Privacy Policy

Last updated: May 2025

1. Information We Collect

AngerAlert collects and processes the following information:

  • Account Information: Your Microsoft Outlook email address, display name, and profile information when you connect your account
  • Email Data: Email content, subject lines, sender information, and timestamps from your connected email accounts for sentiment analysis
  • Usage Data: Information about how you use our service, including dashboard interactions and feature usage
  • Technical Data: IP addresses, browser information, and device data for security and service improvement

2. How We Use Your Information

We use your information to:

  • Analyze email sentiment using VADER sentiment analysis
  • Provide anger score calculations and categorization
  • Tag emails in your Outlook with appropriate categories
  • Display analytics and insights on your dashboard
  • Send notifications for high-anger emails (if enabled)
  • Improve our service and develop new features
  • Ensure security and prevent fraud

3. Data Storage and Security

Your data is stored securely using:

  • AWS Infrastructure: All data is stored in Amazon DynamoDB with encryption at rest
  • Access Tokens: Microsoft OAuth tokens are encrypted using AWS KMS
  • Limited Retention: Email data is retained for analysis purposes and automatically cleaned up based on your account settings
  • Secure Transmission: All data transmission uses HTTPS/TLS encryption

4. Third-Party Services

AngerAlert integrates with the following third-party services:

  • Microsoft Graph API: To access your Outlook email data (with your explicit consent)
  • Amazon Web Services: For hosting, data storage, and processing
  • Sentry: For error monitoring and performance optimization
  • Paddle: For payment processing and subscription management
  • Slack/Teams: For notifications (if you enable these integrations)

5. Data Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties except:

  • With your explicit consent for specific integrations (Slack, Teams)
  • To comply with legal obligations or law enforcement requests
  • To protect our rights, property, or safety
  • In connection with a business transaction (merger, acquisition, etc.)

6. Your Rights and Choices

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your personal data
  • Portability: Export your data in a machine-readable format
  • Withdraw Consent: Disconnect your accounts at any time
  • Object to Processing: Opt out of certain data processing activities

7. Data Retention

We retain your data as follows:

  • Email Analysis Data: Retained for 12 months or until account deletion
  • Account Information: Retained while your account is active
  • Usage Logs: Retained for 90 days for security and debugging purposes
  • Notifications: Automatically deleted after 30 days

8. International Data Transfers

Your data may be processed in countries other than your own, including the United States where AWS servers are located. We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.

9. Cookies and Tracking

AngerAlert uses minimal cookies and tracking:

  • Session Cookies: To maintain your login session
  • Security Cookies: To prevent cross-site request forgery
  • Analytics: We use Sentry for error tracking (no personal data shared)

10. Children's Privacy

AngerAlert is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

11. Payment and Billing Data

Payment processing is handled by Paddle:

  • Payment Data: Credit card information is processed directly by Paddle, not stored by AngerAlert
  • Billing Information: We store subscription status, plan type, and billing dates
  • Checkout Cookies: Paddle may set cookies during checkout process
  • PCI Compliance: All payment data handling is PCI DSS compliant via Paddle
  • Customer Data: Paddle customer IDs are encrypted and stored for subscription management

12. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the service after changes constitutes acceptance of the new policy.

13. Contact Information

If you have questions about this privacy policy or want to exercise your rights, please contact us at:

Note: This privacy policy complies with GDPR, CCPA, and other applicable data protection regulations. For specific regional requirements or questions, please contact our privacy team.