Privacy Policy

1. Introduction

MailScoop is a Chrome extension designed to help users export email addresses they've interacted with in Gmail. This Privacy Policy explains what information we access, how it's used, how we protect it, and what control you have over it.

2. Information We Access

• Email Metadata: Includes only headers like “From”, “To”, and “Date”. No email content or attachments are accessed.
• Google Profile Info: Your email address, used for sign-in and verification.
• OAuth Access Token: Temporarily used to securely request Gmail metadata via Google’s APIs.

3. How We Use Your Data

• To extract email addresses and associated names from your Gmail metadata (header fields only).
• To allow you to export that list in CSV or JSON format.
• To locally store export preferences (e.g. format selection).

4. Data Protection Mechanisms for Sensitive Data

• We only request the gmail.metadata scope, which limits access strictly to email headers — not content or attachments.
• All data processing (including parsing headers and exporting) occurs locally on your device.
• OAuth 2.0 is used to authorize access securely via Google. Tokens are used temporarily and never stored.
• We do not store, transmit, or share your data with any server or third party.
• Access is sandboxed within the browser context — no external servers or databases are involved.

5. Data Sharing

We do not sell, rent, or share your data. Your information never leaves your device. All processing occurs in your browser.

6. Permissions Justification

• gmail.metadata: Required to extract “From” and “To” email addresses and Date from Gmail messages.
• identity: Required to identify the logged-in user via Google OAuth.
• storage: Required to save user export preferences and contact data temporarily on device.

7. User Controls & Data Deletion

• You may uninstall the extension at any time to remove all locally stored data.
• You can revoke OAuth access from your Google Account's Permissions page.
• No data remains after uninstalling unless you have exported it manually.

8. Updates to This Policy

We may update this Privacy Policy from time to time. Users will be notified of significant changes via the extension UI or our official site.

9. Sensitive Data Handling and Protection

• MailScoop accesses sensitive data including Gmail metadata (header fields like "From", "To", and "Date") and basic user profile information (email address) for authentication and functionality.
• OAuth 2.0 is used for secure, temporary authentication. Tokens are held in memory and are never stored, logged, or transmitted.
• All metadata processing (email extraction and export generation) is performed entirely within the user’s browser.
• We do not access email content or attachments under any circumstance.
• Exported data is only saved locally by the user and never transmitted to our servers (we do not operate any backend servers).
• Users can revoke access at any time through their Google Account permissions page.
• Security Procedures: We implement standard security measures to protect your data, including limiting access to only the required fields, in-memory token handling, and content security policies enforced by the browser.
• Encryption: Communication with Google's services is encrypted via HTTPS/TLS. OAuth tokens are securely transmitted and used only during the session.
• Security procedures are in place to protect the confidentiality of your data
• We use encryption to protect your information

10. Contact

If you have questions or concerns about this Privacy Policy, feel free to contact us at:hello@prajeesh.dev.