← Back to Heronbox

Privacy Policy

Last updated: April 23, 2026

Heronbox ("we", "us") is an AI-assisted email client for iPhone. This policy explains what data we collect, how we use it, and the choices you have. Contact: shmonin.kirill@gmail.com.

What we collect

• Email content. When you connect a mailbox, we fetch messages from the provider (Gmail, Outlook, or an IMAP host you specify) to display them in the app. Recent messages are cached on our servers so the app loads quickly and so background sync keeps up when your phone is asleep.
• OAuth tokens. For Gmail and Outlook connections we store the provider's access and refresh tokens, encrypted at rest with AES-256-GCM. We never see your password.
• IMAP credentials. For IMAP accounts we store your server password, encrypted at rest with AES-256-GCM. It is used only to connect to the provider you specify.
• Device identifier. The first time you open Heronbox, the app generates an anonymous account keyed to your device. We do not collect your Apple ID, phone number, or contacts.
• Push tokens. If you allow notifications, we store the APNs token Apple issues for your device so we can deliver push notifications.
• Diagnostic data. Crash reports and error traces via a third-party error tracker. Email bodies and subject lines are never included.

How we use your data

• Display. Showing your emails in the app is the primary purpose of all email data we hold.
• AI processing (Phase 2 and later). To produce summaries, smart cards, and reply drafts, Heronbox may send the text of a specific email to a third-party large-language-model provider (currently OpenAI and Anthropic) under their data-processing terms. No email content is used to train those providers' models. AI processing is opt-in for sent-email style learning.
• Notifications. We use APNs to deliver new-email banners and daily summaries; you can disable either in Settings.
• Abuse prevention. Rate limits and service logs are used to keep the service working.

Who we share it with

• Your email provider. Only to fetch and send mail on your behalf using the OAuth or IMAP credentials you grant.
• Cloud infrastructure. Our servers run on Railway (EU region) with PostgreSQL (Neon, EU), Redis (Upstash, EU), and object storage on Cloudflare R2. Push is routed through Apple APNs.
• LLM providers (Phase 2+). When AI features produce summaries, receipts, or drafts, the relevant message text is sent to OpenAI and/or Anthropic under their data-processing terms. Turn off AI features in Settings to disable this.
• Nobody else. We do not sell your data, run advertising, or share it with any other parties.

Your choices

• Disconnect accounts. Remove a connected mailbox from Heronbox Settings at any time. OAuth tokens are revoked with the provider and the cached data is deleted within 30 days.
• Delete your account. Request deletion by emailing shmonin.kirill@gmail.com. We honor deletion within 30 days.
• Export your data. A GDPR-compliant export endpoint ships with the v1 App Store release.
• Turn off AI. The AI pipeline is opt-in. Without it, the app still functions as a plain email client.

Security

All OAuth tokens and IMAP passwords are encrypted at rest with AES-256-GCM using a per-environment key that is held only in secret-management storage. Traffic between your device and our API is HTTPS-only. We use Cloudflare for DNS and edge routing.

Children

Heronbox is not directed to children under 13. We do not knowingly collect personal information from children under 13.

Changes to this policy

We'll post updates to this page. Material changes will be announced in the app before they take effect.

Contact

Questions: shmonin.kirill@gmail.com