Privacy Policy
Last updated: April 9, 2026
This Privacy Policy describes how NexoMailer (operated by Logic Launch Software Solutions) collects, uses, and protects information when you use our email delivery service.
1. Information We Collect
a) Information you provide
- Admin credentials: Password used to access the admin dashboard.
- API keys: Generated keys for authenticating API requests.
- Google account data: When you connect a Gmail account via OAuth, we receive and store OAuth tokens (access token and refresh token) and your email address. We request only the minimum scopes needed:
gmail.sendanduserinfo.email.
b) Information processed through the service
- Email metadata: Recipient addresses, subject lines, and send timestamps are logged for delivery tracking and debugging.
- Email content: HTML email bodies are processed transiently to deliver emails and are not permanently stored after successful delivery.
2. How We Use Your Information
- To authenticate and send emails on your behalf via the Gmail API.
- To manage rate limiting and load balancing across connected accounts.
- To queue and retry failed email deliveries.
- To display delivery logs and statistics in the admin dashboard.
3. Google User Data
NexoMailer's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
- We only request access to send emails (
gmail.send) and read your email address (userinfo.email). - We do not read, scan, or access your inbox, contacts, or any other Gmail data.
- OAuth tokens are stored securely on the server and are only used to send emails as authorized by you.
- You can revoke access at any time by removing the account from your API key in the dashboard, or by visiting your Google Account Permissions.
4. Data Storage & Security
- All data is stored on the server where NexoMailer is deployed.
- OAuth credentials are stored as encrypted JSON on disk.
- Admin sessions are protected with a cryptographic secret key.
- API keys are required for all email-sending endpoints.
- We do not share, sell, or transfer your data to third parties except as necessary to send emails via Google's Gmail API.
5. Data Retention
- Delivery logs are retained for a rolling window (up to 2,000 most recent entries) and can be cleared by the admin at any time.
- OAuth tokens are retained as long as the Gmail account is connected. Removing an account deletes its stored credentials.
- Queued emails are retained until delivered or manually cleared.
6. Your Rights
- You can disconnect any Gmail account at any time via the admin dashboard, which deletes stored OAuth tokens.
- You can delete API keys and all associated data at any time.
- You can clear all logs at any time.
- You can revoke Google OAuth permissions at myaccount.google.com/permissions.
7. Third-Party Services
This service integrates with:
- Google Gmail API — to send emails on your behalf. Subject to Google's Privacy Policy.
8. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the service after changes constitutes acceptance of the updated policy.
9. Contact Us
If you have questions about this Privacy Policy or your data, contact us:
- Logic Launch Software Solutions
- WhatsApp: +91 85490 13115