Privacy
Your data, your control
SharaSpot is designed with privacy in mind. Here's exactly what we collect, how we protect it, and what we don't do.
Last updated: March 2026
What We Collect
We collect your Google profile information (name, email, avatar) when you sign in via Google OAuth. We also store the email addresses you add as senders and the recipient lists you upload for campaigns.
How We Protect Your Data
All SMTP credentials (Google App Passwords) are encrypted at rest using AES-256-CBC with a unique initialization vector per encryption. We never store your Google account password - only the App Password you generate specifically for SharaSpot.
What We Don't Do
We don't sell your data. We don't read your email content. We don't share your recipient lists with third parties. We don't track you across the web. Your outreach data stays yours.
Data Storage
Your data is stored in a PostgreSQL database. Email attachments are stored on Cloudinary. Job queue data is stored in Redis. All connections use encrypted transport where available.
Data Deletion
You can delete your sender accounts at any time. When a campaign is deleted, all associated email job records and attachment metadata are automatically removed (cascade delete).
Questions about privacy? Get in touch