MailLens is an AI-powered email analysis tool. This notice explains what data we collect,
how we use it, and what rights you have over it. We've written it in plain language — no legal
jargon where we can avoid it.
What we collect
Email content — the email text you paste into MailLens for analysis. This is sent to the Anthropic API for processing and stored alongside the analysis result.
Analysis results — the summary, urgency rating, action items, tone scores, and suggested reply generated by the AI.
Account email address — collected at sign-in for authentication. We use Supabase Auth with magic-link email for this.
We don't collect browser fingerprints, IP addresses beyond what a standard web server logs, or any data you don't explicitly provide.
How we use it
AI analysis — your email content is sent to the Anthropic Claude API to generate a structured analysis. This is the core function of the service.
History — analysis results are stored so you can review and refer back to past analyses.
Authentication — your email address is used to send a sign-in link and identify your account. It is not used for marketing.
We do not use your data for advertising, profiling, or training our own models.
Where it's stored
Analysis history — stored in a Supabase PostgreSQL database hosted in the EU (Ireland, eu-west-1) and US (us-east-1 depending on configuration).
Authentication data — managed by Supabase Auth, hosted in the same region as the database.
Email content sent for analysis — transmitted to the Anthropic API over TLS. Anthropic does not retain API-submitted data for model training by default.
All data is transmitted over HTTPS/TLS. Your analysis history is protected by Row Level Security — only your account can access your records.
How long we keep it
Analysis history — analyses are automatically deleted after 90 days. You can also clear your history at any time from within the app.
Account data — your email address and authentication record are kept for as long as your account is active. If you close your account, all associated data is deleted.
Who can see it
Only you — your analysis history is scoped to your account and cannot be accessed by other users. Row Level Security is enforced at the database level.
Us (MailLens) — as operators we have administrative access to the database for support and maintenance purposes. We do not browse user content.
We never sell your data to third parties, data brokers, or advertisers.
Third parties
We use the following sub-processors to provide the service:
Anthropic — processes email content you submit for AI analysis.
Anthropic's API usage does not use your data to train models.
See anthropic.com/privacy.
Supabase — database and authentication provider. Your account and analysis data is stored on Supabase infrastructure.
See supabase.com/privacy.
Resend — email delivery service used to send magic-link sign-in emails. Only your email address is passed to Resend for this purpose.
See resend.com/privacy.
Your rights (GDPR)
If you are in the European Economic Area or UK, you have the following rights under GDPR:
Access — you can request a copy of all personal data we hold about you.
Deletion — you can delete your analysis history directly from the app at any time. To delete your account entirely, contact us and we'll remove all associated data within 30 days.
Portability — you can request an export of your data in a machine-readable format.
Correction — if any data we hold about you is inaccurate, you can request a correction.
Objection — you can stop using the service at any time. There is no lock-in.
To exercise any of these rights, contact us at the email address below. We will respond within 30 days.
Contact
For privacy-related questions, data requests, or to close your account:
[email protected]
We take privacy seriously and aim to respond to all requests within 5 business days.