Privacy Policy

NeverSpam, Inc. ("NeverSpam," "we," "us," or "our") respects your privacy. This Privacy Policy explains what information we collect when you use our website at neverspam.com, the application at app.neverspam.com, and related services (collectively, the "Service"), how we use and protect that information, and the choices available to you. By using the Service, you agree to the practices described here.

1. What We Collect

We collect the minimum information needed to run the Service.

• Account data. Your name, email address, organization (tenant) name, hashed password, and timezone. Used to create and authenticate your account.
• Sending-account credentials. For SMTP/IMAP: hostname, port, username, and password. For Google: an OAuth refresh token scoped to https://mail.google.com/. For Instantly: an API key. All credentials are encrypted at rest before they touch the database (see Section 3).
• Warmup templates. The subject lines, body content, and merge-field structure of templates you paste into NeverSpam, so we can warm exactly that content against the seed pool.
• Sending and delivery logs. Per-send records: timestamp, sender, seed recipient, message ID, folder placement (inbox / spam / promotions), open and reply events, and bounce status. Used to compute deliverability metrics and to keep the seed pool clean.
• Billing data. When you subscribe, our payment processor (Stripe) collects and stores your payment-method details. NeverSpam never sees or stores full card numbers. We retain only the Stripe customer ID, subscription ID, plan, status, and invoice metadata.
• Operational logs. Server-side request logs (URL, status, latency, IP address, user-agent) retained for thirty (30) days for debugging and abuse prevention.

We do not read, index, or train any model on your real inbox contents. The only message data we touch is (a) the warmup template you paste in and (b) the warmup messages we send and look up in seed folders to determine placement.

2. How We Use It

• Provide the Service. Authenticate accounts, render dashboards, schedule and dispatch warmup sends, compute placement reports, and surface diagnostics.
• Bill and account for usage. Charge subscriptions, send invoices, and honor cancellations.
• Communicate. Send transactional email (verification, password reset, payment receipts, security notices) and occasional product email you can opt out of.
• Improve and secure the Service. Investigate bugs, detect abuse, and harden the system.
• Comply with law. Respond to subpoenas, court orders, and other legal process.

3. Storage & Encryption

The application and database are hosted on Heroku in the US East region (Virginia, U.S.A.). Postgres backups run daily and are retained for seven days.

Sensitive customer secrets — SMTP/IMAP passwords, Google OAuth refresh tokens, and third-party API keys — are encrypted at rest using AES-256-GCM before being persisted. Encryption keys are held in environment variables on Heroku and never written to the database. Connections to the Service are protected in transit by TLS 1.2+.

4. Sharing & Sub-processors

We do not sell your personal information. We share it only with the sub-processors we need to operate the Service:

• Heroku (Salesforce). Application hosting and Postgres database.
• Stripe. Payment processing, subscription management, customer portal. Stripe's privacy policy governs its handling of payment-method data.
• SendGrid (Twilio). Transactional email (account verification, password reset, billing receipts). SendGrid does not see your warmup content.
• Google. When you connect a Gmail or Workspace account, Google issues us an OAuth refresh token. We use it solely to send warmup messages and check folder placement for that account. Use of Google APIs is subject to Google's API Services User Data Policy, including the Limited Use requirements.
• Plausible Analytics. Cookie-less, EU-hosted analytics for the marketing site only. Plausible does not set cookies and does not collect personal information.

We may disclose information when required by law, to enforce our agreements, or to protect the rights, property, or safety of NeverSpam, our customers, or others. In the event of a corporate transaction (merger, acquisition, asset sale), customer data may be transferred to the successor entity, subject to the protections of this Privacy Policy.

5. Cookies & Tracking

The application at app.neverspam.com uses a single first-party session cookie to keep you signed in. We do not use third-party advertising cookies, behavioral-tracking pixels, or cross-site identifiers. The marketing site at neverspam.com uses Plausible Analytics, which is cookie-less and does not fingerprint visitors.

6. Your Rights

Depending on where you live, you may have rights under the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), or similar laws, including:

• the right to access the personal information we hold about you;
• the right to correct inaccurate or incomplete information;
• the right to request deletion of your information, subject to legal retention obligations;
• the right to export your information in a portable format;
• the right to object to, or restrict, certain processing;
• the right not to receive discriminatory treatment for exercising these rights.

To exercise any of these rights, email privacy@neverspam.com. We respond within thirty (30) days. We do not sell or share personal information for cross-context behavioral advertising, so there is no "Do Not Sell or Share My Personal Information" mechanism to invoke — but if you want to confirm, just email us.

7. Data Retention

We retain account data for as long as your account is active and for a reasonable period afterward to satisfy legal, accounting, and operational obligations. Specifically:

• Sending and delivery logs: 180 days from creation.
• Warmup templates and sending-account credentials: deleted within 30 days of account deletion.
• Server request logs: 30 days.
• Invoice and tax records: 7 years (legal retention).
• Backups: rolling 7-day window; deleted backups are not recoverable after that window.

8. International Transfers

The Service is hosted in the United States. If you access the Service from outside the U.S., your information is transferred to and processed in the United States, which may have different data-protection laws than your jurisdiction. Where required, we rely on the Standard Contractual Clauses adopted by the European Commission and the UK Information Commissioner's Office to safeguard transfers of EEA and UK personal data.

9. Children

The Service is not directed at children under sixteen (16). We do not knowingly collect personal information from anyone under that age. If you believe a minor has provided us information, contact privacy@neverspam.com and we will delete it.

10. Security

We use commercially reasonable administrative, technical, and physical safeguards to protect your information, including TLS in transit, AES-256-GCM at rest for credentials, role-based access control on the engineering team, mandatory MFA on production systems, and audit logging of admin actions. No system is perfectly secure; we cannot guarantee absolute security and we encourage you to use a strong, unique password and to enable two-factor authentication on your account.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If we make a material change, we will notify you by email or by posting a prominent notice in the Service before the change takes effect. The "Last updated" date at the top of this page reflects the most recent revision.

12. Contact

Questions about this Privacy Policy, requests to exercise your rights, or general privacy concerns:

NeverSpam, Inc.
privacy@neverspam.com
For general support: support@neverspam.com