How FollowUpEasy handles your data

Last updated: April 5, 2026

What we structurally skip

Our scan only looks at mutual, two-way email conversations. We structurally filter out:

Message headers and metadata for all sent and received messages (sender, recipient, date, subject line). Used to identify relationships and measure how long they've been quiet.
Email message content (for specific contacts only). Relevant portions of conversation threads with contacts identified as cold relationships are processed to generate relationship summaries and draft follow-ups. We do not make copies of your full mailbox.

Contact records for relationships identified as worth reconnecting with (name, email, last contact date, relationship summary)
Conversation excerpts from threads with contacts identified as cold relationships, used to generate summaries and drafts. We do not store full email bodies or make copies of your mailbox.
Generated drafts created for your review
Style profile derived from your writing patterns, used to make drafts sound like you
Suppressed contacts you've dismissed, so we don't resurface them

Encryption in transit — All connections to FollowUpEasy use HTTPS/TLS encryption. Data transmitted between your browser, our servers, and third-party APIs (Google, Anthropic) is encrypted in transit.
Encryption at rest — Stored data (contact records, conversation excerpts, drafts, style profiles) is held in a managed PostgreSQL database with encryption at rest enabled.
OAuth token security — Gmail OAuth tokens are stored securely and used only to access Gmail on your behalf. Tokens are revoked immediately when you disconnect your account.
Access control — No user can access another user's data. Administrative access is limited to the application operator for debugging, support, and security/maintenance purposes.
Minimal data retention — We store only the data needed to provide the service. We do not retain full email bodies, attachments, or messages from contacts not identified as cold relationships.
No data sharing or selling — Your data is never sold, shared with advertisers, or used for purposes other than providing the FollowUpEasy service.
No AI model training on your data — Email content processed through the Anthropic Claude API is not used to train AI models. Anthropic's API terms prohibit using API inputs for model training.

Your data is retained while your account is active and deleted immediately when you delete your account. There is no retention period after deletion.

FollowUpEasy creates drafts in your Gmail account. You review, edit, and send from your own inbox.

You can disconnect Gmail and delete all your data at any time from your account settings. This will:

Revoke Gmail OAuth access immediately
Delete all stored data (scan results, drafts, conversation excerpts, style profile)
Sign you out

Drafts you already saved or sent in Gmail are in your Gmail account, not ours. You can also revoke access directly from Google Account Permissions.

FollowUpEasy uses the following services to operate:

Google Gmail API — to read email metadata and content, and to create drafts in your Gmail account.
Anthropic Claude API — to assess relationships and generate draft emails. Conversation excerpts are sent to Claude for processing. Anthropic does not use API inputs to train models.
Render — cloud hosting provider where the application runs.
PostHog — anonymous product analytics to understand how the product is used. No email content is sent to PostHog.

Questions about how we handle your data? Email Dave directly: dave@followupeasy.com.