Privacy Policy

Last updated: 5/12/2026

1. Introduction

Looper ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, share, and safeguard your information when you use Looper, including our website, web application, and Chrome Extension. This policy applies to all personal and sensitive user data handled by our services.

2. Information We Collect

Whether you interact with Looper through our website or our Chrome Extension, we collect the same data — only what is needed to deliver the Service.

2.1 Information You Provide

Account information: email address, name, and profile picture.
Email loop data: when you choose to loop an email, we store its subject, message identifier, and a reference link back to the original email in Gmail.
Gmail authorization: OAuth tokens that allow Looper to label, modify, and re-deliver the emails you have explicitly chosen to loop.
Communications: any messages or support requests you send us.

2.2 Information Collected Automatically

Session data: authentication tokens and session identifiers.
Usage data: basic feature-usage signals to help us improve the Service.

2.3 What Looper Does Not Collect

We do not read, scan, or index emails you have not explicitly chosen to loop.
We do not collect browsing history or activity from any website other than mail.google.com.
We do not collect contacts, calendar data, or other Google account data.
We do not run background data collection, scanning, monitoring, or tracking.
We do not collect data for advertising or for any purpose unrelated to running Looper.

3. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve Looper.
Loop emails you have explicitly chosen to loop and return them to your inbox at the right time.
Send notifications, reminders, and product updates related to your account.
Respond to your comments, questions, and support requests.
Detect, investigate, and prevent security incidents and abuse.

We do not sell, rent, or trade your personal data or any user content to third parties for advertising or marketing purposes. We do not train AI models on your email content.

4. How We Store Your Information

Encryption at rest: all data is stored in encrypted PostgreSQL databases hosted on Supabase infrastructure (SOC 2 Type II certified).
Encryption in transit: all transmissions use HTTPS (TLS 1.2 or higher).
Access controls: database access is restricted via Row Level Security (RLS) policies so users can only access their own data.
OAuth tokens: Gmail tokens are encrypted in our database and never exposed to client-side code.
Local storage: the Chrome Extension stores only an authentication session token in Chrome's local storage. No email content or passwords are cached on your device.

5. How We Share Your Information

We share information only with the following parties:

Supabase Inc.: our database hosting and authentication infrastructure provider. Supabase processes data on our behalf under a data processing agreement and is SOC 2 Type II certified.
Resend Inc.: our email delivery provider, used to send notification and reminder emails on our behalf.
Legal requirements: when required by law, subpoena, or to protect our legal rights.
Business transfers: in connection with a merger, acquisition, or sale of assets, with notice to affected users.

We do not share user data with advertisers, data brokers, or information resellers.

6. Data Transmission Security

All data transmitted between Looper (web or extension) and our servers is sent over HTTPS (TLS 1.2 or higher). No data is transmitted in plain text. Authentication credentials are transmitted securely and are never logged or stored in an unencrypted format.

7. Data Retention and Deletion

We retain your personal information for as long as your account is active or as needed to provide the Service. You may delete individual looped emails at any time from within Looper. You may request complete deletion of your account and all associated data by contacting us at [email protected]. Upon account deletion, all personal data will be permanently removed from our servers within 30 days. Backups containing your data may persist for up to 90 days before being purged.

8. Your Rights

Depending on your location, you may have the right to:

Access: request a copy of the personal information we hold about you.
Correction: request correction of inaccurate information.
Deletion: request deletion of your personal information and account.
Restriction: object to or restrict processing of your information.
Portability: request an export of your data in a machine-readable format.
Withdraw consent: withdraw consent at any time where we rely on consent to process your data.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

9. Cookies and Tracking

We use cookies and similar technologies solely to maintain your authentication session and preferences. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. You can control cookies through your browser settings, though disabling them may affect Service functionality.

10. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page, updating the "Last updated" date, and where possible, sending you a notification. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: [email protected]
Website: looper.email