Canary takes your privacy seriously. The regulatory landscape governing privacy is undergoing significant change worldwide, and governments and consumers alike are demanding increased transparency and individual control. The EU’s General Data Protection Regulation (GDPR) is the latest and most profound example of this trend. Canary welcomes the arrival of the GDPR. The success of our company depends on maintaining the trust of our users and other stakeholders in our ability to deliver a secure and quality product. A summary of our GDPR-compliant policies for the benefit of our customers can be found below. You may find a full version of our policy here.
The information Canary accesses and collects depends on the way you use it. By default, Canary does not collect or store the content of your personal email messages, whether incoming or outgoing.
In order to function properly, Canary Mail for Mac, iOS, and Android accesses your name, email address, credentials (such as OAuth access tokens for email servers which support them), and email content. This information is stored on your device and is never shared with 3rd parties. We may store your email address in order to contact you regarding important security and / or product updates.
The only scenario in which we will temporarily store this data is if users of Canary Mail for iOS or Android choose to enable Push notifications when they receive email. In that case, Canary will temporarily store your email address, credentials, sender, subject line, and first line of the message on our server. Data associated with a specific email is deleted as soon as the notification for that email is delivered to your device. All data is cleared from our server when notifications are disabled on Canary Mail for iOS or Android or when you switch from Push to Fetch mode, in which case all data is stored locally only and new emails are fetched directly from your device.
We do use certain data we collect from you for internal purposes such as analyzing how Canary is used, diagnosing service or technical problems, and maintaining security. This includes information such as the marketing channel from which you learned about and downloaded Canary Mail, how often you use it, aggregated usage data, and other performance data.
Canary’s use of information received from Gmail APIs adheres to Google's Limited Use Requirements.
As is true of most websites and apps, Canary uses the services of third parties to support its operation and maintenance. These include parties which provide services for usage analytics, hosting and backend infrastructure, infrastructure monitoring, and customer support. Some of these third parties gather only anonymized and aggregated data and are not granted access to personal data such as names, email addresses, and IP addresses. Users who do not wish to make their data available to third-party vendors can disable analytics in the in-app settings or choose not to use their features. We do not have special relationships with any of these service providers. Canary has also entered into Data Processor Agreements with its third-party service providers as necessary in order to ensure that they are under the same GDPR privacy obligations as Canary.
Canary provides its users with as much control over their data as possible. Users can connect Canary with a number of third-party services, such as Google Drive and Dropbox for uploading large files, Unsplash for a selection of background images, and Intercom for customer support. These are optional services which we have provided for our users’ convenience. Users can also choose to sync preferences, accounts, signatures, etc. across devices via their personal iCloud account. They can opt-in for this functionality and later opt-out and delete all data stored on iCloud at any time. Canary iOS or Android users can instantly delete information stored to deliver Push notifications by disabling notifications or switching to Fetch.
Under the GDPR, if you are an EU citizen you have the right:
Your information is controlled by Mailr Tech LLP. You may direct any questions regarding this policy to: info [at] canarymail.io.