๐1. Service Description
Mail Potter is an AI email assistant service provided through LINE. The service connects to your Gmail account to automatically analyze emails from the past 24 hours at designated times, sending categorized morning reports (Promotions, Important, Action Required, etc.) via LINE, and providing AI-drafted reply suggestions to help you manage emails efficiently.
๐2. Google Data Access & Scopes
This service requests the following Google OAuth 2.0 scopes:
| Scope | Purpose Description |
|---|---|
| gmail.readonly | Read email lists, subjects, and content (sender, summary, body) for AI classification and morning report generation. |
| gmail.modify | Perform email actions you actively trigger, such as marking as read, moving to trash, or archiving. |
๐3. Data Collection & Usage
- Email Metadata (Collected): Stores Gmail Message IDs, subjects, senders, timestamps, AI classification results, and summaries for generating morning reports and reply suggestion caches.
- Email Body (Transient): Email bodies are processed only in memory during analysis (sent to Google Gemini API for classification/summary/reply generation) and are not written to any database or persistent storage.
- OAuth Tokens: Gmail OAuth access and refresh tokens are stored encrypted on the server side (not passed to the frontend or third parties) and are used solely to access Gmail on your behalf.
- LINE User ID: Used to identify your account and send personalized morning reports; not shared with external systems.
- AI Analysis (Google Gemini): Email summaries and body snippets are sent to the Google Gemini API for classification and reply suggestion generation. Data usage by the Gemini API is governed by the Google Privacy Policy.
๐ค4. Data Sharing & Third Parties
- Your Gmail data is never sold, rented, or provided to advertisers or unrelated third parties.
- Data may be shared in the following circumstances:
- Google Gemini API: Email snippets (excluding full emails) used for AI analysis, protected by Google's privacy policy.
- LINE Messaging API: Morning reports and AI suggestions sent to you via LINE.
- Legal Requirements: When disclosure is required by court order or law.
๐๏ธ5. Data Retention & Deletion
- Email metadata caches have a short TTL (Time To Live) and are automatically cleared upon expiration.
- You can use the "Disconnect" feature within the service at any time to delete all personal data and OAuth tokens stored by the service.
- You can also revoke Gmail access directly on the Google Account Permissions page.
- Deletion requests are processed within 72 hours.
๐6. Security
- OAuth tokens are stored encrypted on the server, and all transmissions use HTTPS/TLS.
- We apply for the minimum Gmail scopes required for service features (Principle of Least Privilege).
- Server access logs do not record email body content.
๐ถ7. Children's Privacy
This service is not directed at children under 13, and we do not knowingly collect personal data from children. If you discover a minor is using the service, please contact us via the information below, and we will immediately delete the relevant data.
๐8. Policy Changes
In the event of significant changes to this Privacy Policy, we will notify you via LINE or by updating the "Last Updated" date on this page. Continued use of the service constitutes acceptance of the updated policy.
๐ฌ9. Contact Us
If you have questions about this Privacy Policy or need to exercise your data deletion/revocation rights, please contact: