Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Your privacy policy says this:

> InboxPurge will only use your Gmail data accessed via the Gmail API to read or control Gmail message metadata (including attachment information), headers, and message content, to enable you to process (delete/move/archive/unsubscribe from) emails. It will not share this Gmail data with others unless required by law.

But how can you share data if required by law when in a previous paragraph you say you are not collecting this data and it never leaves my device?



All these processes happen on your browser(device). The extension uses the Gmail API locally on your browser to perform all the necessary tasks. Your emails never get sent to any external server.

I hope that answers your question.

Edit: Just to add more context. The Google Oauth verification team requires that statement in the privacy policy.


So what information “can” be shared with law enforcement agencies?

And which jurisdiction is this service governed in?

I think there is just many ambiguities which do not seem clear to me at all.


I've added edit to explain why that particular statement is in the privacy policy

It's technically not possible from InboxPurge's perspective. As there'd be no email information to share


Just a heads up, you did not update the date of last update at the top of the policy following the changes you made.


I can’t tell whether you’re being cheekily obtuse or missing the point -

If required by law to share that information, what steps would you take to fulfill that legal requirement?

Is the implication that despite you being legally obligated to do so, you would in actuality have no method for sharing said information, and would therefore have nothing to offer law enforcement?


I'm sorry if you felt like I was intentionally missing the point.

I've added edit to explain why that particular statement is in the privacy policy

It's technically not possible from InboxPurge's perspective. As there'd be no email information to share.


Thanks for picking this up, I thought about trying it out and am very glad that you did go through it.

I don’t think I would touch it anymore.


I already explained in a reply:

"All these processes happen on your browser(device). The extension uses the Gmail API locally on your browser to perform all the necessary tasks. Your emails never get sent to any external server."

Hope you give it a try.


Sorry I feel like you really need to make the FAQ and legal terms a lot clearer.

Otherwise I think a lot of people would be easily deterred by the current/similar statements.

Thank you for sharing and taking the time to answer questions though.


I totally understand. Unfortunately, that particular statement was required by Google OAuth verification team to verify InboxPurge. I'll figure out a way to make it clearer. Thank you.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: