MailSenseAI

Security

Built to be trusted.

Email engagement data is sensitive. We treat it that way — with encryption, isolation, and a clear disclosure path. Here's how we keep your data safe.
  • Encryption everywhere

    All traffic is TLS 1.2+ in transit. Data at rest is encrypted with AES-256 on managed infrastructure.

  • Scoped, revocable keys

    API keys are scoped per workspace and can be rotated or revoked instantly from the dashboard.

  • Least-privilege access

    Internal access to production data is role-gated, logged, and limited to what a task requires.

  • OAuth, not passwords

    Sign-in is handled through Google OAuth. We never see or store your Google password.

  • Tenant isolation

    Every query is scoped to your account. One workspace can never read another workspace’s threads.

  • Audit trails

    A full audit log of engagement data is available and exportable, so you always know what was collected.

Disclosure

Found something? Tell us.

We welcome responsible disclosure of security issues. Email contact@mailsenseai.com with details and steps to reproduce. We aim to acknowledge reports within two business days and will keep you updated as we investigate. Please give us a reasonable window to remediate before public disclosure.

Pro customers and business accounts can request our security overview, sub-processor list, and a DPA. See the sub-processors section of our privacy policy for the current list.