Privacy Policy

Last updated: June 7, 2026 · InboxIQ by ReviveIQI

The short version: We connect to your email inbox to surface revenue opportunities. We never sell your data, never read your email content beyond what's needed to classify opportunities, and you can disconnect and delete everything at any time.

1. Who we are

InboxIQ is a product of ReviveIQI, operated by Bryan Michael Greer, Fort Lauderdale, Florida, United States. Contact us at privacy@reviveiqi.com.

2. What data we collect

Account information

Name and email address (provided at registration)
Password (stored as a bcrypt hash — we never store your plaintext password)
Plan and subscription status

Email inbox data (when you connect Gmail or Outlook)

OAuth access and refresh tokens — encrypted with AES-256-GCM before storage
Email thread metadata: sender name, sender email address, subject line, date, and message snippet
We do not store the full body of your emails
We do not store attachments
We do not read emails in categories like promotions, social, spam, or trash

Opportunity data

Contact names, email addresses, and companies extracted from thread metadata
AI-generated opportunity classifications, scores, summaries, and recommended next actions
Status updates you make (Active, Waiting, Closed Won, etc.)

Usage data

Standard server logs (IP address, request timestamps, response codes)
Logs are retained for 30 days and then deleted

3. How we use your data

To scan your connected inboxes for revenue opportunities on your behalf
To classify email threads using AI and surface actionable follow-ups
To display your opportunity board and team workspace
To send you weekly digest emails (if enabled)
To process payments and manage your subscription
To send transactional emails (receipts, alerts, account notifications)

4. How we use Gmail and Outlook data

InboxIQ's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

We access your Gmail data solely to provide the InboxIQ service — identifying revenue opportunities in your inbox
We do not use Gmail data to serve advertisements
We do not allow humans to read your email content except when required to provide the service (e.g., investigating a bug you've reported), with your explicit permission
We do not transfer Gmail data to third parties except as necessary to provide InboxIQ (our AI classification provider, OpenAI, receives email metadata snippets for classification — see Section 5)
We do not use Gmail data to build profiles of users for purposes unrelated to InboxIQ

5. Third parties we share data with

OpenAI — email thread metadata (sender, subject, snippet) is sent to OpenAI's API for opportunity classification. OpenAI does not use API data to train their models. OpenAI Privacy Policy →
TiDB Cloud (PingCAP) — our database provider, hosted on AWS in us-east-1. Encrypted tokens and opportunity data are stored here.
Stripe — payment processing. We never store your card details. Stripe Privacy Policy →
Resend — transactional email delivery (receipts, weekly digests).
Railway — application hosting. Your data is processed on servers in the United States.

We do not sell, rent, or share your personal data with advertisers or data brokers — ever.

6. Data storage and security

OAuth access and refresh tokens are encrypted with AES-256-GCM before being written to our database
All data is transmitted over TLS (HTTPS)
Passwords are hashed with bcrypt (cost factor 12)
Database access is restricted by IP allowlist and SSL-only connections
We do not store full email body text — only metadata and AI-generated summaries

7. Data retention

Account data: Retained until you delete your account
Email tokens: Deleted immediately when you disconnect an inbox
Opportunity data: Retained until you delete it or delete your account
Server logs: 30 days, then automatically purged
Deleted accounts: All personal data permanently purged within 30 days of account deletion

8. Your rights

You have the right to:

Access — request a copy of all data we hold about you
Correction — update inaccurate personal information
Deletion — delete your account and all associated data at any time from Settings → Delete Account
Disconnect — revoke inbox access at any time from Settings → Connected Inboxes. This immediately deletes your OAuth tokens and stops all scanning.
Portability — export your opportunity data as CSV at any time
Opt-out — unsubscribe from weekly digest emails at any time

To exercise any of these rights, email privacy@reviveiqi.com or use the in-app controls in Settings.

9. Children's privacy

InboxIQ is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, contact us at privacy@reviveiqi.com and we will delete it immediately.

10. Cookies

InboxIQ uses a single authentication cookie to keep you logged in. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

11. Changes to this policy

We will notify you of material changes by email or by a notice on the InboxIQ dashboard at least 14 days before they take effect. Continued use after the effective date constitutes acceptance.

12. Contact

Questions about this policy or your data:

Email: privacy@reviveiqi.com
Address: ReviveIQI, Fort Lauderdale, Florida, United States

InboxIQ is a product of ReviveIQI · Terms of Service · Back to InboxIQ