Email is one of the more sensitive things you own. It contains information about your relationships, your business, your finances, your thinking. When an AI product asks to read it, the question of what happens to that data is not a small concern.

We want to be specific about how Signate handles your email, because "we take privacy seriously" is something every company says and almost none of them explain.

What we actually read

When you connect Gmail to Signate, we request access to two things: your inbox and your sent mail. Inbox access is for the core function, reading incoming messages so we can classify them and draft replies. Sent mail access is for voice profiling, reading a sample of your sent messages to understand how you write.

We do not read archived mail, drafts, spam, or any folder beyond inbox and sent unless you explicitly configure a rule to include it.

What gets stored and what doesn't

Data type
What happens to it
Raw email content (inbox)
Processed in memory, then discarded. Not written to our database.
Raw email content (sent mail, for voice profiling)
Processed in memory, then discarded. Not written to our database.
Your voice profile
Stored in your account. Describes your writing style, not your email content. You can delete it any time.
Audit log entries
Sender, subject line, action type, timestamp. Retained for 90 days, then auto-deleted.
Account information
Name, email, auth credentials. Retained until you delete your account.

The distinction between the voice profile and the raw email content matters. What we store is the output of the analysis: a structured description of your writing patterns. Things like your typical greeting, your sign-off style, your average reply length, your formality level with different kinds of contacts. Not the actual text of your messages.

What we don't do

We don't train AI models on your data. Not ours, not Anthropic's. Anthropic's API terms prohibit using data submitted through the API for model training.

We don't sell your data. There are no third parties receiving your information for any purpose beyond running the service.

We don't build advertising profiles. There are no ads in Signate. There is no advertising business that would benefit from knowing things about you.

We do share data with the infrastructure providers that make the product work: Google for Gmail access, Anthropic for draft generation, Supabase for database hosting, and Stripe for billing. Each of them has their own privacy terms and none of them receive your raw email content beyond what is required to process a single request.

Why we built it this way

The architecture choice to not store raw email content was deliberate, and it cost us something. We could build better features with persistent email storage. We could let you search your history through Signate. We could improve voice profiling over time in ways we currently cannot.

We decided not to, because the risk to users is real and the trust required for this product to work is significant. People connect their actual Gmail accounts. They let the product send email on their behalf. That requires a level of trust that is hard to earn and easy to lose.

Processing email in memory and discarding it was the right call. It limits what we can build. We think that trade-off is worth it.

If you have questions about any of this, the full Privacy Policy is at signateapp.com/privacy, and you can reach us directly at hello@signateapp.com.