Privacy Policy

The Service is operated by the team behind EmailConverter.AI. For privacy-related requests, contact us at contact@emailconverter.ai from the email address associated with your account, so we can verify your identity.

Account and authentication. When you sign in (for example via magic link or other methods we support), we process identifiers such as your email address and authentication tokens as provided by our identity provider.

Content you provide. We process the information you enter or upload in the studio, such as template configuration, text, images, generated or exported email HTML, version history we store for templates, and—if you use it—Campaign planner graphs (nodes, edges, and titles). Do not submit special categories of personal data (for example health data) unless you have a lawful basis and our explicit agreement.

Read-only share links (Campaign planner).If you enable a public read-only link for a saved map, we store a secret token on that map record. Anyone who has the URL can view a read-only rendering of that map's structure without signing in. The shared view is designed to show the graph (for example template names on nodes), not full template HTML inside the studio preview. Treat share URLs like passwords: anyone with the link can view what the page displays.

Usage and technical data. Our hosting and API layers may produce server or application logs. We also write limited records to our database when certain API errors occur (for example endpoint path, error message, optional user id, and non-sensitive metadata) to diagnose failures.

Website analytics (Google Analytics 4). On the public marketing site and related pages, we may enable Google Analytics 4 (GA4) to collect aggregate statistics such as approximate location (region), pages viewed, session duration, and device/browser type. GA4 uses cookies or similar storage on your device. We do not use GA4 to show you third-party ads on our behalf, and we do not sell your personal information. Where required by law (for example in the EEA, UK, or Switzerland), we ask for your consent before loading GA4; until you accept, we only load cookies that are essential to operate the Service (such as authentication). You can change your mind later by clearing site data for our domain in your browser or contacting us for guidance. Our operators may also use GA4's reporting APIs with a separate service account for internal dashboards; that processing is described in our operator documentation.

Advertising pixels. We do not use third-party advertising pixels (for example Meta or Google Ads remarketing tags) in the shipped product. If we introduce them, we will update this policy and obtain consent where required before loading those technologies.

Payments. Payments are processed by our payment provider (typically Stripe). We receive limited billing metadata (for example subscription status, customer identifiers, and transaction summaries)—not your full card number.

Support and feedback. If you contact us or use feedback features, we process the content of your message and your contact details.

Unsubscribe / suppression. Where the Service records one-click unsubscribe or similar signals (for example to avoid re-sending to an address that opted out), we may store the recipient identifier or token needed to honor that request, as described in our product configuration and operator documentation.

• Provide, operate, and improve the Service, including templates, previews, exports, Campaign planner, optional share links, and AI-assisted features.
• Authenticate users, prevent abuse, enforce limits (such as usage or credits), and protect security.
• Process payments and subscriptions, issue receipts, and manage billing disputes.
• Communicate with you about the Service, important notices, and (where permitted) product updates.
• Comply with law, respond to lawful requests, and defend our legal rights.

Where the GDPR or UK GDPR applies, we rely on appropriate legal bases such as: performance of a contract (providing the Service you request); legitimate interests (security, reliability, product improvement, and limited operational logging, balanced against your rights); consentwhere required for non-essential cookies and similar technologies (for example Google Analytics 4 on the marketing site, when you choose "Accept analytics"); and legal obligation where applicable.

Some features use third-party AI services (for example OpenAI and/or Google Gemini, depending on how the product is configured) to suggest or generate copy variants. The prompts and context we send are limited to what is needed for that feature. Those providers process data under their own terms and privacy policies. AI output can be inaccurate or unsuitable for production; you remain responsible for reviewing content before use, especially in regulated industries.

We do not sell your personal information. We share data only as needed with:

• Supabase (or an equivalent stack you deploy) for authentication, PostgreSQL database, file storage for template images where enabled, and Row Level Security policies that scope data to your account.
• Stripe for payment processing; we receive billing status and identifiers, not your full card number.
• Resend (when configured) for transactional email such as test sends, contact or feedback messages, and related delivery headers.
• AI providers (for example OpenAI and/or Google) as described in the AI section above.
• Google (Analytics) when GA4 is enabled: Google processes aggregated usage data as described in Google's Privacy Policy. Google may process data in the United States and other countries.
• Other infrastructure (for example hosting and DNS) under contractual obligations appropriate to the role they perform.
• Payment processors to complete transactions you authorize.
• Professional advisors where required (for example auditors or lawyers).
• Authorities when we believe disclosure is required by law or necessary to protect rights, safety, or the integrity of the Service.
• Business transfers in connection with a merger, acquisition, or asset sale, with notice where required.

We retain information for as long as your account is active and as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods may vary by data category and jurisdiction. You may request deletion where applicable; some records may be kept where law requires.

We implement technical and organizational measures designed to protect personal data against unauthorized access, loss, or alteration. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

We and our subprocessors may process data in countries other than your own. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) for transfers from the EEA, UK, or Switzerland.

Depending on your location, you may have rights to access, correct, delete, or export your personal data; object to or restrict certain processing; withdraw consent where processing is consent-based; and lodge a complaint with a supervisory authority. To exercise these rights, contact contact@emailconverter.ai. We may need to verify your request.

You can control cookies through your browser settings. We use cookies and similar storage for authentication (for example Supabase session cookies) where required for sign-in. If a deployment enables a temporary access restriction, a short-lived httpOnly cookie may be set for authorized visitors who authenticate with a supplied access key; that cookie is not used for advertising.

When Google Analytics 4 is enabled, a first-party banner lets you choose Accept analytics or Essential only. Your choice is stored locally in your browser. See Website analytics above for what GA4 collects and how to withdraw consent.

The Service is not directed to children under 16 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have, contact us and we will take appropriate steps.

We may update this Privacy Policy from time to time. We will post the revised version on this page and update the "Last updated" date. Where changes are material, we will provide additional notice as appropriate (for example by email or in-product notice).

Questions about this Privacy Policy: contact@emailconverter.ai