Clear My Inbox

Privacy Notice

Last updated: March 30, 2026

1. Scope of This Notice

This Privacy Notice explains how Clear My Inbox ("we," "us," or "our") collects, uses, discloses, protects, and retains personal information when you use our websites, applications, Gmail cleanup tools, payment flows, and related services (collectively, the "Services").

This Privacy Notice does not describe the privacy practices of Google, Stripe, or any other third-party service that you may use with or through our Services. We encourage you to review their separate privacy notices and terms.

2. The Personal Information We Collect and Where It Comes From

The personal information we collect depends on how you use the Services and what permissions you grant. We collect personal information from you directly, from Google when you authorize Gmail access, from payment processors, from your devices and browser, and from service providers that help us operate the Services.

Account and profile information

  • Name, email address, and profile image provided through Google sign-in.
  • Authentication and session records needed to keep you signed in securely.
  • Support communications you send to us.

Gmail and cleanup-related information

  • Email metadata such as sender, subject line, date, size, labels, and message identifiers.
  • Mailbox storage usage, cleanup previews, cleanup history, unsubscribe actions, and filter actions.
  • Encrypted OAuth tokens and related authorization details needed to access Gmail APIs.

We do not use your Gmail data for advertising. We do not store your email body content, Google Drive files, or Google Photos. If a Gmail API response includes message content required for a feature you requested or for required troubleshooting, we process that response only long enough to complete the task and do not retain the content.

Payment and commercial information

  • Stripe customer IDs, subscription IDs, checkout results, payment status, and transaction references.
  • Purchase details such as plan, amount, currency, and billing timestamps.

Device and usage information

  • IP address, browser type, device details, approximate location derived from IP, and log data.
  • Product analytics, performance metrics, and diagnostic information about how the Services are used.
  • Cookie and local storage data used for authentication, security, preferences, and analytics.

Consent and compliance records

  • Records showing when you accepted our terms, granted Gmail permissions, or opted into marketing.
  • Audit metadata associated with those consents, such as timestamps and the connected account.

3. How We Use Your Personal Information

We use personal information for the following business and commercial purposes:

  • To provide, maintain, and improve the Services.
  • To authenticate you and manage your account sessions securely.
  • To analyze Gmail storage, generate cleanup recommendations, and execute actions you approve.
  • To process payments, subscriptions, refunds, and related support requests.
  • To send transactional, service, legal, and administrative communications.
  • To monitor performance, troubleshoot issues, and debug product defects.
  • To detect, investigate, and prevent fraud, abuse, or unauthorized access.
  • To enforce our terms, resolve disputes, and comply with legal obligations.
  • To retain proof of user consent and authorization in an audit trail.
  • To send product updates or marketing messages if you opted in.

4. How We Disclose Your Personal Information

We do not sell your personal information and we do not share Gmail data for targeted advertising. We may disclose personal information in the following circumstances:

  • With service providers that help us host, secure, analyze, support, and operate the Services.
  • With Google when interacting with Gmail APIs on your behalf.
  • With Stripe and related payment partners to process purchases and billing events.
  • With vendors that help us detect fraud, secure systems, or investigate abuse.
  • When required by law, legal process, subpoena, or governmental request.
  • When reasonably necessary to protect rights, safety, users, or the Services.
  • In connection with a merger, financing, acquisition, bankruptcy, or sale of assets.

5. Gmail API Use and Restricted Data

Our use of Gmail data is subject to the Google API Services User Data Policy, including the Limited Use requirements where applicable. We access only the Gmail permissions necessary to provide the features you request, and we do not use Gmail data to train generalized advertising profiles or sell that data to third parties.

Google OAuth scopes we request

When you connect your Google account, we request the following permissions:

  • https://www.googleapis.com/auth/userinfo.email — to identify your Google account and link it to your Clear My Inbox account.
  • https://www.googleapis.com/auth/userinfo.profile — to display your name and profile image in the app.
  • https://mail.google.com/ — to analyze your mailbox, generate cleanup previews, and permanently delete emails you approve to reclaim storage space. Permanent deletion is required because messages in Trash still count toward your Google storage quota.

If you enable Inbox Protection or sender blocking features, we request one additional permission:

  • https://www.googleapis.com/auth/gmail.settings.basic — to create Gmail filters that automatically send messages from blocked senders to Trash. This permission is not requested during initial sign-in.

You can review every connected app tied to your Google account on your Google connected apps page.

6. How We Protect Your Personal Information

We maintain administrative, technical, and physical safeguards designed to protect personal information. These safeguards include encryption for sensitive credentials and tokens, HTTPS/TLS in transit, access controls, monitoring, and provider security controls. No system is perfectly secure, and we cannot guarantee absolute security.

7. How Long We Keep Your Personal Information

We keep personal information for as long as reasonably necessary to provide the Services, operate the business, prevent fraud, resolve disputes, and comply with legal obligations. Retention periods vary by data type.

  • OAuth tokens may be deleted after you revoke access, disconnect Google, or use the in-product account deletion flow.
  • Operational logs, cleanup history, and diagnostics may be retained for a limited period as needed for support and security.
  • Payment and tax records may be retained for the period required by law or accounting obligations.
  • Consent and authorization audit records may be retained indefinitely as a permanent compliance record, even if you request account deletion.

8. Your Rights and Choices

Depending on where you live and subject to applicable law, you may have rights to access, correct, delete, or receive a copy of certain personal information we hold about you, or to withdraw consent for certain processing.

  • Inside the app, the profile page includes Disconnect Google, which signs you out, deletes our local tokens, and asks Google to revoke this app's access.
  • The profile page also includes Delete account and app data so you can remove your account and deletable app data without contacting support.
  • You may review every connected app or revoke Gmail access through your Google connected apps page.
  • You may unsubscribe from marketing emails using the unsubscribe link in those emails.
  • Some records may be retained despite a deletion request where we have legal, security, fraud-prevention, payment, or compliance reasons to keep them, including consent, payment, and compliance records that we are required to retain.

To exercise your rights or ask questions, contact hello@clear-my-inbox.com. You can also review our public Help page for step-by-step account control instructions.

9. Children's Privacy

The Services are intended for adults and are not directed to children under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will take appropriate steps.

10. International Transfers

The Services are operated in the United States. If you use the Services from outside the United States, your personal information may be transferred to, stored in, and processed in the United States or other jurisdictions where our service providers operate, subject to applicable legal requirements.

11. Changes to This Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in the Services, law, or our practices. When we do, we will post the revised notice here and update the "Last updated" date above. Your continued use of the Services after the revised notice is posted means you accept the updated Privacy Notice.

12. Contact Us

Questions about this Privacy Notice or our privacy practices may be sent to hello@clear-my-inbox.com.