Effective Date: January 10, 2025
Last Updated: Aug 25, 2025
Filo Mail ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our services. By using Filo Mail, you agree to the practices described in this policy. If you do not agree, please refrain from using our services.
We collect only the information required to deliver and improve Filo Mail.
Anonymous information about how you interact with Filo Mail—feature usage, settings, crash data—used strictly to improve performance and reliability.
We process your information solely to provide, maintain, and enhance the service.
We never use your data to train AI models and we never sell personal information.
We act as a Controller for account data, telemetry, and website analytics; and as a Processor for the content of emails you connect to Filo (e.g., Gmail messages and attachments), which we process only under your instructions to provide the service.
Legal bases (where applicable under the GDPR/UK GDPR):
We employ layered defences to protect the confidentiality, integrity, and availability of your information:
Despite our best efforts, no system is completely secure; safeguard your credentials accordingly.
In the event of a security incident affecting personal data, we will notify affected users without undue delay and, where applicable, notify regulators within 72 hours of becoming aware. Where inference occurs on third-party AI platforms, their execution environments are outside of our AWS Nitro Enclaves; our controls there focus on transport security, access minimization, and provider-level data-use restrictions.
We do not sell or share your data except:
Filo never keeps data longer than necessary:
Data Category | Retention Window | Deletion Mechanism |
---|---|---|
Messages & attachments (server-side) | Not stored - streamed live from Gmail API | Cryptographic shred |
Search queries (Gmail API passthrough) | Zero retention - streamed live from Gmail API | Automatic shard destruction |
LLM cache | Ephemeral RAM only | Wiped after inference |
Application logs | 30 days | Log rotation & shred |
To-Dos (user-created or AI-suggested) | Retained until you delete them or delete your account | |
AI-generated summaries | Up to 90 days | Auto-deleted after the 90-day window |
OAuth tokens | Stored encrypted for as long as access is authorized | Revoked on account deletion or user revocation |
Deletion timers run on immutable CloudWatch Rules and cannot be paused or altered by human operators.
Provider | Region | Purpose | Encryption |
---|---|---|---|
Amazon Web Services | us-west-2 | Compute, storage, key management | AES-256-KMS |
Cloudflare | Global | WAF, DDoS, Zero-Trust gateway | TLS 1.3 / mTLS |
Google-Gemini | Global | AI Summaries · To-Do extraction · Compose/Reply · Chat(no training; enterprise retention controls) | TLS 1.3 PFS |
Anthropic-Claude | us-west-2 | AI Summaries · To-Do extraction · Compose/Reply · Chat(no training; enterprise retention controls) | TLS 1.3 PFS |
OpenAI- Azure | us-east-2 | AI Summaries · To-Do extraction · Compose/Reply · Chat(no training; enterprise retention controls) | TLS 1.3 PFS |
Sentry SaaS | us-west-2 | Crash telemetry (PII stripped) | AES-256-GCM |
We update this list whenever we add or remove a sub-processor.
We welcome security research and community feedback:
We acknowledge reports within 5 business days and remediate confirmed issues within 45 days.
Under GDPR (Articles 15-20) you may request access, correction, export, or deletion of your data at any time.
Email [email protected]
We will respond within 30 days.You also have the right to lodge a complaint with your local supervisory authority.
Filo requests one and only one Google OAuth scope—the all-in-one Gmail scope. We keep it simple and transparent:
Scope | Why We Need It |
---|---|
https://mail.google.com/ | Grants read, send, and modify rights in your mailbox. Required for Smart Inbox classification, AI Summaries, To-Do extraction, Compose/Reply assistance, and label management. |
Filo Mail uses cookies and similar technologies to maintain your session, remember preferences (e.g., language), and measure aggregate/de-identified usage statistics via Google Analytics. Where required by law, analytics only runs after you consent via the banner. We do not use advertising or cross-site retargeting cookies.
Your choices. You can manage cookies in your browser settings (e.g., block or clear cookies and site data for this domain). We honor Global Privacy Control (GPC) signals where supported and will not enable non-essential cookies unless you later provide consent. For assistance, contact [email protected].
U.S. notice (CPRA). We do not sell or share personal information as defined by the CPRA. Because we do not sell or share data and do not engage in cross-context behavioral advertising, a “Do Not Sell or Share My Personal Information” link is not required. If our practices change, we will update this Policy and provide the appropriate link.
Our services are not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided personal data, please contact us and we will take appropriate steps.
We may update this Privacy Policy from time to time. If significant changes are made, we will notify you via email or through a notice on our website. Your continued use of Filo Mail constitutes acceptance of the revised policy.
If you have any questions or concerns about this Privacy Policy, please contact us at [email protected].
Primary region: Our production infrastructure is located in the United States (AWS). We do not currently host or store data in the EEA or the UK.
If you are located in the EEA/UK, your personal data will be transferred to and processed in the United States, and, where relevant, in other countries where our service providers operate.
Transfer safeguards: We rely on the EU Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum (IDTA), along with technical and organizational measures (e.g., TLS 1.3, in transit, AES-256 at rest, AWS KMS key management, least-privilege access, and auditing).