Last updated: March 31, 2026
Account information. When you create an account we collect your email address, name, and authentication credentials. If you sign in via Google OAuth, we receive your Google profile information as authorized.
Usage data. We collect server logs including IP addresses, request timestamps, endpoints accessed, and response codes. These logs are retained for operational and security purposes.
Service data. Data you store through our services (contacts, emails, files, jobs, notifications) is stored in isolated PostgreSQL databases per service. Each tenant's data is logically separated via row-level isolation.
We use your information to:
We do not sell your personal information to third parties.
All data is stored on infrastructure we control. Passwords are hashed using industry-standard algorithms. API keys are stored as SHA-256 hashes. Sessions use HMAC-signed cookies. All inter-service communication uses authenticated REST calls.
File uploads via the Storage service are stored in S3-compatible object storage with access logging enabled.
We retain your data for as long as your account is active. You may request deletion of your account and associated data by contacting us. Server logs are retained for up to 90 days. Files governed by lifecycle policies are automatically deleted per the configured rules.
We integrate with the following third-party services when you opt in:
Each integration is governed by the respective provider's privacy policy.
We use session cookies scoped to .rust.solutions for authentication across our services. These are strictly functional - we do not use tracking or advertising cookies.
You have the right to access, correct, or delete your personal data. You may export your contacts and calendar data at any time. To exercise these rights, contact us at the address below.
For privacy-related inquiries: privacy@rust.solutions