Privacy Policy

Last updated: 17 April 2026

Who we are

Skub is operated by Provenance Tags ApS, Denmark. Skub is an AI assistant that watches your email inbox and sends you tap-to-act notifications when a message needs your decision. Throughout this policy "Skub", "we", or "us" means Provenance Tags ApS.

Plain-English summary: When you connect a mailbox, Skub reads your incoming email so it can decide what's worth alerting you about and summarize it for you. Email content is processed in memory and not retained on Skub's infrastructure — your preferences, rules, learned patterns, and history live in a Skub Storage/ folder inside your own Google Drive, not in a Skub database. On our infrastructure we hold only the operational state needed to deliver the service: your OAuth tokens (in a headless vault), the email address of each connected mailbox, your login session reference, your Telegram chat id (only if you linked it), your subscription state, and any knowledge-base names / grounding instructions / persona text you've set. Content is used only to serve you — never to train AI models, never shared with advertisers, never sold.

Skub currently supports Gmail. Outlook and IMAP are on the roadmap. Provider-specific details below call out Gmail where relevant for Google's API User Data Policy.

What data we collect

Account data

Email address and display name — used to identify your Skub account. You sign in with a passkey; mail-provider identity (e.g. Google profile) is used when you connect a mailbox.
OAuth tokens for each connected mailbox — encrypted at rest, used only to access that mailbox on your behalf.
Telegram chat ID — if you link Telegram, so we know where to send notifications.
Stripe customer ID — if you subscribe to a paid plan.

Gmail data (accessed via Google's Gmail API)

Email metadata (sender, subject, date, labels) — read to decide which emails matter and to dedupe notifications.
Email snippets and bodies — read so Skub can summarize, classify, and generate suggested replies.
Labels — read to respect existing organization; added/removed when you tap "Move" or "Ignore".
Sent messages — created on your behalf when you tap "Reply" or "Forward" and choose content.

Skub does not access attachments, draft messages, contacts, calendars, or any Google data outside Gmail.

Derived data

Skub learns from your taps — sender preferences, ignore patterns, learned habits — but that derived data does not live in a Skub database. It is kept under your own control, where you can inspect, edit, or clear it at any time. Categories:

Sender state (VIP / Known / Ignored / Blocked) — inferred from your taps, used to decide future notifications.
Preference notes — natural-language summaries of your habits (e.g. "user replies quickly to Lars") and their vector embeddings.
Activity history — which emails Skub notified you about, and which buttons you tapped.

How we use your data

Deliver the service — read your connected mailboxes, send notifications, execute your taps (reply / archive / move / ignore / forward).
Personalize — learn from your taps so future notifications get more useful. Your learning data is used only for your own Skub agent; it never influences another user's experience.
Send transactional messages — e.g. an email if something about your account requires attention.
Billing — process subscriptions through Stripe if you upgrade.

AI processing

To decide what matters and generate summaries, Skub sends email content to a third-party large-language-model provider. Content is sent only to process one request at a time — it is not retained beyond that request, and not used to train any AI model, per the provider's contract with us. No other AI or analytics service receives your email content. The specific provider is disclosed in our subprocessor list, available on request.

How data is stored and secured

What we hold (on our infrastructure): your OAuth tokens (in an EU-hosted headless vault, every use audit-logged); the email address of each connected mailbox; your login session reference (passkey identity); your Telegram chat id (only if you linked Telegram); your subscription state (Stripe customer id + plan); knowledge-base names + grounding instructions you've set (Business tier only); any persona / system-prompt text you've configured. That is the complete list.
What we don't hold: your email content (bodies, snippets, metadata), your preferences, your rules, your sender states, your VIPs, your skub history, your learning feed, knowledge-base document text or vectors. These live in a Skub Storage/ folder inside your own Google Drive, accessed via the drive.file OAuth scope which limits Skub to files Skub itself creates — Skub cannot read, list, or modify any other file in your Drive.
All of the above runs on servers in Amsterdam (EU), hosted by Fly.io. No customer data is transferred outside the EEA for storage.
Connections between you, Skub, and every subprocessor use TLS/HTTPS.
Access to production systems is restricted to Provenance Tags staff. The vault itself is headless — no human can log into it; access happens only through deployed code, audit-logged.

Who we share data with

We share the minimum necessary data with a small set of vetted processors, and only to deliver the service to you. Each is bound by a written data-processing agreement. Categories:

Mail-provider APIs (e.g. Google for Gmail, with more providers planned) — we call these on your behalf to read / modify / send on the mailboxes you connect.
Messaging platform — to deliver skub notifications and receive your button taps.
AI processing provider — to classify, summarize, and draft replies. Our AI providers are contractually prohibited from retaining your content beyond the individual request, and from training models on your data. No AI or analytics vendor receives your email content outside of this single-purpose flow.
Payments — if you subscribe to a paid plan; the payment provider handles card details; we never see your card number.
Infrastructure / hosting — EU-hosted; processes data only at our direction.

We do not sell, rent, or share your data for advertising. We do not aggregate your mail data with other users'. We do not use your email content to train AI models, and our providers are bound by the same commitment.

The full, named subprocessor list is available on request — email us via the form below.

Limited-use disclosure

Skub's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

AI/ML model training disclosure (Google Workspace data)

Skub does not use, transfer, or share Google Workspace API data — including Gmail message content, metadata, attachments, or any data accessed via the Gmail API — to develop, improve, or train generalised or non-personalised AI and/or ML models.

Workspace data is processed only to deliver the user-facing features the user has configured (classification, summarisation, suggested replies, auto-replies grounded in the user's own knowledge base). Each request to our AI processing provider is one-shot: the content is not retained beyond that request, is not added to any training corpus, and is not used to improve any model — ours or the provider's. Our AI processing provider is contractually bound to the same prohibition.

This commitment applies to all AI and ML models, including any future ones we may add. If our AI processing setup ever changes in a way that affects this commitment, we will update this section and notify users via the email address on file.

Data retention and deletion

Active accounts — we retain your OAuth tokens, login session, and subscription status while your account is active. Email content is not persisted beyond the in-memory processing of a single notification. Preferences, rules, and history stay under your control and are not held by us.
Account deletion — submit a deletion request using the form below, or disconnect individual mailboxes from Skub's Settings → Mailboxes. We wipe the OAuth tokens + account + subscription reference we hold within 48 hours; any derived data you've kept under your control stays exactly where you chose to keep it (or is removed with the mailbox if you revoke access at Google). Deletion is permanent.
For Gmail accounts, you can also revoke Skub's access at any time at myaccount.google.com/connections.

Your rights (GDPR / UK GDPR)

You have the right to: access a copy of your data, correct inaccuracies, delete your data, object to processing, and export your data. Submit a request using the form below. We respond within 30 days — usually faster.

Data Processing Agreement (DPA) and security artefacts

Customers who need to comply with GDPR (e.g. if you process employee or customer email through Skub on behalf of an organisation) may request a Data Processing Agreement. Our DPA is pre-signed by Provenance Tags ApS and becomes active when you counter-sign.

We also make our Data Protection Impact Assessment (DPIA), incident-response runbook, and full subprocessor list available on request under NDA. A public summary of our security posture is at skub.me/security.

Request any of these via the form below (pick “Other”, write “DPIA” or “DPA” in the details) or through the Enterprise form on the landing page.

Cookies and tracking

Skub uses a single first-party session cookie on skub.me and app.skub.me to keep you logged in. No analytics, no tracking pixels, no third-party advertising cookies.

Children

Skub is not directed to children under 16 and we do not knowingly collect data from them. If you believe we have, submit a deletion request and we'll remove it.

Changes to this policy

If we materially change how we handle data, we'll notify active users by email before the change takes effect.

Contact

Questions, deletion requests, or concerns: use the request form above (pick "Other" if it's not a data request).

Provenance Tags ApS · Denmark