Tiko Mail — How We Use Your Data

Last Updated: February 10, 2026

Company: Tundra AI Labs, Inc.

We believe in being transparent about how your data is handled. This page explains, in plain language, what we access, how we use it, and how we keep it safe.

1. What Data We Access

When you connect your Gmail or Outlook account, Tiko Mail accesses the following data to provide its core features:

  • Email metadata — subjects, senders, recipients, timestamps, and labels
  • Email content — message bodies, used for AI classification, summarization, and draft generation
  • Account info — your name and email address for display and sign-off in drafts

We do not store email content long-term. Email bodies are processed in real time to generate classifications, summaries, and drafts, then discarded. Only metadata like label assignments and preferences are persisted.

2. How We Process Your Email

Tiko Mail uses AI to classify, summarize, and draft responses to your emails. Here's how that works:

  • • Email content is sent to approved AI providers solely to generate the specific output you requested — such as a label, summary, or draft reply.
  • • These providers are contractually prohibited from retaining your data or using it for model training.
  • • We do not use your email data to train, fine-tune, or improve any AI models — ours or third-party.
  • • AI outputs are probabilistic. You should always review drafts and classifications before acting on them.

3. What We Store

Tiko Mail stores the minimum data needed to operate:

  • • User identifiers and email addresses
  • • Your preferences and settings (label toggles, auto-draft style, digest preferences)
  • • Label mappings (which labels exist in your provider account)
  • • Draft records (tracking which drafts were created, not the content)

All data is stored in Google Cloud SQL with encryption at rest using Google-managed encryption keys. OAuth credentials are securely managed by Clerk and never stored directly by our application.

4. Authentication & Access Control

Your security is built into the architecture:

  • No passwords — Tiko Mail does not manage passwords. You sign in through Google or Microsoft OAuth via Clerk.
  • Server-side enforcement — all access controls are enforced on our servers, never on the client. Every API request requires a valid session token.
  • Resource-level authorization — users can only access their own data. Privacy rules are enforced at the database query level.
  • Session tokens — we use secure, short-lived session tokens (not static API keys). Sessions are invalidated on logout.

5. Infrastructure & Security

Tiko Mail runs on Google Cloud with enterprise-grade protections:

  • Encryption everywhere — all data is encrypted in transit (TLS) and at rest
  • Secure deployments — automated CI/CD pipeline with reproducible builds. No manual deployments.
  • No debug modes in production — developer consoles and debug output are disabled
  • DDoS protection — Google Cloud's built-in rate limiting and denial-of-service protections
  • Regular backups — managed database backups with point-in-time recovery

6. Third-Party Services

We use a small set of trusted, vetted services. All are contractually required to protect your data:

  • Clerk — authentication and session management
  • Google Cloud — hosting, database, and infrastructure
  • AI providers — approved providers for classification, summarization, and drafting. Providers are contractually prohibited from retaining your data or using it for training.
  • Resend — transactional emails (welcome emails, daily and weekly digests)
  • Google Analytics & LogRocket — usage analytics and session recording for improving the product. Email content (subjects, bodies, and attachments) is not displayed in the Tiko Mail UI and therefore is never captured by these tools.

7. What We Don't Do

We want to be clear about what Tiko Mail will never do with your data:

  • • We never sell your data to anyone
  • • We never use your data for advertising or profiling
  • • We never train AI models on your identifiable data
  • • We never store email content beyond what's needed for immediate processing
  • • We never expose sensitive information like tokens or credentials in URLs
  • • We never use deprecated or insecure technologies (Flash, ActiveX, Java applets, LDAP, etc.)
  • • We never send emails on your behalf without your explicit action — auto-drafted replies are saved as drafts for your review

8. Your Control

You are always in control of your data and your Tiko Mail experience:

  • Revoke access anytime — disconnect Tiko Mail from your Google or Microsoft account permissions at any time
  • Toggle features — enable or disable auto-draft replies, daily digests, and weekly digests in your Preferences
  • Request deletion — email support@tikomail.com to request full data deletion at any time
  • Export your data — request a copy of your data by contacting support

9. Compliance

  • Google API Limited Use Policy — Tiko Mail fully complies with Google's requirements for apps that access Gmail data
  • Encryption — all data encrypted at rest and in transit
  • Access controls — least-privilege access enforced at the server and database level
  • Audit logging — operational logs record authentication and configuration events without logging sensitive data
  • Backups — managed database backups ensure data can be restored in a timely fashion

10. Learn More

For the full legal details, please see our Privacy Policy and Terms of Service. If you have questions about how we handle your data, contact us at support@tikomail.com.