Privacy Policy

Last updated: January 2026

1. Introduction

SeaQuest.dev (“Company”, “we”, “us”, or “our”) operates Magpie (“Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

Please read this Privacy Policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

  • Email address
  • Name and display name
  • Password (hashed and salted)
  • Account preferences and settings

2.2 Email Data

When you connect your email account, we access:

  • Email messages (subject, body, sender, recipients, dates)
  • Email folders and labels
  • Email metadata (read status, importance)

Important: We process your emails solely to provide Service features (summaries, task extraction, drafts). We do NOT use your email content to train AI models.

2.3 Usage Data

  • Device information (browser type, operating system)
  • IP address
  • Pages visited and features used
  • Time and date of visits
  • Error logs and performance data

2.4 Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers. Stripe may collect:

  • Credit/debit card details (stored by Stripe)
  • Billing address
  • Transaction history

3. How We Use Your Information

We use collected information to:

  • Provide and maintain the Service
  • Process your emails with AI to generate summaries, tasks, and drafts
  • Authenticate your identity and manage your account
  • Process payments and manage subscriptions
  • Send service-related communications
  • Analyze usage to improve the Service
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

4. Third-Party Services

We share data with the following third parties:

4.1 Anthropic (AI Processing)

We use Claude by Anthropic to process your emails for AI features. Email content is sent to Anthropic's API for processing. Anthropic does not retain your data for training and deletes it after processing per their data handling agreement.

4.2 Microsoft (Email Provider)

If you connect a Microsoft 365 account, we use Microsoft Graph API to access your emails. We only request permissions necessary for Service functionality.

4.3 Stripe (Payments)

Stripe processes all payments. View their privacy policy at stripe.com/privacy.

4.4 Infrastructure Providers

We use cloud infrastructure providers (AWS, Vercel) to host the Service. Data is stored in secure, SOC2-compliant data centers.

5. Data Security

We implement industry-standard security measures:

  • Encryption at rest (AES-256) and in transit (TLS 1.3)
  • Secure password hashing (Argon2)
  • OAuth tokens encrypted before storage
  • Regular security audits and penetration testing
  • Access controls and audit logging
  • SOC2 Type II compliant infrastructure

6. Data Retention

  • Account data: Retained while your account is active
  • Email cache: Processed emails may be cached for up to 24 hours for performance
  • AI-generated content: Summaries and drafts are retained until you delete them
  • After account deletion: Data is retained for 30 days, then permanently deleted
  • Backups: May contain your data for up to 90 days

7. Your Rights (GDPR)

If you are in the European Economic Area (EEA), you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data (“right to be forgotten”)
  • Portability: Request your data in a portable format
  • Object: Object to processing of your data
  • Restrict: Request restriction of processing
  • Withdraw consent: Withdraw consent at any time

To exercise these rights, contact us at privacy@mymagpie.ai.

8. California Privacy Rights (CCPA)

California residents have additional rights under the CCPA:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising your rights

We do NOT sell your personal information.

9. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses, for international data transfers.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Your continued use after changes constitutes acceptance.

12. Contact Us

For questions about this Privacy Policy or to exercise your rights:

Email: privacy@mymagpie.ai