Legal

Privacy Policy

Last updated: April 2025

The short version: Akiko reads your Gmail via the official Google API. We do not store your email content on our servers. We do not sell your data. You can revoke access at any time from your Google account settings.

1. What we collect

Account metadata: When you connect a Gmail or Google Workspace account, we store your email address, display name, profile photo URL, and OAuth refresh token in our database. This is required to maintain your session and sync your accounts.

Email metadata: We cache subject lines, sender names, timestamps, and thread IDs in memory for performance. This data is not persisted to disk on our servers beyond a short cache window.

Email content: Akiko reads email body content in real time via the Gmail API to generate AI triage labels, summaries, and draft suggestions. This content is passed to our AI provider and is not stored on our servers.

Usage data: We collect minimal anonymous usage data (page views, feature interactions) to improve the product.

2. How we use your data

We use your data to:

  • Connect and sync your Gmail and Workspace accounts
  • Generate AI triage labels, summaries, and draft suggestions
  • Maintain your session across browser visits
  • Send transactional emails (e.g., account confirmations, billing receipts)
  • Improve the product through aggregated, anonymized usage analysis

3. AI processing

Akiko uses AI models to read and classify your emails (triage), generate summaries, and draft replies. Email content is sent to our AI provider to perform these tasks. We use providers that offer zero data-retention policies for API calls — your email content is not used to train AI models.

You can disable AI features at any time from your account settings.

4. Third parties

We share data only with the following service providers, all subject to strict data agreements:

  • Google — Gmail and Workspace API access
  • Neon — Managed Postgres database for account and preference storage
  • Vercel — Hosting and serverless compute
  • Anthropic / OpenAI — AI model inference (zero retention API tier)
  • Resend — Transactional email delivery

We do not sell your data to any third party, ever.

5. Data retention

Account metadata (email address, display name, OAuth token) is retained as long as your account is active. You can delete your account and all associated data at any time by contacting us at privacy@akiko.email.

Email content is not retained beyond the duration of a single AI inference call.

6. Your rights

You have the right to:

  • Access the data we hold about you
  • Request correction or deletion of your data
  • Revoke Gmail access at any time via Google account settings
  • Export your Akiko account data

To exercise these rights, contact privacy@akiko.email.

7. Security

OAuth refresh tokens are stored encrypted at rest. We use HTTPS for all data in transit. We do not store your Google account password — access is managed entirely through Google's official OAuth 2.0 flow.

8. Changes to this policy

We may update this policy as the product evolves. When we make material changes, we'll notify you by email or via an in-app notice at least 7 days before the change takes effect.

9. Contact

Questions about this policy? Email us at privacy@akiko.email or use our contact form.