— Privacy —
Privacy policy
Last updated: 2026-05-22
What we collect
When you sign in to Deck Mary, we store: your email address, the OAuth tokens or API keys you grant for each connected channel (Gmail / IMAP / Slack / Chatwork / Telegram / Discord / Instagram / WhatsApp / Teams / LINE), and the messages we fetch on your behalf so we can show them in your inbox.
How tokens are stored
OAuth tokens and API keys are encrypted with AES-256-GCM before being written to the database. The encryption key never leaves our server-side environment. Row-level security isolates each user's data inside the database.
What we share
Nothing. We do not sell your data, we do not show ads, we do not share with advertisers or analytics brokers. We do not use your messages to train AI models.
Where data goes
Messages are sent to Anthropic Claude only when you press the "AI" button on a message detail page. Claude is contracted to not train on API traffic. Outside of that, your data stays inside our Supabase database (Tokyo region).
Deleting your data
You can disconnect any connector from the Connectors page at any time. Email us at hi@deckmary.com to delete your account; we remove your row and all dependent records within 7 days.