2026-01-13 / Legal

Privacy Policy for Ayato Gmail Protector

Last Updated: January 13, 2026

Ayato Studio ("we," "our," or "us") operates the Gmail Protector browser extension (the "Extension"). This Privacy Policy explains how we collect, use, and disclose information about you when you use our Extension.

1. Information We Collect

We are committed to minimizing data collection. The Extension primarily operates locally on your device.

  • User Content: To provide the core functionality of detecting sensitive information, the Extension temporarily processes the content of emails you are composing, attachments, and files linked via Google Drive. This processing occurs only when you attempt to send an email or manually trigger a scan.
  • Authentication Data: We store OAuth tokens locally in your browser to access Gmail and Google Drive API on your behalf. These tokens are never sent to our servers.
  • Settings: Your configuration preferences (e.g., custom sensitive keywords, API keys) are stored locally in your browser using Chrome Storage API.

2. How We Use Information

We use the information we collect solely for the following purposes:

  • AI Analysis: We send the User Content (email body, attachments, etc.) to the Google Gemini API to analyze it for sensitive information based on your settings. This data is not used to train Google's models (subject to Google's Enterprise API terms if you use your own Enterprise API key) and is not stored by us.
  • Service Functionality: To block emails containing detected sensitive information and provide alerts.

3. Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to outside parties. The only exception is:

  • Google Gemini API: As described above, content is sent to Google's AI models for analysis. This is a critical dependency for the Extension's functionality.

4. Data Security

We implement security measures to maintain the safety of your personal information. The Extension communicates directly with Google's APIs (Gmail, Drive, Gemini) from your browser. We do not operate an intermediate server that stores your email content.

Your Google Gemini API Key is stored locally in your browser and is never transmitted to us.

5. Your Rights

Because we do not store your data on our servers, you have full control over your data locally.

  • You can uninstall the Extension at any time to remove all locally stored data.
  • You can revoke the Extension's access to your Google Account via your Google Account security settings.

6. Contact Us

If you have any questions about this Privacy Policy, please contact us at: Email: contact@ayato-studio.ai

← Back to Home