Privacy Policy

Last updated: June 11, 2026

iOLA is a unified, email-compatible messaging app. You connect your own email mailboxes and chat across them from one place. This policy explains what personal data iOLA handles, why, how it is protected, and the rights you have over it. We have written it in plain English and tried to be precise about what the product actually does — including the limits of our encryption.

1. Who we are & how to contact us

iOLA (“iOLA”, “we”, “us”) is the service available at i-ola.com. The operator and the data controller responsible for your iOLA account is reachable at privacy@i-ola.com. For any privacy question, request, or complaint — including the data-subject rights described in Section 9 — email that address and we will respond.

The legal entity name and registered address of the operator, and any appointed EU/UK representative, are available on request at the contact address above and will be stated here once finalized.

2. What data we collect

We collect only what we need to run the service for you:

Account identity

Email address — used to sign you in and identify your account.
Phone number — only if you choose phone (SMS) sign-in.
Handle, display name, and avatar — your optional public-facing profile.

Connected-mailbox credentials

When you connect an IMAP/SMTP mailbox, we store the connection details (server, username, and the mailbox password or app-password) so we can sync your mail. The secret is sealed with AES encryption at rest using a key held by the service; it is never stored in plaintext in our database and is never shown back to you. If you sign in to a provider with Google or Microsoft OAuth instead of a password, we store OAuth tokens rather than your provider password.

Message & email content and metadata

To give you a single, searchable inbox, iOLA mirrors and stores the messages and emails in your connected mailboxes and the messages you send and receive inside iOLA. This includes message bodies (text and HTML), subjects, timestamps, read/flag/folder state, and attachments. New message and email content is encrypted at rest (see Section 6).

Third-party correspondents’ details

Email inherently contains the addresses and names of the people you correspond with, including people who are not iOLA users. We process these as part of mirroring your mail (for example, to display “To” and “From”, to thread conversations, and to let you search your own history). We are improving how these third-party identifiers are encrypted so that, over time, only your authenticated session can resolve them; see Section 6.

Usage & log data

We process basic technical data needed to operate and secure the service — such as IP address, device/browser type, and request logs. We keep logs minimal and work to keep message bodies and correspondent addresses out of application logs.

3. How we use your data

To provide the service — show your unified inbox, store and display your conversations, and let you search and manage them.
To sync mail — connect to your IMAP/SMTP provider to fetch incoming mail and send outgoing mail on your behalf.
To authenticate you — email magic links, optional SMS codes, and optional Google/Microsoft OAuth sign-in.
To keep the service safe and working — prevent abuse, debug, and maintain reliability and security.

We do not sell your personal data, and we do not use the content of your messages or email for advertising or to build advertising profiles.

4. Optional features that change what we process

Read receipts — iOLA can show when a message you sent was read. This is user-toggleable; you can turn read receipts off in your settings.
SMS sign-in (Twilio) — if you use phone login, your number is sent to our SMS provider to deliver the one-time code.
Google / Microsoft OAuth — if you sign in with Google or Microsoft, we receive the basic profile and the mail-access scopes you approve.
Discoverability — any public profile/discovery feature is off by default and only applies if you opt in.

5. Lawful bases & our role (GDPR)

Where the EU/UK GDPR applies, we rely on these lawful bases (Article 6):

Performance of a contract — to create and run your iOLA account and deliver the service you asked for.
Consent — for optional features you switch on, such as connecting a mailbox, SMS sign-in, or discoverability. You can withdraw consent at any time.
Legitimate interests — to secure the service, prevent abuse, and keep it reliable, balanced against your rights.

Our role depends on the data:

For your account, profile, and settings, iOLA is the data controller.
For the content of your own mailbox that we mirror to provide the service, iOLA acts as a processor on your behalf — you already lawfully hold this mail on your email provider, and we mirror it at your instruction. You remain responsible for the lawful basis on which you correspond with third parties.

Your data is isolated per account: every database query and every per-conversation store is scoped to its owner, so there is no shared or global view across users.

6. Encryption at rest — and its limits

We want to be straightforward about this, because privacy claims are often overstated. iOLA uses envelope encryption at rest for new message and email content. This is not end-to-end encryption.

New message/email content is sealed with AES-256-GCM before it is written to our database. Each conversation has its own data key, and that key is wrapped (encrypted) at rest with a master key held by the service.
Because the service holds the wrap key, our server can unwrap content when needed to provide the features you use — message previews, search-adjacent features, and your data export — and we can be compelled to produce data under valid legal process.
Syncing real email requires transiently handling plaintext: the component that connects to your IMAP/SMTP provider necessarily sees message content in the clear while fetching or sending mail. That is inherent to working with standard email.
Connected-mailbox passwords are separately sealed with AES at rest, as described in Section 2.

What this protects against: a stolen database dump, a leaked database credential, or snooping at the database layer would yield ciphertext and minimal non-content stubs, not your message contents. What it does not protect against: a full compromise of our server together with its secret keys, or lawful legal compulsion. If you need end-to-end encryption where no server can read your content, iOLA in its current form is not that product.

7. Sub-processors & international transfers

We use the following third parties to run iOLA. They process personal data only to provide their service to us, under their own terms and data protection commitments.

Provider	Purpose
Cloudflare	Application hosting (edge compute, Durable Objects) and attachment storage (R2)
Neon	Managed PostgreSQL database (region-pinned)
Fly.io	Hosting for the mail-sync bridge that connects to IMAP/SMTP
Twilio	SMS delivery for optional phone sign-in
Google / Microsoft	Optional OAuth sign-in and provider mail access
Google Analytics	Website & product usage analytics (see “Cookies & analytics” below)
Your email provider	The IMAP/SMTP mailbox you choose to connect

Some of these providers may process data outside your country, including in the United States. Where personal data is transferred internationally, we rely on appropriate safeguards such as the providers’ Standard Contractual Clauses and applicable adequacy frameworks. A current list of sub-processors and a Data Processing Addendum are available on request at privacy@i-ola.com.

8. Google & Microsoft API data — Limited Use

iOLA’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including its Limited Use requirements. Data obtained through Google or Microsoft APIs — including profile information and access to your mail — is used only to provide and improve the user-facing features you have asked for (such as signing you in and syncing your mailbox). We do not sell this data, we do not use it for advertising, and we do not allow humans to read it except where you explicitly permit it, where required for security or to comply with applicable law, or where the data is aggregated/anonymized for internal operations.

9. Your rights

Depending on where you live (including under the GDPR and the CCPA), you have rights over your personal data:

Access & portability — get a copy of your data in a portable format. iOLA provides an in-app “Download my data” export that produces a machine-readable bundle of your identity, your connected mailboxes (without the stored secrets), and your conversations and messages.
Rectification — correct your profile (name, handle, phone, avatar) from your settings.
Erasure — request deletion of your account and associated data.
Restriction & objection — pause processing, turn read receipts off, and turn discoverability off.

California residents have the right to know, delete, and correct their personal information and to not be discriminated against for exercising these rights. Because we do not sell or share personal information for cross-context behavioral advertising, there is no “Do Not Sell” to action — but you may still make any request above.

To exercise any right, email privacy@i-ola.com. We may need to verify your identity. You also have the right to lodge a complaint with your local data protection authority.

10. Data retention

Sign-in codes & tokens — magic-link tokens and SMS verification codes are short-lived and are pruned after they are used or expire.
Connected-mailbox secrets — when you disconnect a mailbox, its stored secret is purged.
Account content — we keep your messages and account data for as long as your account is active, and delete it when you delete your account (subject to short technical backups and any retention required by law).
Attachments — attachments tied to deleted conversations are cleaned up from storage.

11. Cookies & analytics

iOLA uses a first-party session cookie to keep you signed in. This cookie is essential to the service and cannot be turned off without signing out.

We also use Google Analytics (the Google tag G-VVW0Z4BZX2, gtag.js) on all pages of i-ola.com — the landing page, the application, and these policy pages — to understand how the service is used and to improve it. Google Analytics sets its own cookies and collects usage and device data such as the pages you view, approximate (IP-derived, truncated) location, browser and device type, referring URLs, session duration, and interaction events. This data is processed by Google as our analytics sub-processor and may be transferred to and stored in the United States.

What this means, and your choices. This is product analytics, not advertising: we do not use it to build advertising profiles, we do not sell this data, and the contents of your messages, emails, and attachments are never sent to Google Analytics. You can opt out at any time by using your browser’s cookie controls or a privacy/ad-blocking extension, by enabling “Do Not Track”, or by installing the Google Analytics Opt-out Browser Add-on. Blocking analytics does not affect your ability to use iOLA. For more detail see Google’s Privacy Policy and how Google uses information from sites that use its services.

12. Children

iOLA is not directed at children under 16 and is not intended for their use. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, contact privacy@i-ola.com and we will delete it.

13. Changes to this policy

We may update this policy as the product and the law evolve. When we do, we will revise the “Last updated” date at the top of this page and, for material changes, take reasonable steps to notify you. Your continued use of iOLA after an update means you accept the revised policy.