cookie preferences in your browser settings. Note that disabling essential cookies may prevent you from using our service.

SpamRescue is not intended for use by children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@spamrescue.io

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page

• Updating the "Last updated" date

• Sending an email notification for significant changes

We encourage you to review this Privacy Policy periodically for any changes.

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: support@spamrescue.io

Company Address:

Studio Eleven SARL

12 rue de la Part-Dieu

69003 Lyon, France

General Inquiries: contact@studioeleven.cc

We aim to respond to all privacy-related inquiries within 30 days.