User Data

At Filo, security is baked in from the first line of code. Every feature — AI summaries, smart triage, and more — rests on a framework that treats confidentiality, integrity, and uptime as non‑negotiable. Our engineers, seasoned in cloud security and applied AI, employ modern encryption, segmented cloud architecture, and routine security testing to shield your email, attachments, and account data.

Independent reviews such as Google’s annual Cloud Application Security Assessment (CASA) confirm these safeguards. And if you ever decide to leave, Filo’s one‑tap delete instantly and irreversibly removes all of your data — no waiting period, no leftovers.

Data secured in AWS

All production data resides in Amazon Web Services’ (AWS) ISO‑, PCI‑, and SOC‑certified data centers.

  • At rest: encrypted with AES‑256 keys managed by AWS KMS

  • In transit: encrypted with TLS 1.2 or newer

We follow a strict “defence‑in‑depth” strategy, combining network segmentation, service isolation, and fine‑grained IAM roles to eliminate single points of failure.

Google‑verified, annually audited

Filo passes Google’s Cloud Application Security Assessment (CASA) Tier 3—the required third‑party audit for any app requesting restricted Gmail scopes.
We also comply fully with Google’s API Services User Data Policy and remain approved in the Google Workspace Marketplace.

Compatible with Google Advanced Protection

Filo integrates seamlessly with Google’s Advanced Protection Program. Administrators can authorize the app for their domain through Google’s standard third‑party app‑access controls.

No data used for model training or any other purpose

Your data is never used for training or secondary use. Every byte is strictly confined to the features you choose, kept under robust privacy controls, and never repurposed beyond what you see.

Comprehensive audit logging

Internal access is locked down behind hardware‑key multi‑factor authentication.
Every access event is written to an immutable audit log, and no employee may view customer content without your explicit consent.

Delete your data anytime

You always retain full control:

  1. Open Settings

  2. Tap Filo Account

  3. Select Delete and confirm

Confirmation triggers immediate, irreversible deletion: Gmail OAuth tokens are revoked on the spot, and all Filo‑stored data — live and backup copies alike — is purged within seconds.

  • Need to remove just one mailbox?

    Open that mailbox’s folder, click the trash icon in the address bar, and confirm; only that mailbox and its data are deleted.

Full Privacy Policy & Terms

For more detail, please read our complete Privacy Policy and Terms of Service.