Security Policy

1. Data Protection

EmailBo implements enterprise-grade security measures to protect your email data and personal information. All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.

2. Authentication & Access Control

• OAuth 2.0 authentication with Gmail and Outlook
• Secure token storage with automatic refresh
• Session management with secure cookies
• Multi-factor authentication support

3. Infrastructure Security

Our infrastructure is hosted on secure cloud platforms with:

• Regular security audits and penetration testing
• Automated vulnerability scanning
• Network isolation and firewall protection
• 24/7 monitoring and incident response

4. Email Processing Security

Email content is processed securely with minimal data retention:

• Real-time processing without permanent storage
• Encrypted communication with email providers
• Minimal scope OAuth permissions
• Automatic token expiration and refresh

5. Incident Response

In the event of a security incident, we have established procedures to:

• Immediately contain and assess the impact
• Notify affected users within 72 hours
• Coordinate with relevant authorities
• Implement corrective measures

6. User Security Best Practices

We recommend users follow these security practices:

• Use strong, unique passwords for your email accounts
• Enable two-factor authentication where available
• Regularly review connected applications
• Report suspicious activity immediately

7. Security Updates

We continuously monitor for security threats and apply updates promptly. Users will be notified of any security-related changes that may affect their account or data.

8. Contact Security Team

For security-related questions or to report vulnerabilities, please contact our security team at info@emailbo.ai. We appreciate responsible disclosure of security issues.