← Back to Dashboard

Privacy Policy

Last updated: May 25, 2026  |  App: Mail by GPSERP

1. Introduction

Welcome to Mail by GPSERP (https://mail.gpserp.com), an AI-powered email outreach and inbox automation platform owned and operated by GPSERP. We are deeply committed to protecting your personal data, respecting your privacy, and ensuring clear transparency regarding our data handling practices.

This Privacy Policy describes how we collect, use, store, share, and protect your information when you connect your Google Account and use our platform. By accessing or using Mail by GPSERP, you agree to the practices outlined in this policy.

2. What Google User Data We Collect

When you authenticate with our app using secure Google OAuth, we collect and process only the minimum necessary Google user data to perform our core email automation services. Specifically, we access:

  • Google Account Profile Information: your name, email address, and profile photo (retrieved via secure Google OAuth scopes openid, email, and profile).
  • Gmail Access Permissions: We request secure integration via the https://www.googleapis.com/auth/gmail.send scope. This integration allows us to:
    • Draft and send personalized outreach campaigns on your behalf.
    • Upload, process, and transmit attachments included in your outgoing emails.
  • Authentication Credentials: Google OAuth access tokens and refresh tokens necessary to maintain secure, authorized communication with Google APIs on your behalf.

3. How We Use Your Google User Data

We process and use your Google user data and Gmail contents strictly to provide, maintain, and improve the user-facing functionality of Mail by GPSERP:

  • To authenticate your identity securely and maintain your active dashboard session.
  • To construct and format personalized email drafts using recipient data and personalization fields provided by you.
  • To automatically transmit and dispatch your approved email campaigns directly from your Gmail account.

We do NOT use Google user data or Gmail contents for any other purposes, including marketing, profiling, behavioral tracking, or displaying third-party ads.

4. Data Sharing, Transfer, and Selling Restrictions

We enforce absolute restrictions on sharing and transferring your personal data:

  • No Selling of Data: We do NOT sell, trade, rent, lease, or distribute your Google user data, email contents, or personal information to any third parties, data brokers, advertising networks, or external entities under any circumstances.
  • Strict Transfer Limitations: We do not transfer Google user data to third parties, except as strictly necessary to provide or improve the core user-facing functionality of our application (specifically, transmitting email payloads through the Google Gmail API to send them), or when required under applicable laws.
  • Generative Processing: To write email drafts and generate reply suggestions, selected email contexts are securely processed via secure generative API integrations. This data is transiently processed and is never saved, stored, or utilized to train, refine, or develop generalized, consumer-facing artificial intelligence or machine learning models.

5. Google API Services — Limited Use Disclosure

Mail by GPSERP's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically: Data obtained from Google APIs is used strictly to provide the email automation interface and is never utilized to develop, refine, or train generalized, consumer-facing AI/ML models.

6. Data Protection and Security Mechanisms

We implement comprehensive technical and organizational security measures to protect your sensitive Google user data:

  • Encryption in Transit: All communication between your browser, our servers, and Google APIs is strictly encrypted using industry-standard secure transfer protocols (HTTPS/TLS).
  • Encryption at Rest: Sensitive integration credentials, including Google OAuth access and refresh tokens, are securely stored inside our database environment utilizing industry-standard data encryption algorithms.
  • Secure Session Handling: Session state verification and authentication are managed securely via cryptographic controls to prevent unauthorized access.
  • Database Access Controls: Access to our secure database environment is heavily restricted, monitored, and limited to essential operations required to maintain the platform.

7. Data Retention and Deletion Policy

We retain your data only for as long as is necessary to provide you with the Mail by GPSERP email automation services:

  • Authentication Credentials: Your secure Google OAuth credentials are retained as long as your integration remains connected. You can instantly and permanently delete these credentials from our servers by signing out of the application or disconnecting your Gmail account.
  • Campaigns & Drafts: Campaign details and generated drafts are securely stored in your user account to display historical stats on your analytics dashboard. You can request the permanent deletion of specific campaigns, drafts, or your entire database history at any time by contacting us at support@gpserp.com.

8. Your Rights and Access Revocation

You maintain full ownership and control over your Google integrations. You may disconnect your Gmail account or completely revoke our platform access at any time through your Google Security Permissions Console.

Upon revocation, Mail by GPSERP immediately and permanently loses all access to your Google Account and Gmail contents, and all stored OAuth credentials will be rendered obsolete.

9. Contact Us

If you have any questions, feedback, or concerns regarding our privacy practices, security protocols, or data handling policies, please reach out to us:

support@gpserp.com
Home·Terms of Service
Mail by GPSERP © 2026