Practive
Privacy Policy

Privacy Policy

Effective Date: July 1, 2025

Extension Name: Proactive

This Privacy Policy explains how Proactive ("we," "our," or "the Extension") collects, uses, stores, and shares your information when you install and use our Gmail Chrome Extension. By using Proactive, you agree to the practices described in this policy.

1. Information We Collect

1.1 Gmail Data (via Google API Services)

Upon user consent, Proactive accesses Gmail data under the Gmail API and adheres strictly to the Google API Services User Data Policy, including the Limited Use requirements. We access:

  • Email Content: Subject lines and plain text from the email body (HTML content is stripped) and full conversation thread
  • Metadata: Thread IDs, message IDs, timestamps, labels, and conversation hierarchy.
  • Participants: Names and email addresses in the To, From, CC, and BCC fields

1.2 Google Account Information

With your explicit OAuth authorization, we access:

  • Email address
  • Display name
  • Calendar data

1.3 Automatically Collected Data

  • Usage Metrics: Extension interactions, feature usage, and error diagnostics.
  • Installation Information: Browser type, extension version, and environment.
  • Session Data: Authentication tokens and temporary user session details.

2. How We Use Your Information

We use the collected data solely to deliver and improve the core features of Proactive:

2.1 Smart Email Management

  • Detect emails requiring replies
  • Suggest personalized, contextual responses
  • Summarize threads and extract action items

2.2 Participant Insights

  • Retrieve background information on senders and recipients
  • Provide relevant context within conversations

2.3 Personalized Profiles

Analyze your writing style for tone-matching AI responses

2.4 Proactive Inbox Scanning

  • Conduct automated inbox scans (default: every 30 minutes, user-configurable)
  • Identify and flag important, time-sensitive messages

3. Data Storage and Security

3.1 Local Storage (User's Browser)

  • Encrypted OAuth tokens (AES-GCM)
  • Temporary session metadata
  • Cached profile and context data

3.2 Cloud Storage (Hosted on Supabase)

  • Email classification outputs
  • AI-generated summaries and analysis results
  • Cached participant research data

Retention Policy: Cloud-stored data is retained until the user requests deletion.

4. Third-Party Services

We do not sell your data. We share information only as necessary to operate the extension:

4.1 OpenRouter

  • Purpose: Email analysis, content generation, and contextual research
  • Data Shared: Email content, participant information, profile data
  • Use: Generate summaries, recommendations, and contextual replies

4.2 Mixpanel

  • Purpose: Product analytics and feature usage insights
  • Data Shared: Email address, interaction events
  • Use: Analyze user behavior and improve product performance

4.3 Google APIs

  • Purpose: Provide Gmail and Calendar integration
  • Data Shared: Only data explicitly authorized by you via OAuth
  • Use: Enable core functionalities of the extension

5. Your Rights and Choices

5.1 Access and Portability

You may access your Gmail data directly via Gmail. For extension-specific data, email us at support@practive.com.

5.2 Deletion

  • Local Data: Removed automatically when you uninstall the extension
  • Server Data: Email support@practive.com to request deletion
  • OAuth Permissions: Can be revoked at Google Account Permissions

5.3 Opt-Out Options

  • Revoke specific data permissions via Google
  • Uninstall the extension

6. Data Protection

We employ industry-standard security practices:

  • Encryption: All tokens are AES-GCM encrypted per installation
  • Transmission Security: All data in transit is encrypted via HTTPS
  • Access Controls: Authenticated sessions only
  • Token Management: Secure handling and periodic refresh of OAuth tokens

7. Data Disclosure

We do not sell or rent your data. Data is disclosed only when:

  • Required by law or legal process
  • Needed to prevent fraud or enforce our rights
  • With your explicit consent
  • As part of a business transaction (e.g., merger, acquisition)

8. Children's Privacy

Our extension is not directed to children under 13. We do not knowingly collect data from users under 13.

9. International Data Transfers

Data may be processed in countries outside of your jurisdiction. We ensure safeguards compliant with applicable data protection laws (e.g., GDPR).

10. Changes to This Policy

We may revise this Privacy Policy periodically. Continued use of the extension after changes indicates your acceptance. The latest version is always accessible within the extension or at this page.

11. Contact Us

If you have questions or wish to exercise your rights, please contact:

  • Email: support@practive.com
  • Company: Proactive Labs Inc.

12. Jurisdiction-Specific Disclosures

California Residents (CCPA)

You may request to access, delete, or opt-out of the "sale" of your data (we do not sell data). Contact us to exercise your rights.

European Economic Area Residents (GDPR)

You may access, correct, delete, or export your data. Legal basis includes user consent and legitimate interest in providing services.

Google API Services Disclosure

Proactive's use of Google API services complies with the Google API Services User Data Policy, including Limited Use.

By installing and using Proactive, you acknowledge that you have read, understood, and agreed to this Privacy Policy.

← Back to Home