At Readdle, we believe privacy is a fundamental human right. That’s why we never sell your data. We are committed to creating amazing products that provide a safe and secure environment for tens of millions of our users. Being honest and transparent is one of our main principles. This article here is meant to better explain our principles and the Spark .
First things first. We don’t sell or unlawfully share your personal data with any third parties.
Spark is fully GDPR and CCPA compliant. We take all the required security measures to protect your data. And you have the right to know how it’s used and ask to delete your data.
Now, we are happy to answer the most frequently asked questions.
Our mission with Spark is to create an effortless and remarkable email experience for professionals and their teams. Spark’s business model is simple: It’s free for individual users, yet it makes money by offering Premium plans for teams and organizations.
We value the trust of our users and always rely on these principles while working with your data:
As an email client, Spark needs to have access to some of your data. It’s impossible to use an email app that can’t access your email account. We use your personal data only when it’s absolutely necessary to make Spark work as you expect.
Here are the cases when Spark needs to use your data:
1. Read and send emails
Spark needs to check and send emails from your email account. Otherwise, you won’t be able to read or compose emails in the app. This is how every email client works.
For services like Gmail, Outlook or Yahoo, we store an application-specific token. This means that we don’t have your actual password. You can revoke this access token at any moment from your email account on the web. For example, if you’re a Gmail user, you can do it . For services like AOL, Exchange and custom IMAP accounts, this access token is your email login and password. You can also create an app-specific password to connect your account to Spark (for example, it’s a must for iCloud accounts).
All connections to our servers are protected with TLS. The servers' databases are encrypted, and to make things even more secure we additionally encrypt your password in the database.
2. Receive notifications
To compose and send you notifications, Spark syncs the subject and a part of your message, encrypts this information and stores it on its secure servers. Encryption means that humans can’t read the contents of your message.
The encryption key is saved locally on your device, so only you have access to it. As a step to minimize the amount of data we store, we delete this encrypted information from our servers in 4 hours after sending a notification as this data is no longer needed.
Spark requires the server-side processing to send you push notifications, so you don’t miss important emails. This is how the Apple Push Notification service works.
3. Advanced email features
The content of the emails you send and receive is stored on the server of your email account (Gmail, Outlook, Yahoo, etc.).
At the same time, Spark offers advanced email superpowers and to let you and your colleagues share, draft, and discuss emails together. These features require our server-side email processing to work. All the information we store is encrypted.
Here is the list of Spark’s advanced features that require the support of our servers:
Spark offers the feature that lets you send an email on the chosen time. For example, when you schedule an email to be sent at 12 PM tomorrow, Spark encrypts your message and stores it till that time. After the message is sent, it’s instantly deleted from our servers.
We’re on a mission to build the most powerful email client out there, and this absolutely requires the server-based features which our users love.
To make everything as safe as possible, we don’t use our own servers. Instead, we rely on Google Cloud service, one of the most secure solutions available in the industry. Leading tech companies like PayPal, Twitter, and Atlassian also use Google Cloud to process user data.
Our cloud infrastructure is hosted by Google in the US, which is fully SOC-2 and ISO 27001 certified. Google Cloud service is also covered by US-EU Privacy Shield and is therefore compliant with the EU GDPR.
You can remove your data from Spark anytime you wish. Here’s how:
To start the data deletion process under GDPR or CCPA or request a copy of all data associated with your specific email account, please send an email at firstname.lastname@example.org.
Our mission is to build the best email client for professionals and their teams. We believe that privacy is a fundamental human right, and we’re doing our best to double down on that.
As an email client, Spark only collects and uses your data to let you read and send emails, receive notifications, and use advanced email features. We never sell user data and take all the required steps to keep your information safe.
If you have any questions regarding Spark privacy, feel free to contact us.Read next: Remove data from Spark & request data copy or deletion