Canary takes your privacy seriously. The regulatory landscape governing privacy is undergoing significant change worldwide, and governments and consumers alike are demanding increased transparency and individual control. The EU’s General Data Protection Regulation (GDPR) is the latest and most profound example of this trend. Canary welcomes the arrival of the GDPR. The success of our company depends on maintaining the trust of our users and other stakeholders in our ability to deliver a secure and quality product. A summary of our GDPR-compliant policies for the benefit of our customers can be found below. You may find a full version of our policy here.
Personal Data We Collect
The information Canary accesses and collects depends on the way you use it. By default, Canary does not collect or store the content of your personal email messages, whether incoming or outgoing.
In order to function properly, Canary Mail for Mac and for iOS accesses your name, email address, credentials (such as OAuth access tokens for email servers which support them), and email content. All of this information is stored on your device and is never transferred to our servers.
The only scenario in which we will temporarily store this data is if users of Canary Mail for iOS choose to enable Push notifications when they receive email. In that case, Canary will temporarily store your email address, credentials, sender, subject line, and first line of the message on our server. All data is cleared from our server when notifications are disabled on Canary Mail for iOS or when a user switches from using Push notifications to Fetch mode, in which case all data is stored on the device.
How We Use Personal Data
We do use certain data we collect from you for internal purposes such as analyzing how Canary is used, diagnosing service or technical problems, and maintaining security. This includes information such as the marketing channel from which you learned about and downloaded Canary Mail, how often you use it, aggregated usage data, and other performance data.
Canary’s use of information received from Gmail APIs adheres to Google's Limited Use Requirements.
Reasons We Share Personal Data
As is true of most websites and apps, Canary uses the services of third parties to support its operation and maintenance. These include parties which provide services for usage analytics, hosting and backend infrastructure, infrastructure monitoring, and customer support. Some of these third parties gather only anonymized and aggregated data and are not granted access to personal data such as names, email addresses, and IP addresses. Users who do not wish to make their data available to third-party vendors can disable analytics in the in-app settings or choose not to use their features. We do not have special relationships with any of these service providers. Canary has also entered into Data Processor Agreements with its third-party service providers as necessary in order to ensure that they are under the same GDPR privacy obligations as Canary.
Access and Control of Your Personal Data
Canary provides its users with as much control over their data as possible. Users can connect Canary with a number of third-party services, such as Google Drive and Dropbox for uploading large files, Unsplash for a selection of background images, and Intercom for customer support. These are optional services which we have provided for our users’ convenience. Users can also choose to sync preferences, accounts, signatures, etc. across devices via their personal iCloud account. They can opt-in for this functionality and later opt-out and delete all data stored on iCloud at any time. Canary iOS users can instantly delete information stored to deliver Push notifications by disabling notifications or switching to Fetch.
Know your rights
Under the GDPR, if you are an EU citizen you have the right:
- to access your personal data
- to be provided with information about how your personal data is processed
- to have your personal data corrected
- to have your personal data erased in certain circumstances
- to object to or restrict how your personal data is processed
- to take any complaints about how we process your data to the Data Protection Authority in your country.
How to contact us
Owner contact email: info [at] canarymail.io