⚠️ Important Notice ⚠️Emilio is closing down on 15 July 2024.

Learn more

Our commitment to Security

At Emilio, safeguarding your data is our top priority. This page details our security protocols and standards. For privacy-related information, refer to our Privacy Policy.

Robust security measures

Compliance and certifications

Emilio has obtained the CASA Tier 2 Security Certification in February 2024, underscoring our commitment to security excellence. CASA is the industry-recognized application security standard by Google, which needs to be undertaken annually.

Later on, we will be aiming at higher certifications, such as SOC 2 or ISO 27001. Right now, we are just starting our organization and focused on building the most secure product for our customers.

Data authentication and user privacy

User authentication is managed with your email provider via OAuth2 protocol. We prioritize user privacy and handle all data with the utmost care and confidentiality.

User data handling

Emilio processes your email data using advanced AI and machine learning techniques to provide features such as email summarization, labeling, and drafting. This processing is integral to the service we provide and is performed with your consent during the onboarding flow.

We do not cache your data in our servers, except for anonymized data for troubleshooting. We do not use any profiling tools or systems to process your data and make decisions based on profiling.

We do store metadata on your email usage, such as the most relevant senders and how fast you respond to them. This information allows us to provide the most accurate predictions of what is important to you.

Overall, the collected information is utilized to enhance the Emilio product and support you effectively.

Hosting and data encryption

Our services are hosted on Amazon Web Services, ensuring compliance with the following standards: SOC 1/ISAE 3402, SOC 2, and SOC 3. For more information, please refer to AWS’ security and compliance page.

Data retention policy

We retain logs for 30 days to monitor system health, after which they are securely erased.