1. Who We Are
DripDraft is operated by Fluency Digital ("we", "us", "our"). We provide an AI-powered email follow-up tool that helps you send personalized outreach through your Gmail account.
2. Google API Disclosure
DripDraft's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- DripDraft only uses Gmail data to provide and improve the user-facing features described in this policy (sending emails on your behalf after your explicit approval).
- DripDraft does not transfer Gmail data to any third party unless necessary to provide or improve the app's user-facing features, required for security purposes, or required by law.
- DripDraft does not use Gmail data for advertising, market research, email content analysis, or training AI/machine learning models.
- DripDraft does not allow humans to read your Gmail data unless you provide affirmative consent, it is necessary for security investigation, or it is required by law.
- All access to Gmail thread data (reply and bounce detection) is performed by automated systems only — no human reads your email content.
3. Information We Collect
Account information: When you sign in with Google, we receive your name, email address, and profile picture from your Google account.
Gmail access: We request the gmail.send OAuth scope to send emails on your behalf. Follow-up drafts are stored within DripDraft for your review — you approve and send each one individually. DripDraft never sends email without your explicit action. We do not read, store, index, or analyze any emails in your Gmail inbox.
Campaign data: We store the contact information, email subjects, and email bodies you enter when creating campaigns, along with follow-up schedules and template data.
Payment information: Payments are processed by Stripe. We do not store your credit card details. Stripe's privacy policy applies to payment data.
Usage data: We track basic usage metrics like campaign counts for plan limits.
Email tracking (optional): If you enable open and click tracking on a campaign, we embed a small tracking pixel and wrap links in your outgoing emails. When a recipient opens the email or clicks a link, we record the event along with their IP address and browser user agent. This data is only visible to you (the campaign creator) and is deleted when you delete the campaign or your account. Tracking is optional and can be toggled per campaign or set as a default in Settings.
4. How We Use Your Information
We use Google user data (your name, email address, and Gmail send access) solely to provide the app's core functionality:
- To authenticate your account and manage your session
- To send emails on your behalf through Gmail after your explicit approval
- To detect bounces and replies on campaign emails you sent through DripDraft (automated thread checks only — no inbox scanning)
We use non-Google data (content you type into DripDraft such as email drafts, contact details, and writing prompts) for:
- To generate AI-written follow-up emails using Anthropic (only user-entered content is sent to AI providers — never Gmail data)
- To process payments and manage your subscription via Stripe
- To enforce plan limits
5. Anti-Spam Policy
DripDraft is designed for personalized, one-to-one professional outreach — not bulk or mass email. We enforce strict limits to prevent spam and protect Gmail deliverability:
- Campaign limits: Free accounts are limited to 10 campaigns per month. Paid accounts are limited to 100 campaigns per month.
- Batch limits: Batch campaigns are limited to 10 contacts at a time.
- Draft-first approach: All AI-generated follow-up emails are stored as drafts within DripDraft for human review before sending. You must explicitly approve and send each email. DripDraft never auto-sends emails without user action.
- Follow-up spacing: A minimum 2-day gap is enforced between consecutive follow-up drafts to prevent flooding a recipient's inbox.
- Reply & bounce detection: For users with expanded Gmail permissions, campaigns are automatically paused when a reply or bounce is detected via Gmail thread metadata (message headers only — no email body content is read). This prevents unnecessary follow-ups.
- No inbox scanning: DripDraft does not read, scan, index, or analyze the body of any emails in your Gmail inbox. Reply and bounce detection uses only message header metadata (From, Subject) on threads that DripDraft created.
- Rate limiting: API-level rate limits prevent abuse of email sending and AI generation features.
DripDraft is intended for personalized professional correspondence such as sales follow-ups, recruiting outreach, and client communication. It is not designed for marketing newsletters, promotional blasts, or unsolicited bulk email.
6. AI Services & Transparency
DripDraft integrates with the following third-party services to power its writing and contact features:
- Anthropic (Claude): Email generation, follow-up drafting, and email polishing (grammar, clarity, and tone). When you use "AI Write," "Rewrite," or "Polish," your input is sent to Anthropic's API for processing.
- DeepInfra: Lower-cost inference for contact parsing and company-to-domain resolution. When you paste or grab contact data for extraction, or use the email finder, the relevant text (contact snippet or company name) is sent to DeepInfra's API.
- Hunter.io: Optional email finder. When you click "Find email," the contact's name and company (or a domain you provide) are sent through DripDraft's server to Hunter.io to look up and verify a likely work email address. This feature is only active if you have configured a Hunter.io API key (or are an internal Fluency account); it is never triggered otherwise.
What is sent: Only the specific content you actively submit through these features — such as email drafts, contact snippets, subject lines, writing prompts, or a contact's name and company for an email lookup. No Gmail inbox data, no contact lists, and no data beyond what you explicitly provide in the feature is transmitted.
Data retention: Anthropic processes requests in real-time under a zero-data-retention API agreement and does not use your data to train models. DeepInfra and Hunter.io process requests to deliver the requested result; we do not authorize them to use your data for model training, and we do not sell your data to any party.
When these services are used: They are always user-initiated. DripDraft does not send any data to AI providers or Hunter.io in the background or without your explicit action (clicking "Generate," "Polish," "Rewrite," "Extract Contact," or "Find email").
7. Chrome Extension
DripDraft offers an optional Chrome browser extension that provides quick access to the app's features from any web page. Here is how the extension handles your data:
- Page content access: When you click "Grab from Page," the extension reads the text you have selected on the current page. On LinkedIn profile pages, if you have not selected specific text, the extension automatically extracts visible profile fields (name, headline, location, experience, and contact info if visible) from the page DOM. If no page selection is available, the extension falls back to reading your clipboard contents to capture contact data you may have copied from third-party widgets (such as Signal Hire or ContactOut) that are inaccessible via page selection. This grabbed text is sent to DripDraft's server, where it is processed by our inference provider (DeepInfra) for AI-powered contact parsing. The extension does not read or transmit page content or clipboard data unless you explicitly click Grab.
- Email finder (optional): If you click the "Find email" icon, the contact's name and company (or a domain you enter) are sent through DripDraft's server to Hunter.io to look up and verify a likely work email. This only runs when you have configured a Hunter.io API key (or are an internal Fluency account), and only when you click it.
- On-demand injection: When you click the DripDraft toolbar icon, the extension injects a small pull-out panel into the current tab so you can compose emails without leaving the page. This only happens on the tab you activate it on — the extension does not inject scripts into other tabs or run on pages in the background. The injected panel tracks your text selection on that page so the Grab button can capture it, but this data stays local until you click Grab.
- Local storage: The extension uses Chrome's local storage (
chrome.storage.local) to temporarily hold your in-progress form data (contact name, email, company, etc.) while the panel is open, so a brief close/reopen doesn't lose your work. This data stays on your device, is not transmitted to any server unless you submit it, and the form is reset to empty the next time you open the panel. - Permissions: The extension requests
activeTab (to access the current tab when you click the toolbar icon), scripting (to inject the panel and extract text on demand), storage (to save form state locally), sidePanel (to open as a Chrome side panel), and clipboardRead (to read clipboard contents when you click Grab, as a fallback for contact data copied from third-party widgets). The extension only communicates with dripdraft.com — no other remote servers. - No background data collection: The extension does not run on pages you have not activated it on, does not monitor your browsing activity, does not collect browsing history, does not track which pages you visit, and does not transmit any data without your explicit action.
8. Data Sharing
We do not sell your data. We share data only with:
- Google: To authenticate and access Gmail on your behalf
- Anthropic: To generate AI-written emails, parse contact details, and polish drafts (only user-submitted content is sent)
- Stripe: To process payments
AI providers only receive user-submitted content for requested features (for example email drafts, contact details, goals/prompts, or text you choose to parse). Data is processed in real-time and is not retained by Anthropic for model training — Anthropic operates under a zero-data-retention API agreement. No data read from your Gmail inbox is ever sent to AI providers or any other third party.
9. Data Retention
We retain your data for as long as your account is active. When you delete your account, all your data — campaigns, contacts, templates, and follow-ups — is permanently and immediately deleted from our database.
10. Your Rights
You can:
- Access: View all your data in the dashboard
- Delete: Delete your account and all data from the Account page
- Revoke access: Remove DripDraft's Gmail access at any time via your Google Account permissions
- Cancel: Cancel your subscription at any time from the Account page
11. Security
All connections use HTTPS/TLS encryption. Google OAuth tokens are encrypted at rest using AES-256-GCM authenticated encryption and are never exposed in API responses or client-side code. We never store your Google password. Database access is restricted to authenticated, authorized users, and all queries are scoped to the logged-in user's data.