Last updated: 21 Oct 2025
At The Inbox, we believe privacy isn’t optional — it’s a fundamental right. Our goal is to create a modern, respectful, and private email experience. We designed every part of The Inbox to ensure your data stays yours.
When you sign in using your Google Account, The Inbox requests limited access through Google OAuth to read, send, and manage your Gmail messages, and to access your Google Contacts for composing emails. We only request the minimum scopes required:
userinfo.email and userinfo.profile – to retrieve your basic account info (name, email, photo, user ID)gmail.modify, gmail.readonly, gmail.send – to fetch, draft, and send emails directly through Gmail’s secure APIcontacts.readonly and contacts.other.readonly – to show your contact suggestions when composing emailsThe Inbox’s use and transfer of information received from Google APIs strictly complies with the Google API Services User Data Policy, including the Limited Use requirements. We never use or share Google data for advertising or analytics.
The Inbox temporarily stores your access token (securely encrypted) to fetch your emails in real time — directly from Google’s servers. We may also store your Google ID, name, email address, and profile photo in our secure database to manage your session and personalize your experience.
This information is securely managed using Firebase, Google’s cloud platform. No email messages, attachments, or contact data are stored on our servers; they are fetched directly and shown to you in real time.
All communication between The Inbox and Google’s APIs is protected using HTTPS and OAuth 2.0. Your session tokens are stored in encrypted, HTTP-only cookies — inaccessible to client-side scripts or third parties.
The Inbox uses Google APIs to securely retrieve and send emails. By using The Inbox, you also agree to Google’s Privacy Policy.
The Inbox’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
You can disconnect The Inbox from your Google account at any time via your Google Account’s “Security” settings. Once disconnected, The Inbox immediately loses all access to your data.
We may update this Privacy Policy periodically to reflect changes in features, technology, or legal requirements. The latest version will always be available at theinbox.space.
If you have any questions or privacy concerns, please reach out at sendtohemendra@gmail.com. We’re committed to transparency and user trust.
© 2025 The Inbox. All rights reserved.