Privacy Policy
Last updated 30 June 2026
lovesignal.ai helps small businesses turn happy-customer emails into review requests. This policy explains what we read, what we keep, who we share it with, and the choices you have. Plain language, no surprises.
How lovesignal works with your Gmail
- We do not use the Gmail API and never request Gmail permissions. Google sign-in asks only for your name and email address.
- The extension reads email text in your browser, from the thread you already have open, to spot happy-customer moments. It reads what is on your screen. It does not log in to your inbox.
- We never send email for you. When you choose to send a review request, it opens in your own Gmail compose window and you click Send yourself.
What we process
- Your account. Your name and email address, from Google sign-in.
- Email content. When a thread is opened or you click Request, the message text is read from the page and sent to our service to decide whether it is a happy-customer moment and to draft a request. The full message body is processed only in passing and is deleted once classified. We keep a short preview (around 280 characters), a short quote of the happy moment, and the sender name and email, to show you the queue card.
- Customers you act on. The name and email address of a customer you choose to email, and the review-request copy you send, kept as your history.
- A sign-in token stored in your browser so the extension can talk to our service on your behalf.
- Billing. If you subscribe, payment is handled by Stripe. We do not see or store your card details.
AI processing
To recognise a happy-customer moment and to draft a request, the relevant email text is sent to our AI provider, Anthropic (Claude). It is used only to produce your classification and your draft. It is not used to train AI models.
Service providers we share data with
We use a small set of providers, each handling only what it needs to do its part:
- Google, for sign-in identity (name and email only).
- InboxSDK, the library the extension uses to work inside Gmail, which receives error and usage diagnostics.
- Anthropic, to classify moments and generate drafts.
- Supabase, for our database and authentication.
- Vercel, for hosting the web application.
- Stripe, for payments.
We do not sell your data, and we do not use it for advertising.
How long we keep it
- The full inbound email body is deleted once it has been classified. What remains is the short preview, the moment quote, and the sender details on the queued signal, which itself expires about 30 days after it is detected if you do not act on it.
- Review requests you send are kept as your history until you delete your account.
- Deleting your account removes your data from our database.
Your choices
- Sign out any time. While signed out the extension is paused: it sends nothing and no review requests go out.
- Disconnect a review platform in your settings whenever you like.
- Ask us to delete your account and data by emailing lovesignalai@gmail.com.
Security
Data is sent over HTTPS and access is scoped to your account. No method of storage or transmission is perfectly secure, but we keep what we hold to the minimum needed to run the product.
Changes to this policy
We may update this policy as the product grows. Material changes will be reflected here with a new date at the top.
Contact
Questions about your privacy? Email lovesignalai@gmail.com.