Privacy Policy
1. Introduction
Flowmail respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we handle your information when you use our application.
2. Data Access and Usage
Flowmail integrates with Microsoft 365 (globally known as Office 365 services) via the Microsoft Graph API. When you log in with your Microsoft account, you grant us permission to access your emails (read, send, and manage) as specified in the consent screen.
Crucially, Flowmail acts as a pass-through client. We do not permanently store your email content, contacts, or personal data on our own servers. The application runs in your browser and communicates directly with Microsoft's servers, or via a stateless proxy for authentication. Your session tokens are stored securely in your browser's cookies.
3. Authentication and Cookies
We use NextAuth.js for authentication. This process involves setting secure cookies on your device to maintain your session. These cookies are essential for the operation of the application and do not track your activity across other websites.
4. Third-Party Services
- Microsoft: As our primary data provider, your data is subject to Microsoft's privacy policy and terms of service.
- Cloudflare: Our application is hosted on Cloudflare Pages. Cloudflare may collect access logs and other network data for security and performance analysis.
- Vercel / Other Analytics: We may use anonymous analytics tools to understand how our application is being used and to improve performance.
5. Data Retention
Since we do not store your email data on our servers, there is no email data to retain or delete. You can revoke Flowmail's access to your Microsoft account at any time via your Microsoft account security settings.
6. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.
7. Contact Us
If you have any questions about this Privacy Policy, please contact us.