Email Unsubscriber™ Privacy Policy

Last Updated: April 22, 2026

Your Privacy is Our Priority

100% Browser-Based: All email scanning happens entirely in YOUR browser

Never Leaves Your Device: Your emails NEVER leave your computer

Zero Server Storage: We NEVER see, store, or process your email content

No AI blackbox: Our approach is purely algorithmic, leaving no room for surprises

1. Introduction

Email Unsubscriber, operated by Micro Solutions LLC ("The company", "we", "us", or "our") provides a browser-based tool that helps you identify and unsubscribe from unwanted email subscriptions. This Privacy Policy explains how we handle your information when you use our service.

We built this service with privacy as the foundation. Unlike other email management tools, we designed our architecture so that your email data never touches our servers.

2. Information We Do NOT Collect

We want to be absolutely clear about what we never access:

Email content - We never see the body, subject lines, or text of your emails
Email metadata - Senders, recipients, timestamps, or any header information
Subscription lists - Your scan results and subscription data stay on your device
Inbox data - Any information from your email inbox
Email provider access tokens - The credentials that allow reading your emails stay in your browser and are never sent to our servers

3. Information We Do Collect

We collect minimal information necessary to provide our service:

Account Email Address: Used solely for account identification and authentication
Subscription Status: For paid users, we track payment status to provide full access to all features
Basic Usage Analytics: Anonymous page views and feature usage (not tied to email data)
Unsubscribe History: When you unsubscribe from a sender through our service, we store a record of the sender's email address and name as part of your unsubscribe audit log. This data enables our Unsubscribe Violation Detection feature, which monitors whether senders comply with your unsubscribe requests by flagging any non-individual emails received from them after your request.
Referral Data: If you participate in our referral program, we store your unique referral code and track your referral progress (number of successful referrals). Referral relationships are tracked using anonymized identifiers, not raw email addresses.

4. Legal Basis for Processing

We process your personal data under the following legal bases as defined by GDPR Article 6:

Contract Performance (Art. 6(1)(b)): Processing your email address and account data to provide the email unsubscription service, process payments, and maintain your account.
Consent (Art. 6(1)(a)): Analytics cookies, session recording, and behavioral tracking — only activated when you explicitly consent via our cookie banner.
Legitimate Interest (Art. 6(1)(f)): Essential error tracking and performance monitoring to maintain service reliability; security measures including blacklist maintenance for fraud and abuse prevention.
Legal Obligation (Art. 6(1)(c)): Retention of anonymized payment records for 7 years as required by applicable tax and financial regulations.

5. How Our Service Works

Understanding our architecture helps explain why your data stays private:

Direct Browser-to-Provider Communication

All email API requests go directly from your browser to your email provider's servers (e.g., Google or Microsoft). Our servers are never involved in this data flow.

OAuth Authentication Only

Our servers never receive your email access credentials. Authentication happens directly between your browser and your email provider - our backend only receives an identity token (JWT) that proves who you are, but cannot be used to access your emails.

Local Processing

The dashboard code runs entirely in your browser. Email scanning, analysis, and unsubscribe detection all happen on your device.

Token Separation Architecture

When you sign in with your email provider, two different tokens are created: an access token (which can read your emails) and an identity token (which only proves who you are). The OAuth standard requires a backend intermediary to securely exchange your authorization code for these tokens. To maximize transparency, we have split this intermediary into a standalone, open-source, fully auditable service that is hosted separately on a public cloud (Cloudflare Workers). This token-exchange service is fully isolated from the rest of our backend, meaning our backend has no chance of ever seeing your access token. After the exchange, your browser keeps the access token and uses it to communicate directly with your email provider. Our backend only ever receives the identity token, which cannot be used to access your emails. This architectural choice means our servers are physically incapable of reading your emails, even if compromised.

6. Cookies

We use cookies to enhance your browsing experience. Cookies are small text files stored in your browser.

Essential Cookies: These are required for the site to function. They store your theme preference (light/dark mode) and your cookie consent choice. These cannot be disabled.
Analytics Cookies: With your consent, we use anonymous analytics cookies to understand how visitors interact with our site. These cookies do not collect personally identifiable information. You can opt in or out at any time via the cookie consent banner.
Session Recording: When you consent to analytics cookies, we may also enable session recording through PostHog. Session recordings capture your interactions with the application (clicks, scrolling, page navigation) to help us identify usability issues and improve the user experience. Session recordings are tied to your anonymized identifier, not your email address. You can opt out at any time by rejecting analytics cookies.

Cookies are set with a domain of .email-unsubscriber.com so your preferences carry across our sites. They expire after 400 days. You can delete cookies at any time through your browser settings.

7. Third-Party Services

We integrate with the following third-party services:

Google (OAuth & Gmail API): We use Google's OAuth 2.0 for authentication. Your browser communicates directly with Google's Gmail API to read email data. Google's privacy policy applies to data they process.
Microsoft (OAuth & Outlook API): We use Microsoft's OAuth 2.0 for authentication. Your browser communicates directly with Microsoft's Graph API to read email data. Microsoft's privacy statement applies to data they process.
Stripe (Payment Processing): If you purchase access to our service, Stripe handles payment processing. We never see or store your full credit card information. Please note that after account deletion, your email address and payment details may still be retained by Stripe in accordance with their own data retention policies. We anonymize all payment records stored on our servers, but cannot force deletion of data held by Stripe.
Cloudflare (Hosting & CDN): Our service is hosted on Cloudflare. Cloudflare may collect standard server logs (IP addresses, request times) as part of their service.
PostHog (Product Analytics): We use PostHog for basic product analytics. To protect your privacy, we only ever send a cryptographically hashed (obfuscated) version of your email address to PostHog — your real email address is never transmitted and cannot be recovered, even by PostHog themselves. The hashed identifier is used solely to distinguish between users, not to identify them. No email content, metadata, or inbox data is ever sent to PostHog. PostHog's privacy policy applies to data they process.

Prohibited Uses of Email User Data

Email Unsubscriber never uses email user data obtained from any provider (Google, Microsoft, or any future integration) for any of the following purposes:

Targeted advertising, personalized advertising, retargeted advertising, or interest-based advertising
Serving advertisements or ad-related profiling of any kind
Selling, renting, or providing data to data brokers or information resellers
Determining credit-worthiness, lending eligibility, or insurance underwriting
Creating, compiling, or augmenting databases for sale, rental, or transfer to third parties
Training, fine-tuning, or improving machine learning or artificial intelligence models (including generative AI, large language models, or any automated decision-making systems)
Market research, email campaign tracking, or competitive intelligence
Surveillance, user profiling, or behavioral tracking beyond what is necessary for the core email unsubscribe functionality
Any purpose other than providing or improving the Email Unsubscriber service as described in this Privacy Policy

Third-Party Transfer Restrictions

Sensitive email user data — including email content, metadata, headers, and access tokens — is never transferred to any third party, for any purpose whatsoever, regardless of whether you use Gmail, Outlook, or any other supported email provider. This data is processed exclusively within your browser and is architecturally inaccessible to our servers and any third party. Specifically:

We do not share, sell, rent, or disclose email content, metadata, headers, or access tokens to any third party for any reason — including for service-related purposes
No email content, email metadata, email headers, sender information, or email access tokens are ever transmitted to any third party, or any external system
The only data shared with third-party services (such as our analytics provider, PostHog) consists of irreversibly hashed identifiers that cannot be used to recover any email user data, email addresses, or personal information
For payment processing, Stripe collects payment information directly from your browser — we never collect, handle, or transmit your payment or banking data to Stripe or any other party. Data retained by Stripe is subject to Stripe's own privacy policy and is outside our control
These restrictions apply equally to all email user data from all supported providers (Google, Microsoft, and any future integrations), regardless of whether it is processed on our servers or in your browser

Google API Services Limited Use Disclosure

Email Unsubscriber's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

Email data accessed through the Gmail API is used exclusively to identify subscription senders and extract unsubscribe methods, enabling you to unsubscribe from unwanted emails
All email content is processed locally in your browser and is never transmitted to or stored on our servers
Email data is not used for serving advertisements, market research, email campaign tracking, or any purpose unrelated to the core unsubscribe functionality
Email data is not transferred to third parties
Email data is not used for training machine learning or artificial intelligence models

8. Local Data Storage

Your scan results and authentication data are stored locally in your browser:

IndexedDB: Scan results and subscription data are stored in your browser's IndexedDB
localStorage: OAuth tokens are stored in browser localStorage for session persistence
Data Clearing: All local data is automatically cleared when you clear your browser data

This data never leaves your device and is only accessible to you.

9. Data Protection & Security

Your Data Is Protected by Design

All data encrypted in transit with industry-standard TLS

Email data processed entirely in your browser — never on our servers

Email access tokens never leave your browser or reach our backend

Personal identifiers are irreversibly hashed before storage or analytics transmission

Open-source token exchange service enables independent security audits

9.1 Encryption in Transit

All communications between your browser and email providers (Google, Microsoft), as well as between your browser and our services, are encrypted using industry-standard TLS (Transport Layer Security). This ensures your data cannot be intercepted or tampered with during transmission.

9.2 Client-Side Processing Architecture

All email data — including content, headers, metadata, and subscription information — is processed entirely within your browser. Email data never reaches our servers, architecturally eliminating the possibility of server-side data breaches for this information.

9.3 Token Isolation

Your email access tokens (which grant the ability to read your emails) never leave your browser and are never sent to our backend servers. Our backend only receives identity tokens (JWTs) that verify your identity but cannot be used to access your email data. The token exchange is handled by a standalone, open-source service that is fully isolated from our main backend.

9.4 PII Protection Through One-Way Hashing

Before any personally identifiable information (such as email addresses) is stored in our database or transmitted to any third-party service (such as our analytics provider), it is irreversibly transformed using one-way cryptographic hashing (SHA-256). The original email address cannot be recovered from these hashes, even by us or our service providers.

9.5 Data Minimization

We follow the principle of data minimization — we collect only the absolute minimum data required to provide and improve the Email Unsubscriber service. We do not collect or retain any data beyond what is strictly necessary for service functionality.

9.6 Open-Source Transparency

Our OAuth token exchange service is open-source and publicly auditable, enabling independent verification of our data handling practices.

10. Data Retention & Account Deletion

You can delete your account at any time using the "Erase Account" feature in your profile. When you erase your account, we process your data as follows:

10.1 Anonymization Process

Account deletion is performed through anonymization rather than hard deletion. All personally identifiable information (PII) associated with your account (which is your email address only as we never collect any other PII) is permanently replaced with an irreversible, one-way cryptographic hash. After this process, your account record can no longer be linked back to you.

10.2 Data That Is Permanently Deleted

Unsubscribe history: All records of your unsubscribe actions, which may contain third-party sender information, are permanently and fully deleted — not anonymized.
Whitelist/early access entries: Any early access or whitelist entries associated with your account are removed.

10.3 Data That Is Retained

Certain data is retained after account deletion for legal and security purposes. In all cases, personally identifiable information is replaced with the anonymized hash described above.

Payment records (up to 7 years): Anonymized payment records — including payment amounts, dates, currency, and Stripe transaction identifiers — are retained to comply with tax and financial reporting obligations. This retention is permitted under GDPR Article 17(3)(b), which allows data controllers to retain data necessary for compliance with a legal obligation.
Anonymized user identifier: A one-way cryptographic hash derived from your email address is retained to detect returning users and prevent abuse of promotional offers (such as referral incentives). This hash cannot be reversed to recover your email address. This retention is justified under legitimate interest as recognized by GDPR Recital 47 — specifically, the prevention of fraud and misuse of services.
Blacklist entries: If your account was placed on a security blacklist prior to deletion, that entry is retained for ongoing security and abuse prevention purposes.

10.4 Local Browser Data

The "Erase Account" feature removes your account from our servers. Data stored locally in your browser (localStorage, IndexedDB) is not affected by this process. You can clear local data at any time through your browser settings.

11. Your Rights

You have full control over your data and access:

Revoke Access: You can revoke our access at any time through your Google Account settings or Microsoft Account settings, depending on which provider you signed in with.
Clear Local Data: Clear your browser's localStorage and IndexedDB to remove all locally stored data.
Account Deletion: Use the "Erase Account" feature in your profile to anonymize and remove your account data from our servers. See Section 10 for details on what is deleted, what is anonymized, and what is retained.
Data Export: Since all scan data is stored locally in your browser, you already have direct access to your data.

12. California Privacy Rights (CCPA/CPRA)

12.1 Scope

This section applies to California residents and supplements the rest of this Privacy Policy with the disclosures required by the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). Where this section conflicts with another part of this Policy for California residents, this section controls.

12.2 We Do Not Sell or Share Your Personal Information

We have not sold and have not shared personal information of California residents in the preceding 12 months, and we do not do so as an ongoing practice. "Sale" and "share" are used here as defined under CCPA/CPRA, including sharing for cross-context behavioral advertising. Because we do not engage in either activity, there is no opt-out mechanism to provide.

12.3 Your Rights

California residents have the following rights under CCPA/CPRA:

Right to Know: request the categories and specific pieces of personal information we have collected about you, the sources, the purposes for collection, and the categories of recipients.
Right to Delete: request that we delete personal information we have collected from you, subject to legal exceptions.
Right to Correct: request that we correct inaccurate personal information we hold about you.
Right to Opt-Out of Sale/Share: opt out of the sale or sharing of personal information. Not applicable here — we do not sell or share personal information.
Right to Limit Use of Sensitive PI: direct us to limit our use of sensitive personal information to purposes permitted under CPRA §1798.121. See section 12.6.
Right to Non-Discrimination: we will not deny service, charge different prices, or provide a different level of quality because you exercised any of these rights.

12.4 Categories of Personal Information We Collect

We collect:

Identifiers: your email address (used as your account identifier).
Commercial information: payment amounts, transaction identifiers, and subscription/payment status.
Internet or other electronic network activity: analytics page views and session recordings (consent-gated via our cookie banner).
Inferences: aggregate usage statistics derived from your interactions with the service.

We do NOT collect:

Sensitive government identifiers (SSN, driver's license, passport, state ID).
Biometric data (fingerprints, facial geometry, voiceprints).
Health, medical, or genetic information.
Precise geolocation (we have no GPS-level location data).
Contact lists, address books, or your email content.
Racial or ethnic origin.
Religious or philosophical beliefs.
Sexual orientation or sex life.
Union membership.

The categories above reflect our ongoing practice and will be updated if our sources, purposes, or recipients materially change.

12.5 Sources, Purposes, and Recipients

For each category we collect, the source, business purpose, and recipients are as follows:

Identifiers (email address): collected directly from you via OAuth sign-in with your email provider. Used for authentication, account identification, transactional communication, and service provision. Shared with Google or Microsoft (your chosen identity provider for sign-in), Stripe (for payment receipt and customer matching), Cloudflare (CDN/edge processing of authentication requests), and PostHog (only if you have consented to analytics — as a hashed identifier for product analytics).
Commercial information (payment data): collected from Stripe upon successful payment. Used to determine your subscription/payment status and provide paid features. Shared with Stripe (the source and processor of this data) and stored on our backend.
Internet/network activity (analytics, session recordings): collected from your browser/device when you interact with our service. Used for product analytics, debugging, and improving the user experience. Shared only with PostHog, and only if you have granted analytics consent through our cookie banner.
Inferences (usage statistics): derived internally from your interactions with the service. Used to inform product decisions and personalize your experience. Not shared with third parties.

This list reflects ongoing practice and will be updated if sources, purposes, or recipients materially change.

12.6 Sensitive Personal Information

Under CPRA, an email address used in combination with a password or security credential is considered "sensitive personal information" (SPI). We use your email address only for the purposes permitted under CPRA §1798.121: authenticating you, providing the service you have requested, ensuring the security and integrity of our service, and complying with legal obligations. Because we do not use SPI to infer characteristics about you or for any other purpose, the "Right to Limit Use of Sensitive PI" is already satisfied by our existing practice — no further action is needed from you.

12.7 How to Exercise Your Rights

You may exercise any of the rights described above by either:

Emailing gdpr@email-unsubscriber.com from the email address associated with your account, or
Using the "Erase Account" feature in your account profile within the web app to initiate account deletion directly.

We will acknowledge receipt of your request within 10 business days and respond substantively within 45 calendar days. If we need more time, we may extend the response window by an additional 45 days and will notify you of the extension and the reasons for it. There is no charge for submitting or fulfilling a request, although we may decline to act on requests that are manifestly unfounded or excessive (for example, repetitive requests). If we decline a request, we will explain why.

12.8 Authorized Agents

You may designate an authorized agent to make a CCPA/CPRA request on your behalf. The agent must provide written authorization signed by you, along with government-issued photo identification for both you and the agent. We may also contact you directly to verify the request. If the agent has a power of attorney pursuant to California Probate Code §§4000-4465, the foregoing requirements may be satisfied by providing that documentation.

12.9 Non-Discrimination

We will not discriminate against you for exercising any of your CCPA/CPRA rights. Specifically, we will not deny you our service, charge you different prices or rates, provide a different level or quality of service, or suggest that you will receive a different price, rate, level, or quality of service because you exercised your rights.

12.10 Minors

We do not knowingly collect personal information from anyone under 16 years of age. Our Terms of Service additionally require all users to be at least 18 years old. If we become aware that we have collected personal information from a minor without verified parental or guardian consent, we will delete that information promptly. To report such a situation, contact us at gdpr@email-unsubscriber.com.

12.11 Financial Incentives

Our referral program qualifies as a "financial incentive" under CCPA §1798.125(b). The program offers percentage-based discounts to both new users (when they sign up using a referral) and to referrers (when their referrals reach qualifying milestones). The current material terms — including the percentage discounts, qualifying actions, and program rules — are available on the in-app referral page within your account profile and may change from time to time.

Participation in the referral program is entirely voluntary. To opt out, simply do not participate — do not share your referral code and do not redeem one. Choosing not to participate does not affect the price you pay for the service or the level of service you receive in any way.

12.12 Shine the Light (CA Civil Code §1798.83)

California's "Shine the Light" law permits California residents to request information regarding the disclosure of personal information to third parties for those third parties' direct marketing purposes. We do not disclose personal information to third parties for their own direct marketing purposes, so there is nothing to report under this law. If you have questions about this practice, contact us at gdpr@email-unsubscriber.com.

13. Contact Us

Data Protection Contact

For data protection inquiries, you may contact our Data Protection Officer:

Email: gdpr@email-unsubscriber.com

General Inquiries

For general inquiries about this Privacy Policy or our data practices, contact us at:

Email: contact@email-unsubscriber.com

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.