1. Scope
This Privacy Policy applies to information collected through the Thank You Email website and any associated product experiences we operate, including the generator, interview follow-up templates, educational guides, account authentication experiences, and future history or storage features. It also applies to communications you send directly to us, such as support emails and product feedback. It does not apply to third-party websites, services, or applications that may be linked from our pages or integrated into the service through independent terms.
If you use a third-party authentication provider such as Google, or a third-party infrastructure provider such as Supabase, those providers may separately collect and process data under their own privacy terms. We encourage you to review their policies in addition to this one.
2. Information We Collect
We may collect several categories of information depending on how you use the service.
Account Information. If you sign in or create an account, we may collect your email address, authentication provider identifiers, session metadata, and basic profile details made available through the provider. If you use Google sign-in, we may receive account details necessary to authenticate you and operate your session. If you use magic link sign-in, we may receive the email address you submit and related verification metadata.
User Input Content. We may process the information you type into the generator, such as interviewer names, company names, role titles, personal names, discussion topics, preferred tone, and any other information submitted for the purpose of generating a thank-you email. Because users may include interview context, some of this information could relate to employment history, professional interests, or communications with third parties.
Generated Output. We may process the emails, drafts, variants, or history items created by the service. If history features are enabled in the future, generated output may be stored and displayed back to you as part of your account experience.
Technical and Device Information. We may automatically receive information such as browser type, device type, approximate language settings, operating system, referring URLs, page activity, timestamps, authentication events, and basic diagnostics needed to maintain security and performance.
Communications. If you email us directly, we may collect your email address, message content, any attachments, and any follow-up correspondence we exchange with you.
3. How We Use Information
We may use personal information for the following business and operational purposes:
To provide and operate the service, including authenticating users, maintaining account sessions, generating requested content, and displaying product features. To improve reliability, detect abuse, troubleshoot bugs, monitor system health, and maintain the security of the service. To communicate with users about product updates, transactional messages, support issues, legal requests, and important notices. To evaluate feature usage, understand demand, and make product decisions. To comply with legal obligations, enforce our terms, prevent fraud, and protect the rights, safety, and integrity of users, the service, and the public.
We do not claim ownership over the content users submit for generation. However, by using the service, you acknowledge that submitted data may be processed by infrastructure and model providers to fulfill your request.
4. Legal Bases
Where applicable, we rely on several legal bases to process personal information. These may include your consent, the necessity of processing to provide the services you request, our legitimate interests in operating and securing the service, and compliance with legal obligations. In practice, different data uses may rely on more than one legal basis depending on the context.
5. Cookies, Local Storage, and Similar Technologies
The site may use browser storage, cookies, session storage, and similar technologies to preserve session state, retain form values between pages, maintain login status, improve user experience, and support basic analytics or debugging. Some of these technologies are strictly necessary for the service to function properly, especially authentication and session continuity.
If you disable certain browser storage mechanisms, parts of the product may not function as intended. In particular, login persistence and generator state recovery may be limited.
6. Sharing of Information
We may share information with service providers and subprocessors that help us operate the product, such as hosting providers, authentication platforms, database providers, email systems, analytics tools, and model or generation providers. We may also disclose information if required to do so by law, regulation, subpoena, court order, or lawful government request, or when we believe disclosure is reasonably necessary to protect rights, investigate security incidents, enforce agreements, or address fraud or abuse.
We do not sell personal information in the ordinary meaning of that phrase. We do not intentionally disclose your generator inputs to unrelated third parties for their independent marketing use.
7. Retention
We retain information for as long as reasonably necessary to operate the service, satisfy legal obligations, resolve disputes, maintain security logs, and enforce agreements. Retention periods may differ by data category. For example, account records may be retained for longer than transient generation payloads, while security logs may be preserved for incident analysis and fraud prevention. If history storage is enabled, saved content may remain associated with your account until you delete it, request deletion, or we determine it is no longer necessary to retain.
8. User Choices and Rights
Depending on your location, you may have rights to access, correct, delete, export, restrict, or object to certain processing of your personal information. You may also have the right to withdraw consent where consent is the basis for processing. To make a request, contact us at judexuhs@gmail.com. We may need to verify your identity before fulfilling a request, and some rights may be limited by law or technical feasibility.
You may also control certain information directly by changing browser settings, clearing local storage, logging out, or discontinuing use of the service.
9. Security
We use reasonable technical and organizational measures designed to protect personal information from unauthorized access, disclosure, alteration, and destruction. These measures may include access controls, encryption in transit where supported, secure authentication workflows, environment separation, provider-level safeguards, and monitoring for suspicious activity. However, no service can guarantee absolute security, and you use the internet-facing portions of the service at your own risk.
10. International Data Transfers
If you access the service from outside the country where our infrastructure or service providers operate, your information may be transferred to, stored in, or processed in other jurisdictions. Those jurisdictions may have privacy laws that differ from the laws of your home region. By using the service, you understand that such transfers may occur as necessary to provide the service.
11. Children
The service is not directed to children under the age of 13, and we do not knowingly collect personal information from children. If you believe that a child has provided personal information through the service, contact us and we will take reasonable steps to investigate and remove the information if appropriate.
12. Third-Party Services and Links
Our site may link to third-party pages or rely on third-party systems to deliver certain features, including authentication, hosting, model inference, or productivity integrations. We are not responsible for the privacy practices of those third parties. Please review their policies separately before providing information to them.
13. Updates to This Policy
We may revise this Privacy Policy from time to time to reflect changes in legal requirements, service functionality, data practices, or risk posture. When we make updates, we may revise the effective date and publish the updated version on this page. Material changes may also be communicated through the service or by email where appropriate. Continued use of the service after an update becomes effective indicates your acceptance of the revised policy.
14. Contact
Questions, access requests, correction requests, deletion requests, or general privacy concerns may be sent to judexuhs@gmail.com. Please include enough detail for us to understand your request and respond accurately.