SendLint

1. Information We Collect

We collect the following types of information:

• Account information: Email address, name, job title, and organization name when you register
• Email content: HTML email source code and copy deck files you upload for analysis
• Analysis reports: QA results generated from your uploaded content
• Usage data: How you interact with the Service, including features used and analysis frequency

2. How We Use Your Information

We use your information to:

• Provide and improve the email QA analysis service
• Generate quality reports for your uploaded email content
• Authenticate your account and manage your profile
• Send important service notifications (account, security, updates)
• Improve the accuracy and coverage of our automated checks

3. Data Storage & Security

Your data is stored securely using industry-standard encryption. We use Supabase for data storage with row-level security policies. Email content and analysis reports are associated with your account and are not accessible by other users. We implement appropriate technical and organizational measures to protect your data.

Headless rendering: Some analysis features (Layer 2 style extraction, design comparisons) render your email HTML in a sandboxed Chromium browser running on our infrastructure. The browser is locked down with SSRF protections that block requests to private / loopback / metadata endpoints. We follow external HTTP(S) requests only to load images your email itself references (e.g. CDN-hosted hero images), and we do not retain rendered pixel buffers beyond the lifetime of the analysis.

AI features:The AI Second-Reviewer and Brand Voice features send the email’s HTML plus rule findings to Anthropic’s Claude API. Anthropic processes the data per its own privacy commitments; we do not allow it to be used for model training. Token-counts are recorded for billing; the prompts themselves are not retained server-side after the response is written back to your report.

4. Data Retention

We retain your account information for as long as your account is active. Analysis reports are retained to allow you to review past results. Soft-deleted reports are permanently purged 30 days after deletion by our nightly cleanup job.

Delete-my-data: You can request full account deletion at any time from your profile page, or by emailing admin@sendlint.com. Upon confirmed account deletion, your auth record, profile, and all associated reports, brand rules, and rendered images are removed within 30 days. Email logs (audit trail) are retained per our service-provider’s policy.

For European customers requiring a Data Processing Agreement, see our DPA page.

5. Data Sharing

We do not sell your personal information. We may share data with:

• Service providers: Third-party services that help us operate the platform (hosting, authentication)
• Team members: Within your organization, data may be shared with team members you have authorized
• Legal requirements: When required by law or to protect our rights

6. Cookies & Tracking

We use essential cookies for authentication and session management. We do not use third-party advertising trackers. Analytics data is collected in aggregate to improve the Service.

7. Your Rights

You have the right to:

• Access and download your personal data
• Correct inaccurate information in your profile
• Request deletion of your account and associated data
• Opt out of non-essential communications
• Export your analysis reports

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. The "Last updated" date at the top reflects the most recent revision.

9. Contact

For privacy-related inquiries, please contact us at privacy@sendlint.com.