Privacy
Last Updated: August 4, 2025
At Lyara, we respect your privacy and are committed to protecting your personal information. This policy explains how we collect, use, and protect your data when you use our email automation service with Gmail and Outlook.
1Information We Collect
We collect minimal information necessary to provide our email automation services:
- Email Address: We store your email address (Gmail or Outlook) for account identification and display purposes within our application
- OAuth Refresh Token: We securely store an encrypted refresh token that allows us to access your email account (Gmail or Outlook) for automation purposes
PrivacyPolicyPage.section1.notCollected
2How We Use Your Information
Your information is used solely for the following purposes:
- Account Management: Displaying your email address in your account dashboard
- Email Automation: Using your refresh token to perform automated email actions on your behalf
- Service Delivery: Enabling core functionality like inbox management and email sending across Gmail and Outlook
3Email Provider Permissions We Request
Our application requests the following permissions to function:
Gmail Permissions:
- gmail.readonly: Read your emails to display them in your inbox interface
- gmail.modify: Modify email states (mark as read, archive, organize) for inbox management
- gmail.send: Send emails through your Gmail account for automation features
Outlook Permissions:
- Mail.Read: Read your emails to display them in your inbox interface
- Mail.ReadWrite: Modify email states (mark as read, archive, organize) for inbox management
- Mail.Send: Send emails through your Outlook account for automation features
These permissions are essential for our core email automation and inbox management functionality across both email providers.
4Data Storage and Security
- Encryption: Your OAuth refresh token is stored with strong encryption
- Access Control: Only authorized system processes can access your stored data
- Data Minimization: We only store what's necessary for service functionality
- Secure Infrastructure: Our systems follow industry-standard security practices
5Data Sharing
We do not sell, trade, or share your personal information with third parties. Your data remains private and is used exclusively to provide our email automation services to you.
6Your Rights and Control
- Data Access: You can view your stored information at any time through your account dashboard
- Permission Revocation: You can revoke OAuth permissions directly from your profile page, which immediately removes your encrypted refresh token from our database
- Account Deletion: PrivacyPolicyPage.section6.accountDeletion
- Provider Account Control: You can also revoke permissions through your Google Account or Microsoft Account settings at any time
7Compliance with Provider Policies
Lyara complies with both Google's API Services User Data Policy and Microsoft's API Terms of Use, including their respective Limited Use requirements. We use your email provider data only to provide and improve our email automation features as described in this policy.
- Google: Complies with Google API Services User Data Policy and Limited Use requirements
- Microsoft: Complies with Microsoft Graph API Terms of Use and data handling requirements
8Data Retention
We retain your email address and encrypted refresh token (for both Gmail and Outlook) only as long as your account remains active. When you revoke permissions or delete your account, this information is immediately and permanently removed from our systems.
9Changes to This Policy
We may update this privacy policy to reflect changes in our practices or for legal compliance. Any changes will be posted on this page with an updated "Last Updated" date.
10Contact Us
If you have questions about this privacy policy or your data:
Email: info@lyara.io
We're committed to addressing your privacy concerns promptly and transparently.
This privacy policy is effective as of the date listed above and applies to all users of Lyara's services.