Sieve
SetupPrivacyPricingFAQLog in

Sieve's Privacy Policy

Read the full legal policy

The path of one email

Most of your mail never reaches an AI model. Here is exactly what happens, in order, to every message that arrives.

Step 1 Email arrives A new message lands in your Gmail.
Step 2 · Every message Links screened Each link is checked against known-threat databases, an automated lookup, not AI, with nothing stored. A known-bad link is flagged Malicious right here.
Step 3 Do we know the sender? A relationship and whitelist check, run by fixed rules.
People you know Fixed rules Trusted, authenticated senders are handled by deterministic rules. No AI reads the message.
Strangers AI classifier Only mail from senders you have no relationship with goes to the AI.
Step 4 A label is applied Solicitor, Malicious, or left alone.
Step 5 Only metadata is stored No bodies, snippets, or rationales. Flagged mail also keeps its subject, encrypted, for 30 days.

People you know skip the AI entirely. Links are screened on every message either way, so a malicious link is caught even from a sender you trust.

How Sieve handles your mail

A complete account of what we collect, where it goes, and how long we keep it. Our full legal policy covers the rest.

Who reads your mail

Sieve classifies every incoming message, but most mail never reaches an AI model. Senders you already have a relationship with, including your team, anyone you have corresponded with, and anyone in an existing thread, are handled entirely by fixed, deterministic rules, and their mail is never sent to the AI. Only mail from senders you have no relationship with is passed to the classifier.

One nuance. One check runs on every message, regardless of the sender: each link is screened against known-threat databases. This is an automated reputation lookup, not the AI reading your content, so a malicious link is caught even when it comes from someone you know.

What we store

For each message, Sieve keeps a small record of classification metadata for 90 days: a one-way hash of the sender, the sender's domain, the label applied, the signal that drove the decision, a timestamp, and the version of the classifier that ran. We do not store message bodies, snippets, the model's reasoning, or any contact graph.

The only content we retain is the subject line of mail flagged as Solicitor or Malicious, which is encrypted with AES-256-GCM and deleted automatically after 30 days. Mail that is left alone has nothing stored beyond the metadata above.

Sending mail to the AI

When a message from someone you do not know reaches the classifier, three things are sent to the AI for a single classification: the subject, a truncated excerpt of the plain-text body of roughly 2,000 characters, and a set of technical signals. The data is never used to train any model and is deleted after 30 days. Your contact list and relationship history never leave our servers.

The access we request

Sieve requests a single Gmail permission, gmail.modify, which allows it to read incoming mail, apply labels, and keep your inbox filtered. We do not request access to your contacts, your drafts, or the ability to send mail on your behalf. Both the product design and our internal controls keep that permission scoped to classification and labeling.

Encryption and hosting

Sensitive fields are encrypted at rest with AES-256-GCM, and all data is encrypted in transit with TLS. Everything is hosted in the United States, and row-level security is enforced on every table, so one account can never reach another account's data.

Deleting your data

Account deletion is self-serve and takes effect immediately. Deleting your account removes all of your data, disconnects Gmail, and cancels any active billing in a single step, with no support ticket and no waiting period. Flagged subject lines and classification metadata are removed along with everything else.

How we hold the line

The controls behind the promises above, grouped by what they protect.

Audited
  • ✓ Google CASA Tier 2 Completed · independent lab audit
  • ✓ SOC 2 Type II In progress
Encrypted
  • ✓ AES-256-GCM Sensitive fields at rest
  • ✓ TLS Everything in transit
Access
  • ✓ One Gmail scope Read and label only
  • ✓ US data residency Stored in the United States

In progress Our Google CASA Tier 2 lab audit is complete. Our SOC 2 Type II is part of our launch process and still underway — we will describe it as complete only once it is independently verified.

Privacy FAQ

Do you read my email? +−
Sieve classifies incoming mail to label it, but no human at Sieve reads your inbox. For people you already know, fixed rules do the work and no AI model is involved at all. Only mail from senders you have no relationship with is sent to the classifier, and we store no message bodies.
Does the AI see mail from people I know? +−
No. Mail from your team, your trusted senders, and anyone you are already in a thread with is handled by fixed, deterministic rules and never reaches the AI. The one thing that runs on every message, known sender or not, is an automated link check against known-threat databases. That is a URL lookup, not AI reading your content, so a malicious link is caught even from someone you trust.
What do you store? +−
Classification metadata for 90 days: an HMAC-hashed sender, the sender domain, the label, the signal that drove it, a timestamp, and the prompt version. No bodies, snippets, rationales, or contact graphs. By default the only content we store is the subject line of flagged mail (Solicitor or Malicious), AES-256-GCM encrypted and auto-deleted after 30 days. Mail we leave alone has nothing stored.
Is my data used to train AI? +−
No. When a stranger's mail goes to the AI, it is never used to train any model. It is deleted after 30 days. Your contact list never leaves our servers.
What happens when I cancel or delete? +−
Account deletion is self-serve and immediate. It removes all of your data, disconnects Gmail, and cancels billing in one step, with no support ticket required. Any flagged-subject lines and classification metadata are removed along with the rest.
Sieveby Snowfish Technologies
PrivacyTermssupport@getsieve.io2026