Privacy Policy for BoostMailAI Chrome Extension

Effective Date: June 19, 2025
1. Who We Are

BoostMailAI is a Chrome extension developed and maintained by AskManyAI. It helps users draft, enhance, and send emails in Gmail using on-device or user-selected AI language models.
Contact: [email protected]

2. What Data We Access

BoostMailAI accesses only the information strictly required to enhance your Gmail experience:

• When you click “Send,” we temporarily access the current draft’s subject, body, and recipient fields to improve or send the email.

• Using standard Google OAuth scopes (openid, profile, and email), we retrieve your name, email address, and avatar to identify the signed-in user.

• Your extension settings (e.g., preferred AI model, temperature) are stored locally in your browser.

3. How We Process Your Data

1. 1. Local-first Processing

      • By default, all email content is processed only by a local Ollama instance running on your machine (http://localhost:11434).

      • No email content leaves your device unless you change providers in the Settings menu.

      Optional Cloud Providers

      • If you manually select a cloud-based provider (e.g., OpenAI, xAI), the selected text is sent directly from your browser to that provider’s API via HTTPS.

      • BoostMailAI does not proxy, store, or log this content. We do not operate any backend servers.

      Cloud provider privacy policies:

      • OpenAI Privacy Policy

      • xAI Privacy Policy

      By enabling a cloud provider, you explicitly consent to the transmission of selected content to that provider.

       

4. Storage & Retention

• Processed text is stored only in your browser’s memory and the active Gmail draft.

• OAuth tokens and preferences are stored using Chrome’s storage.local and never leave your device.

5. Data Sharing & Disclosure

We do not sell, rent, or disclose your personal information.
The only third parties that may receive data are AI providers you explicitly select in your Settings. Their handling of your data is governed by their respective privacy policies.

5. Security Measures

• • We use Chrome Manifest V3 and the minimum required Google OAuth scopes, such as gmail.compose.

  • All external requests to cloud APIs are encrypted using HTTPS/TLS 1.2+.

  • No backend servers are used—removing a major attack surface.

  • We routinely review dependencies and follow secure-coding best practices.

6. Your Choices & Rights

• • Local-only mode: Keep the provider set to “Ollama (local)” to ensure your email content never leaves your computer.

  • Revoke access: You can revoke permissions at any time via your Google Account → Security → Third-party access.

  • Uninstalling: Removing the extension from Chrome deletes all locally stored data we control.

  • Access & Corrections: For questions or corrections, email [email protected]
    
    

Additional Rights for EU, UK, and California Users

If you’re a resident of the EU, UK, or California, you may have additional rights under GDPR or CCPA, including:

• Right to access, correct, or delete your data

• Right to data portability

• Right to restrict or object to data processing

Since we do not store personal data on our servers, most of these rights are fulfilled by uninstalling the extension or revoking access.

7. Children’s Privacy

BoostMailAI is not directed to children under 13, and we knowingly collect no information from them.

8. Updates to This Policy

We may update this Privacy Policy from time to time. We will notify users of any significant changes via the extension interface or a version update notice.

9. Compliance with Google API Services User Data Policy

BoostMailAI complies with the Google API Services User Data Policy, including the Limited Use requirements. We do not store, share, or use Gmail or Google user data for any purpose other than explicitly required to provide the extension’s core functionality, and only as initiated by the user.