Your inbox is sensitive. We treat it that way.
> Encrypted at rest and in transit, scoped OAuth tokens, no selling or training on your data, and a clear deletion path.
> The boring, correct stuff.
Encryption in transit
TLS 1.3 on every connection — web, MCP endpoint, and provider APIs (Gmail, Graph, IMAPS).
Encryption at rest
OAuth tokens and IMAP passwords stored with AES-256-GCM using per-tenant keys. Postgres column-level encryption for credentials.
Scoped OAuth
Gmail scope is gmail.modify — read/write mail, no account management, no settings changes.
No training on your email
We do not use your messages to train models. Period. You bring your own Anthropic or OpenAI key, or use your AI provider's paid seat.
Data residency
US (primary) and EU (on request for Team). Attachments stored via S3-compatible storage with signed URLs.
Deletion on request
Disconnect an account — we purge the index and tokens within 24h. Delete your CME account — everything goes within 7 days.
Where we are, and where we’re going.
- 01SOC 2 Type I — in progress (target: Q3 2026)
- 02GDPR — DPA available for Team customers
- 03Google OAuth verified app — Limited Use compliant
- 04Microsoft Partner publisher-verified
- 05Sub-processors list published and versioned
What actually happens when your agent asks for email.
- 01Your MCP client sends an authenticated request to your personal CME endpoint.
- 02CME looks up which connected account(s) the request targets.
- 03We hit Gmail API / Graph / IMAP with your stored token, or serve from our local thread index.
- 04Result streams back to the MCP client. No content is cached by any LLM provider — inference happens on your side.
- 05Sync daemons pull new mail incrementally; nothing sits in a queue longer than it has to.
Questions about our threat model?
> Real responses, usually same-day.