Privacy Policy

Last updated: February 27, 2026

This Privacy Policy describes how ccMarvin ("we," "us," or "our") collects, uses, and shares information when you use our email-based AI assistant service (the "Service"). By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

When you use the Service by sending emails to or cc'ing our address, we collect and process:

• Email content: The full content of emails you send to or cc to the Service, including subject lines, body text, attachments, and any links or media contained therein.
• Email metadata: Sender and recipient email addresses, timestamps, message IDs, thread IDs, and email headers (including authentication headers such as DMARC results).
• Conversation history: We retain conversation threads to provide contextual, multi-turn responses within email threads.
• Usage data: Email counts, timestamps, billing tier information, and subscription status.
• Payment information: If you subscribe to a paid plan, payment processing is handled by Stripe. We store your Stripe customer ID and subscription ID but do not store credit card numbers or bank account details.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Providing the Service: Processing your emails, generating AI responses, and delivering replies to your inbox.
• Improving the Service: Analyzing usage patterns, response quality, and system performance to enhance our product.
• Training and developing AI models: We may use the content of emails sent to the Service, including message text, attachments, and AI-generated responses, to train, fine-tune, evaluate, and improve our proprietary AI models and algorithms. This includes creating derivative datasets for machine learning purposes. By using the Service, you grant us a perpetual, irrevocable, worldwide, royalty-free license to use your content for these purposes.
• Billing and account management: Processing payments, managing subscriptions, and enforcing usage limits.
• Security and fraud prevention: Detecting and preventing abuse, spam, and unauthorized access.
• Legal compliance: Complying with applicable laws, regulations, and legal processes.

3. Data Sharing

We may share your information with:

• Third-party AI providers: Email content is sent to third-party AI model providers (such as OpenAI and Google) to generate responses. These providers may process your data according to their own privacy policies and terms.
• Email infrastructure: We use third-party email delivery services to send and receive messages.
• Payment processors: Stripe processes subscription payments on our behalf.
• Legal requirements: We may disclose information if required by law, regulation, or legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

4. Data Retention

We retain email content, conversation history, and associated metadata indefinitely unless you request deletion. Usage and billing data is retained for as long as your account is active and for a reasonable period thereafter for legal and business purposes. Derivative data used for AI model training may be retained indefinitely even after deletion of source data.

5. Data Security

We implement commercially reasonable security measures to protect your information, including encryption of data in transit and at rest. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Your Rights and Choices

• Stop using the Service: You may stop using the Service at any time by ceasing to send emails to our address.
• Request deletion: You may request deletion of your personal data by emailing us. Note that data already incorporated into AI training datasets or derivative works may not be deletable.
• Cancel subscription: You may cancel your paid subscription at any time through Stripe.

7. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected information from a child under 13, we will take steps to delete it.

8. International Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from those in your jurisdiction.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a new "Last updated" date. Your continued use of the Service after any changes constitutes acceptance of the revised policy.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at marvin@ccmarvin.com.