Basics
Email Meter’s AI features (such as Sentiment Analysis or Automated Categorization) require access to the body of emails to provide advanced analytics and insights. We understand this raises additional security considerations beyond the standard email metadata analysis that the base product does. This document outlines our approach to securing your content when using our AI-powered features.Data access and processing
Unlike our standard features that only access email headers, our AI features require access to email content. Here’s how we protect your data:- Limited processing scope: email content is only processed when the client explicitly requests using our AI-powered features. This is never activated by default, nor can be activated directly by users from the product.
- Temporary storage: we use email content for processing and extracting the AI insights the client requires (such as Sentiment Analysis or Automated Categorization), and it’s not persistently stored.
- Secure API communication: all email data is encrypted in transit using TLS 1.3
- Zero training commitment: in accordance with Google Cloud’s terms, your data is never used to train or fine-tune AI models.
Google Vertex AI security
For its AI features, Email Meter leverages Google’s Vertex AI models and platform, which provide enterprise-grade security features:- Data encryption: all data is encrypted both in transit and at rest using industry-standard AES-256 encryption.
- Data residency: your data always remains in the geographic region of your choice (by default, we use the European Union). All processing occurs within your chosen region’s Google Cloud data centers.
- Limited Retention: customer data is retained in Vertex AI only for the limited periods necessary for processing.
- AI insights are retained according to your Email Meter subscription terms
- You can always request complete data deletion at any time by contacting us
Compliance
Our AI features maintain the same compliance and security standards as our core product:- ISO 27001 certification: Email Meter has received an ISO 27001 certification demonstrating that it has the appropriate controls in place to mitigate the risks related to security. You can download a copy here.
- Third-party audits: Email Meter is also audited by third parties, with rigorous security audits conducted yearly. You can download the latest certificate here.
Transparency and control
We’ve designed our AI features with transparency and customer control as core principles:- Disabled by default: AI features are completely disabled by default across the product. They can only be enabled through an explicit request from an administrator, ensuring you maintain full control over when and how AI analysis is used.
- Granular permissions: administrators can define granular access controls to determine which specific users can access different segments of data.
- Audit logging: all AI feature usage is tracked in detailed. This logging ensures you always have visibility into how AI features are being used within your organization.
- Complete control: as with the core product, you always maintain full ownership and control of your data. You can revoke access to email content at any time, request deletion of AI-generated insights and export your data when needed.
Resources
Google Vertex AI Security
Learn more about Google Cloud’s security controls for Vertex AI
Security overview
Review our core security practices and compliance measures
Frequently asked questions
How is email content processed differently from metadata??
How is email content processed differently from metadata??
While our standard features only require access to email headers (from, to, subject, etc.), AI features require accessing the actual content of emails. Content is only used for processing and is not persistently stored.
Is my email content used to train AI models?
Is my email content used to train AI models?
No. In accordance with Google Cloud’s terms, your data is never used to train or fine-tune AI models. Email Meter follows Google’s “Training Restriction” policy that prohibits using customer data for AI model training.
What information is stored when using AI features?
What information is stored when using AI features?
The only information stored is the AI-generated insight itself, not the original email content. For example, if using Sentiment Analysis to analyze an email, we only store the resulting sentiment score (positive, negative, or neutral).
How long is my email content retained when using AI features?
How long is my email content retained when using AI features?
Email content is only processed in memory during the execution of AI features and is immediately discarded after analysis. Google Vertex AI retains processing data only for the brief period necessary for analysis (typically seconds), after which it is automatically deleted. The AI-generated insights (scores, categories, etc.) are retained according to your Email Meter subscription terms.