Last updated June 6, 2026

Privacy Policy

EmailMassa uses limited account, campaign, and tracking data to provide the extension. We do not sell personal data or store your Gmail password.

1. Data we process

Your connected Google account email, name, and profile image.
Recipient addresses and imported fields that you provide for a campaign.
Campaign counts, schedules, and open or click events when tracking is enabled.
License status, purchase reference, access period, and payment confirmation metadata.
Technical error and security logs needed to operate the service.

2. Data we do not request

EmailMassa does not request permission to read your inbox and does not receive your Google password. Payment card details are entered on Stripe and are not stored by EmailMassa.

3. Google API permissions

gmail.send: sends a message only after you start a campaign.
gmail.labels: creates EmailMassa labels in your Gmail account.
drive.file: accesses only Google Drive files you select or create for use with EmailMassa.
userinfo.email and userinfo.profile: identifies the connected account and displays account information.

Our use of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.

4. How data is used

We use data to send campaigns you initiate, personalize messages, manage schedules and suppression, display campaign results, verify Premium access, prevent abuse, and maintain service reliability.

5. Service providers

Google: authentication, Gmail sending, and selected Drive or Sheets access.
Stripe: secure processing of one-time Premium payments.
Cloudflare: hosting for billing, license, tracking, and related service endpoints.
GitHub Pages: hosting for public product and policy pages.

6. Retention

Account and license records are retained while needed to provide access and support purchases. Tracking events may be retained for up to 12 months. Operational error logs may be retained for up to 30 days. Suppression and unsubscribe records may be retained as needed to prevent unwanted email.

7. Security

Data is transmitted over HTTPS. Google authentication uses OAuth. Access to production services is restricted, and payment card details are handled by Stripe.

8. Your choices

You can disable tracking options, revoke EmailMassa access from your Google account, uninstall the extension, or request access, correction, or deletion of applicable personal data.

9. Contact

Privacy requests may be sent to suporte@emailmassa.com.br.