Privacy Policy

• Your account: name and email from your Google sign-in.
• Your contacts and notes: the people, details, notes, reminders, and interactions you add or import.
• Integration credentials: if you connect Gmail, Twilio, or Eskiz, the access tokens are encrypted at rest (AES-256) and used only to send the messages you approve.

Your data is used to run the product for you: showing your network, generating draft messages, and — only after your explicit approval — sending those messages from your own connected accounts. We do not sell your data or use it for advertising.

We rely on a few infrastructure providers who process data on our behalf: Supabase (database, EU region), Vercel (hosting), OpenAI (AI draft generation — sent contact metadata, not your raw notes, unless you opt in), Resend (email digests), Google/Twilio/Eskiz (only to send messages you approve), and Mapbox (geocoding). We don't share your data with anyone else.

1Clickly's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We request the gmail.send permission solely to send messages you have explicitly approved, from your own Gmail account. We do not read, search, store, modify, or delete your email or mailbox; we do not use Gmail data for advertising; and we do not sell it or transfer it to anyone except as needed to send your approved message. OAuth tokens are encrypted at rest and used only by our backend send process.

You can export everything as a ZIP of CSVs, or permanently delete your account and all data at any time from Settings. Deleting removes your contacts, notes, history, and stored credentials.

Each account's data is isolated at the database level (row-level security). Third-party tokens are encrypted. We use HTTPS everywhere. No system is perfectly secure, but we take reasonable measures to protect your data.

Questions or requests about your data? Email support@1clickly.com and we'll help.