Secure and Compliant: Navigating Canary Mail’s Privacy Standards

At Canary Mail, our mission is to provide you and your team with the best possible email experience, prioritizing your privacy and security above all else. We ensure that your data is never sold or used for targeted advertising, and your emails remain strictly between you and your recipients.

We take your privacy seriously and adhere to the highest standards of security and compliance. Here’s how we protect your data:

HIPAA Compliance

We meet the rigorous standards set by the Health Insurance Portability and Accountability Act (HIPAA). This means that if you handle sensitive health information, you can trust that Canary Mail will keep it safe and secure.

GDPR Compliance

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that gives you control over your personal data. At Canary Mail, we comply with GDPR, ensuring that your privacy rights are respected and that you have transparency and control over your data.

CCPA Compliance

We adhere to the California Consumer Privacy Act (CCPA), which provides transparency about how we collect, use, and share your personal information. This compliance ensures that you have the right to know what information is collected about you and how it’s used.

SSL and TLS Security

We use Secure Sockets Layer (SSL) and Transport Layer Security (TLS) to encrypt your data. This encryption safeguards your information during transmission, ensuring that your emails and data are protected from unauthorized access.

OAuth2 Support

We support OAuth2 for adding accounts, offering a secure and efficient way to connect your email accounts without sharing your passwords. This modern authentication method provides an added layer of security for your email accounts.

Data Access and Storage

We are always clear about what data we collect and why. We won’t ask for more data than is needed to provide you with the service. We always delete your data once it’s no longer necessary.

Push Notifications and Cloud Sync

The only scenario in which we temporarily store your data is if you enable push notifications or use the Cloud Sync feature on Canary Mail for iOS or Android. For delivering push notifications, we temporarily store necessary information on our server, and data is deleted as soon as the notification is delivered. Similarly, data associated with Cloud Sync is cleared as soon as you disable it from your device(s).

Canary’s Copilot Feature

Our Copilot feature uses advanced machine learning (ML) technology to enhance your email experience. Personalized ML models are created, trained, and stored on your device, ensuring only you have access to your own models. We utilize models from top-tier providers for features like writing, summarizing, or replying to emails, but your data is not used to train or improve third-party models. If you do not wish to use AI features, you can toggle off Copilot via Settings.

Commitment to Privacy and Security

The information we collect is used solely to operate and maintain Canary Mail. We do not use cookies or similar technologies for interest-based advertising, nor do we extract data from your emails for tracking or advertising purposes.

We implement rigorous security measures to protect the integrity and confidentiality of your data, including data from Google services. All data is encrypted, ensuring your information remains secure.

For more detailed information, you can refer to our Privacy Policy: Canary Mail Privacy Policy.