This Privacy Policy explains how Signate ("we," "us," or "our") collects, uses, and protects your information when you use our service at signateapp.com. By using Signate, you agree to the practices described here.
Account information. When you create an account, we collect your email address, name, and authentication credentials (password hash or OAuth token). If you sign in with Google, we receive your Google account email and display name.
Voice profile data. To build your voice profile, Signate analyzes a selection of your sent emails (up to 80 messages). We extract structural and stylistic patterns from these messages including formality level, reply length, greeting and sign-off phrases, punctuation habits, and tone. The raw email content is processed in memory and is not stored long-term. The output is a structured voice profile description, which is stored in your account.
Inbox activity. While Signate is active, we read incoming emails in your Gmail inbox to classify, draft responses, and determine whether auto-send or review is appropriate. We also send emails on your behalf when you approve them. All actions are logged in your audit log.
Usage and billing data. We collect information about how you use Signate, including reply counts, queue activity, and subscription status. Payment is processed by Stripe. We do not store your payment card details.
We use your information to:
We do not use your email content or voice profile to train general AI models. We do not sell your data to third parties. We do not send you marketing emails without your explicit consent.
Raw email content is processed in memory to build your voice profile and to generate reply drafts. It is not written to our database. Once processed, it is discarded.
Your voice profile (a structured text description of your writing style) is stored in your account for as long as you have a Signate account. You can delete it at any time from your account settings.
Audit log entries (timestamps, action type, recipient, and subject line) are retained for 90 days and then automatically deleted.
Account information is retained until you delete your account. After deletion, all account data is permanently removed within 30 days.
Signate connects to your Gmail account using Google's official OAuth 2.0 protocol. We request only the permissions required to read your inbox, read your sent mail for voice profiling, and send emails on your behalf when you approve them.
Your Gmail OAuth access token is stored encrypted at rest. We do not access your Gmail for any purpose other than the core functionality described in this policy.
You can revoke Signate's access to your Gmail at any time by visiting your Google Account permissions page or by disconnecting from your Signate account settings. Revoking access immediately stops Signate from reading or sending any email.
Signate is built on the following third-party infrastructure:
We take reasonable technical and organizational measures to protect your information. This includes:
No system is perfectly secure. If you believe your account has been compromised, contact us immediately at hello@signateapp.com.
You have the right to:
If you are located in the European Economic Area, UK, or California, additional rights may apply under GDPR or CCPA. Contact us at hello@signateapp.com to exercise any of these rights.
Signate is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If we learn that we have done so, we will delete the information promptly.
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top and, for material changes, notify you by email or by a notice in the application. Continued use of Signate after changes take effect constitutes acceptance of the updated policy.
If you have questions or concerns about this Privacy Policy or how we handle your data, please reach out:
© 2026 Signate. All rights reserved.