Emuinbox Privacy Policy

Effective Date: 2025-05-29
Website: www.emuinbox.com

Emuinbox is committed to protecting your privacy and data security. This Privacy Policy explains how we collect, use, share, and protect your information, and ensures compliance with regulations in Australia, the EU, the US, and China.

1. Information We Collect

1.1 Account & Authentication Info

Username, email address
Login credentials (e.g., OAuth Token)
Login history and access logs

1.2 Email Processing Data

Email metadata (sender, subject, timestamp)
Email content cached temporarily, not persistently stored

1.3 Operation & System Logs

User actions (sending, reading, categorizing emails)
User preferences and signature settings

2. How We Use Information

Enable multi-user access to public mailboxes
Provide email viewing, replying, categorizing, and signing features
Manage senders and internal communication records
Maintain systems and improve services
Ensure legal compliance and auditing

3. Data Storage & Server Location

We use AWS data centers located in Australia.

Temporary Email Caching

Email content is cached only temporarily during user operations, not permanently stored.

4. Cross-border Data Transfers

By using our service, you consent and authorize the transfer of data to Australian servers. We ensure compliance with applicable data laws.

Region	Compliance
EU	GDPR, SCCs, user consent
China	Separate consent, legal purpose
USA	CCPA, no data selling
Australia	Privacy Act & APPs compliance

5. Third-party Services

Provider	Purpose	Data Type
AWS	Storage & compute	All processed data
OAuth Providers	Authentication	Token & identity info

6. Your Rights

EU Residents (GDPR)

Access, correct, delete, restrict processing
Data portability
Right to lodge complaints with authorities

California Residents (CCPA)

Right to know, delete, opt-out of sale
Right to non-discrimination

China Residents (PIPL)

Right to know, consent, refuse automation
Right to access, correct, delete information

7. Data Retention

Login records retained for 90 days
Email body cached temporarily only
Data removed within 30 days of account deletion

8. Security Measures

HTTPS + TLS encrypted communication
OAuth authentication for registered email authentication
Two-factor activated by user
Access control and audit logs
Encrypted storage via AWS KMS

9. Children’s Privacy

We do not knowingly serve users under 16.
If data is collected by mistake, please contact us for deletion: support@emuinbox.com.

10. Policy Updates

We will notify you of major updates via website or email.

11. Contact Us

Emuinbox Privacy Team
📧 Email: support@emuinbox.com

✅ Additional Authorization

I have read and agree to the Privacy Policy, and authorize Emuinbox to transfer my data to servers in Australia in compliance with GDPR, CCPA, and PIPL.