Privacy Policy

Mayukha

Last updated: 26/04/2026

1. Introduction

This Privacy Policy describes how Mayukha ("we", "our", or "us") collects, uses, discloses, and protects your information when you access or use our application and related services (the "Service").

Mayukha is a privacy-first software platform that enables users to perform AI-assisted email outreach, including send-only Gmail integration, lead management, and automated email composition.

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Account and Authentication Information

When you authenticate via Google OAuth, we collect:

• Full name
• Email address
• Google account identifier
• Profile metadata (if authorized)

If you create an account with email and password, we collect your name, email address, and a salted password hash. We do not store plain-text passwords.

We only access the minimum scope required to provide functionality. The default Gmail integration is send-only and does not grant Mayukha permission to read your inbox.

Mayukha's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

2.2 Email and Communication Data

When you use Gmail integration features, we may process:

• Email metadata for messages you create or send in Mayukha (recipient, subject, timestamps)
• Email content that you draft, generate, edit, or approve for sending
• Manual reply and outcome statuses that you choose to mark in the dashboard

Mayukha does not read, scan, or monitor your Gmail inbox in send-only mode. Reply tracking is manual: if a recipient replies in Gmail, you can mark that outcome yourself in Mayukha.

2.3 Lead and Contact Data

The Service allows you to manage outreach leads. We may collect:

• Lead names and professional details
• Contact identifiers (stored in a protected format)
• Prospecting and search data

For security purposes, actual recipient email addresses may be resolved server-side and not exposed directly to the client.

2.4 Usage and Technical Data

We automatically collect certain technical data, including:

• IP address
• Browser and device information
• API request logs
• Job processing data (e.g., queue status via Redis/BullMQ)
• Timestamps and system events

2.5 AI Processing Data

To provide AI-powered features, we process:

• Email content you provide, generate, edit, or approve inside Mayukha
• User prompts and inputs
• Generated outputs

This data may be sent to third-party AI providers such as OpenAI for processing.

3. How We Use Your Information

• To provide and operate the Service
• To authenticate users and manage sessions
• To generate AI-assisted email content
• To send emails via your Gmail account
• To manage leads, manual reply tracking, and outreach workflows
• To monitor system performance and reliability
• To detect, prevent, and address technical or security issues
• To comply with legal obligations

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your data under the following legal bases:

• Consent (e.g., Google OAuth permissions)
• Contractual necessity (to provide the Service)
• Legitimate interests (e.g., security, analytics, service improvement)
• Legal compliance

5. Third-Party Services

We integrate with the following third-party providers:

• Google - Authentication and Gmail API access
• OpenAI - AI content generation
• Twilio - WhatsApp notifications (if enabled)
• Cloud infrastructure providers (e.g., AWS, GCP, Render)

These providers may process your data in accordance with their own privacy policies. We do not control their practices.

6. Data Storage and Security

We implement industry-standard safeguards to protect your data:

• Data stored in PostgreSQL and Redis
• Encryption of sensitive data using environment-based encryption keys
• Secure authentication using HTTP-only cookies with SameSite=Strict
• Access control mechanisms and role-based permissions
• Network-level restrictions for database services

Despite these measures, no method of transmission or storage is completely secure.

7. Data Retention

We retain your data only for as long as necessary to provide the Service, maintain operational integrity, comply with legal obligations, resolve disputes, and enforce agreements.

You may request deletion of your data at any time.

8. Data Sharing and Disclosure

We do not sell your personal data.

We may share data in the following cases:

• With service providers (e.g., AI processing, messaging services)
• To comply with legal obligations or lawful requests
• To protect the rights, safety, or property of users or the public
• In connection with a merger, acquisition, or asset sale

9. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Restrict or object to processing
• Request data portability
• Withdraw consent at any time

To exercise these rights, contact us at: mayukha000@gmail.com

10. Email Usage and AI Responsibility

• You are solely responsible for the content of emails sent using the Service
• AI-generated content is provided "as-is" and may contain inaccuracies
• You should review all generated content before sending
• Mayukha sends only messages you approve and does not read your Gmail inbox in send-only mode
• Reply outcomes are manually marked by you in the dashboard
• The Service must not be used for spam, harassment, or unlawful activities

11. Cookies and Tracking Technologies

We use limited cookies and similar technologies:

• Session cookies for authentication
• Security-related cookies
• Minimal logging for debugging and performance

We do not use invasive tracking or sell behavioral data to advertisers.

12. International Data Transfers

Your data may be processed and stored in countries outside your jurisdiction, including locations where our infrastructure or service providers operate.

We ensure appropriate safeguards are in place for such transfers where required by law.

13. Children’s Privacy

The Service is not intended for individuals under the age of 18.

We do not knowingly collect personal data from children.

If we become aware of such data, we will take steps to delete it.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

We will notify users of material changes by updating the "Last updated" date and providing notice within the application, if applicable.

Continued use of the Service constitutes acceptance of the updated policy.

15. Contact Information

If you have any questions or concerns about this Privacy Policy:

Email: mayukha000@gmail.com
Company Name: Mayukha