Privacy Policy

1. What we collect

When you use Pop3Fetch we collect and store the following:

• Your Gmail address — used to identify your account
• Your Gmail OAuth token — used to deliver emails to your inbox via the Gmail API. Stored securely in our database.
• Your external email server credentials — IMAP/POP3 host, port, username, and password. Your password is encrypted using AES-256-GCM before storage and is never stored in plain text.
• Account settings — your plan, sync preferences, Gmail label names, and post-import action settings.
• Sync metadata — last sync time, last UID processed, connection error status. Used to operate the service.
• Payment information — handled entirely by Stripe. We store your Stripe customer ID and subscription ID but never see or store your card details.
• Request metadata — IP address, browser user-agent, and request timestamps captured by our infrastructure providers (Cloudflare for DNS/CDN, Google Cloud Logging for application logs). Used for security, rate-limiting, and operational diagnostics. Not used for user profiling, advertising, or sold to anyone.
• Marketing-site analytics. The public marketing site at pop3fetch.com uses Google Analytics 4 (property G-N0FWL3ZW95) to measure aggregate traffic patterns — page views, referral source, country, browser, approximate session duration. This data is collected before sign-up and is not linked to your Pop3Fetch account.
• App-side conversion analytics. The signed-in app at app.pop3fetch.com uses a separate Google Analytics 4 property (G-KVXW1LG24H) to measure two specific conversion events so we can attribute paid acquisition spend: free_signup_completed (fires once when a new user adds their first external account on /dashboard) and paid_conversion (fires on /success after a Stripe checkout completes). The app does not load Google Analytics on any other route, and we do not send page-view events from inside the app. Google Signals is disabled on both properties — no DoubleClick traffic, no demographics/interests reporting.
• Contact-form submissions. If you write to us via our contact page, Netlify Forms processes the submission (your name, email address, selected subject, and message text) and forwards it to our support inbox.

2. What we do NOT collect

• The content of your emails — emails pass through memory only during import and are never stored, logged, indexed, or analyzed
• Your Gmail password — we use OAuth, not your password
• Cross-site tracking data, advertising profiles, or any data sold to data brokers
• Any data from your existing Gmail inbox — we only add emails, never read what's already there

3. How we use your Gmail access

At sign-in you choose one of two access levels:

• Standard access (gmail.modify + gmail.labels) — used to import emails via messages.import, apply Gmail labels, and enable spam filtering and conversation threading.
• Limited access (gmail.insert + gmail.labels) — used to insert emails via messages.insert (write-only) and apply Gmail labels.

Regardless of which you choose, Pop3Fetch never reads, searches, modifies, or deletes any existing emails in your Gmail account. We use these permissions exclusively to deliver your imported emails.

You can revoke Gmail access at any time at myaccount.google.com/permissions.

4. Google API Services — Limited Use disclosure

Pop3Fetch's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. This disclosure applies to all Gmail data Pop3Fetch accesses, regardless of whether you selected Standard access (gmail.modify + gmail.labels) or Limited access (gmail.insert + gmail.labels) at sign-in.

• User-facing features only: We use Gmail data solely to deliver emails from your external POP3/IMAP inboxes into your Gmail account — the user-facing feature you signed up for.
• No transfer except for operation: We do not transfer Gmail data to third parties except to Google itself (to deliver your imported emails) and to our infrastructure providers (MongoDB Atlas for storage, Render for hosting) strictly to operate the service.
• No advertising use: Pop3Fetch displays no advertising and does not use Gmail data to serve advertisements.
• No human reading: Pop3Fetch staff do not read your Gmail data, with the narrow exceptions permitted by Google's policy: (a) with your explicit consent, (b) to investigate a specific security incident or user-reported abuse, or (c) where required by law.
• No AI or ML training: We do not use Gmail data to train artificial intelligence or machine learning models.

5. How we use your data

We use the data we collect solely to operate Pop3Fetch:

• Fetching emails from your external account on schedule
• Delivering those emails to your Gmail inbox
• Sending you connection failure alerts if your sync stops working
• Processing payments and managing your subscription via Stripe

We do not use your data for advertising. The only analytics we collect is (a) aggregate traffic measurement on the public marketing site at pop3fetch.com, and (b) two specific conversion events on the signed-in app at app.pop3fetch.com — first-account signup and successful checkout — used to attribute paid acquisition spend. Both are described in §1 and §6. We do not run page-view analytics inside the app and we do not link marketing-site analytics to your account.

6. Data sharing

We do not sell, rent, or share your personal data with third parties except as required to operate the service:

• Stripe — payment processing
• MongoDB Atlas — database storage (encrypted at rest, with continuous cloud backup)
• Render — hosting infrastructure (SOC 2 compliant)
• Google Cloud Logging — centralized log storage for application diagnostics. Logs include event metadata such as your account email but never contain your email passwords, OAuth tokens, or message content.
• Google Cloud KMS — key-management service that holds the master key used to encrypt your stored credentials. KMS sees only key material, never your data itself.
• Google (Gmail API + OAuth) — Gmail API access you authorize
• Cloudflare — DNS, CDN, and rate-limiting infrastructure (sees request metadata only)
• Netlify — marketing site hosting; Netlify Forms also processes contact-form submissions sent via /contact (your name, email, subject selection, and message). The signed-in app at app.pop3fetch.com is not hosted on Netlify and Netlify does not see authenticated user data.
• Google Analytics 4 — runs in two configurations on two different properties: Marketing site (G-N0FWL3ZW95) — page-view events, referral source, country, device/browser, approximate session duration, on pop3fetch.com only. Signed-in app (G-KVXW1LG24H) — two conversion events only (free_signup_completed and paid_conversion) on app.pop3fetch.com, used for paid-acquisition attribution. No page-view tracking inside the app. IP addresses are anonymized in transit on both properties. Google Signals is disabled on both, so no data flows to DoubleClick and no demographics/interests profiles are built. You can opt out at the browser level via Google's Analytics opt-out add-on or by enabling Do Not Track / Global Privacy Control in your browser.
• IONOS — outbound email service for failure-alert notifications (sees recipient address and notification text only)

We may disclose your data if required by law or to protect our legal rights.

Geographic processing. Pop3Fetch is operated from the United States. All sub-processors listed above process data primarily in the US. If you are in the EU or UK, your data is transferred to and processed in the US under standard contractual clauses or equivalent legal mechanisms.

7. Data retention and deletion

You can delete your Pop3Fetch account at any time from your dashboard. When you delete your account, we permanently and immediately delete all stored data including your encrypted credentials, OAuth token, sync history, and account settings.

Note: you must cancel any active paid subscription before deleting your account.

Application logs: Operational logs (request timestamps, your account email, error events, sync activity) are retained in Google Cloud Logging for up to 400 days, then automatically deleted. These logs do not contain your email passwords, OAuth tokens, or message content. Backups of our database are retained per the provider schedule (currently: daily snapshots for 7 days, weekly for 4 weeks, monthly for 12 months).

8. Your rights

Depending on where you live, you may have the following rights regarding your personal data:

• Access and export. You can view your account data from your dashboard at any time. To request a machine-readable export of all data we hold about you, use our contact page and select "Other" as the subject.
• Correction. You can update most account settings directly from the dashboard. For data you can't change in-product, contact us.
• Deletion. You can delete your account at any time from your dashboard. Deletion immediately removes your encrypted credentials, OAuth token, and account settings. Operational logs and database backups follow the retention windows in §7. If you have lost dashboard access, you may also request deletion by email.
• Revoke Google OAuth access at any time at myaccount.google.com/permissions. This immediately stops Pop3Fetch from accessing your Gmail.
• Object to or restrict processing. For users in jurisdictions where this right applies (notably the EU and UK under GDPR, and California under CCPA/CPRA), you can ask us to stop processing your data for specific purposes. Note that without active processing, the service can't function — in practice, exercising this right typically means deleting your account.
• Lodge a complaint with your local data protection authority. EU and UK users can find their authority via edpb.europa.eu.

To exercise any of these rights, use our contact page. We respond within 30 days as required by GDPR; we aim for much faster in practice.

9. Security

We take security seriously. See our Security page for full details. In summary:

• Independently assessed under Google's CASA Tier 2 — a third-party security review covering OAuth scope use, data handling, encryption, and incident response. See the Security page for details.
• External email passwords encrypted with AES-256-GCM. The encryption key is held in Google Cloud KMS, not stored alongside your data.
• Gmail access via OAuth — your Google password is never seen by us
• All data transmitted over HTTPS/TLS
• Database encrypted at rest on MongoDB Atlas, with continuous cloud backup
• Payments handled by Stripe — we never see card details

10. Cookies

App (signed-in users). The signed-in app at app.pop3fetch.com uses a first-party session cookie to keep you logged in, plus two first-party Google Analytics 4 cookies (_ga and _ga_KVXW1LG24H) that support the two conversion events described in §1 and §6. We do not use advertising cookies, retargeting pixels, or cross-site tracking on the app.

Marketing site (public visitors). The marketing site at pop3fetch.com sets two first-party Google Analytics 4 cookies (_ga and _ga_N0FWL3ZW95) to measure aggregate visitor traffic.

The Google Analytics cookies on both domains expire after two years. We do not use advertising cookies, retargeting pixels, or cross-site tracking on either domain. You can opt out via your browser's Do Not Track / Global Privacy Control setting, by installing Google's Analytics opt-out add-on, or by blocking the cookies in your browser settings.

11. Children's privacy

Pop3Fetch is not directed at children under 18. We do not knowingly collect data from children.

12. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email. Continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact

Questions about this Privacy Policy? Contact us via our contact page.