Does Ellie read my emails?

Yes — that's how she drafts replies. With your permission, Ellie reads the threads in your connected Gmail or Outlook so she can categorise them and write replies in your voice. Drafts sit in your Drafts folder, and nothing sends until you say so. Ellie does not store your email content on our servers, share it with anyone, or use it to train AI models. Each thread is read at draft time and discarded once the draft is written. You can disconnect your account at any time from your Ellie dashboard.

What browsers are supported?

Ellie is available as a Chrome, Firefox or Edge Extension. Visit the downloads page for more information.

What email clients are supported?

Ellie fully supports Gmail and Outlook. Drafts appear natively inside your existing inbox — no new app, no new workflow.

Why is there a limit on the number of replies?

Training AI and generating content costs a fair amount of money. We're a small team without external funding so we have to charge for our work! You can sign up for one of our paid plans to get more replies.

Why did you make this?

Email is one of the most useful inventions ever, but the deal is rigged: anyone can put anything in front of you, and the only person who pays for that is you, in time. We built Ellie to flip that — by drafting your replies in the background, in your voice, so the inbox stops being the first hour of your day. You wake up to drafts; you skim, tweak, and send. Some people use Ellie to overcome reply anxiety, or as a tool to help with dyslexia, or just because writing in English (or any other language) doesn't come easily to them.

How does teaching Ellie new information work?

Three ways. Documents and websites: point Ellie at a file (PDF, DOCX, TXT, etc.) or a URL and she'll read or crawl it, summarise the policies and product details, and use that information when a reply needs it. Re-indexing happens automatically. Structured data uploads: upload a CSV, spreadsheet, or export from your CRM, helpdesk, or order system. Ellie keeps the per-record structure, so when a draft needs a specific fact (renewal date, plan tier, ticket status, order number) she can look it up cleanly rather than guessing. API integrations (coming soon): connect your CRM, helpdesk, billing, or e-commerce tools directly so Ellie pulls the live record at draft time. On top of all of that, Roles let teams who wear different hats give Ellie a different knowledge base and tone per role. Ellie won't make up facts that aren't in her source material — if she doesn't know, the draft says so.

I don't want you to read my private emails!

Your email content is never used to train AI models — not ours, not OpenAI's, not anyone else's. It's only used to generate the draft you're asking for, and never leaves our secure backend. We don't store your email content on our servers, and we promise never to share, sell, or do anything shady with your data. We're independent developers with no investors and no incentive to do otherwise — see our security page (/security) for the technical detail.

Privacy Policy

Your privacy is important to us. It is our policy to respect your privacy regarding any information we may collect from you across our website, tryellie.com, and any other sites we own and operate. This policy applies to the Ellie service (the "Service") operated by Ellie Assist OÜ ("Ellie", "we", "our", or "us"), an Estonian company that develops the Ellie AI email assistant.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience, provide analytics, and enable certain features such as authentication and feature flags. These technologies help us understand how you use our website and services, and allow us to improve them. You can manage your cookie preferences through your browser settings. Where required by law, we will request your consent before setting non-essential cookies.

Consent Management

Where required by law, we obtain your consent for the use of cookies, analytics, and marketing communications. You can withdraw your consent at any time by adjusting your preferences or contacting us. We store records of your consent as required by applicable regulations.

1. Personal information

We only ask for personal information when we truly need it to provide the service to you. We collect it by fair and lawful means, with your knowledge and consent. We also let you know why we're collecting it and how it will be used.

The personal information we may collect includes:

Account information: your name, email address, password (hashed) and, where you subscribe, billing details processed by our payment provider.
Mailbox and connected-service data: when you connect a Gmail or Outlook account, we access the contents of email messages, threads, drafts, labels and basic message metadata (sender, recipients, subject, dates) so Ellie can categorise incoming email and draft replies on your behalf. If you also connect Google Calendar or Google Tasks, we access the limited calendar and tasks data needed for those features. See section 3 below for our specific commitments around Google user data, including the calendar redactions Ellie applies before any data leaves the calendar-service layer.
Knowledge base content: any reference material, roles, style snippets, or guidance you upload to teach Ellie how to write like you.
Product analytics and logs: information about your interactions with our website, webapp and extension, including IP address, device information, browser, language and usage patterns.

We only retain collected information for as long as necessary to provide you with your requested service. What data we store, we protect within commercially acceptable means to prevent loss and theft, as well as unauthorised access, disclosure, copying, use or modification.

You are free to refuse our request for your personal information, with the understanding that we may be unable to provide you with some or all of our service.

2. GDPR

i. Your data

You have the option to provide Ellie with various data to help to "train" the AI to write like you. Some of this data is stored on our systems, such as the information that you explicitly provide us from the "Knowledge Base" feature. This data is used to complement future email replies.

When you ask Ellie to write an email on your behalf, or when Ellie automatically categorises and drafts a reply to an incoming message in your connected mailbox, the relevant section of the email thread is sent — alongside your knowledge base content and role instructions — to our AI providers (OpenAI and Microsoft Azure OpenAI), who provide the machine learning models that make Ellie possible. The data is only ever shared with these providers for the purpose of producing your draft, and we have configured these providers so your content is not used to train their generalised models. See section 3 for details specific to Google user data.

No other data is harvested from your email client. We do not read your inbox for marketing, advertising, or product analytics purposes.

The result of the draft generation is written back into your connected mailbox as a draft (where you have authorised Ellie to do so) or returned directly to you in the extension. We retain a copy of the generated draft and the prompt fragments needed to support the feature (for example, so you can review or regenerate it), but we do not use it for anything other than providing the Service to you.

We have configured our AI providers so that OpenAI do not use any data we send them to train future models, and Microsoft Azure OpenAI is contractually prohibited from using customer data to train its base models. We do not use any Google user data, mailbox content, drafts, or other customer content to develop, improve, or train our own generalised AI/ML models.

We are dedicated to upholding the privacy of your information and agree to never do anything with any data we create from any of your information, except provide you an excellent service.

For financial administration purposes, if you subscribe to a plan then we process your name, email and credit card details. We are not able to process your payment without this information. We will delete this information as soon as you delete your account. If desired, we can send you an invoice. We will then process your company name, address and VAT ID. According to a legal obligation of the Estonian Tax and Customs Administration, we are required to store invoice data for 7 years. After this period we will anonymize this data.

In the unlikely event that you have a complaint about our services, we will process your name, email and the content of and communication regarding this complaint in order to find the best possible solution for you.

We have a commercial interest in using some of your personal data for marketing purposes. We process your email for direct marketing. We process your email when you ask us a question in the chat box or when you indicate that you want to be kept informed about our latest blog articles. We will delete this information as soon as you unsubscribe or indicate that you no longer wish to be contacted by us. We never use Google user data (including Gmail content) for marketing or advertising of any kind.

ii. How do we obtain this information?

We have obtained the above information from you as a user of the Ellie extension, webapp, or Outlook add-in, because you have provided it to us — either directly (for example by signing up, uploading knowledge base content, or completing a survey) or by connecting your Gmail or Outlook account via OAuth so that Ellie can read and draft messages on your behalf. Furthermore, we can obtain your address, as known by the government, through our payment provider Stripe when we validate your VAT number.

iii. What rights do you have with regard to this data?

If you are an EU resident then you have the right at any time to request all the personal information we have for you as dictated by the General Data Protection Regulation (GDPR). Under the same regulation, we will also delete any or all of this information at your request.

In short, these are your full GDPR rights:

Access - You can request to view your data at any time.
Correct - If you want to have your data adjusted, corrected, supplemented, protected or erased, you can submit a request and we will be happy to make those changes for you.
Object - You can object to the processing of your data.
Data transfer - If you want to transfer your data to another provider, we will provide your data in a structured and commonly used form that can be accessed by common digital systems.
Automated processing - You may always inform us of your view on an automated decision and have this decision reconsidered by a third person.
Withdrawal - When we process data based on your explicit consent, you have the right to withdraw your consent. This may have consequences for the services we are able to provide to you.

If you are not an EU resident then we will still afford you these rights if you ask for it, because we believe you should possess them regardless of where in the world you live.

To exercise any of these rights, including requesting an export or deletion of your data, please contact us at hi@tryellie.com. You can also delete your Ellie account at any time from the Account page in the webapp, which removes your stored mailbox tokens, knowledge base content, drafts, and other Service data from our active systems within 30 days (backups are purged on a rolling 90-day cycle, after which the data is unrecoverable). Invoice records that we are legally required to keep (see above) are retained for 7 years and then anonymised.

iv. Who receives your data?

We will not provide your data to third parties, unless this is necessary for business operations or is required by law. We try to use as few external services as possible. Your data can be passed on to processors and parties involved in the execution of the agreement. We conclude processing agreements with these third parties to optimally protect your privacy.

Your data will always remain yours. We will never sell your data to third parties, and we never sell or transfer Google user data to anyone for advertising, data brokerage, credit-scoring, or any purpose other than providing the Service you asked us for.

These are our subprocessors and how they use your data:

AI model inference for drafting and categorising replies (OpenAI and Microsoft Azure OpenAI). Email content, drafts, knowledge base snippets and role instructions are sent to these providers solely to generate the response shown to you. Both providers are contractually bound to not use this data to train their base models.
Cloud hosting and primary database (DigitalOcean). Our application servers and MongoDB database run on DigitalOcean's Frankfurt region; object storage (DigitalOcean Spaces) holds embeddings and uploaded knowledge base files.
Product and page-view analytics (PostHog). We use PostHog to understand how users interact with our website, webapp and extension. This may include your IP address, device information, and usage patterns. We use PostHog's EU region; no Google user mailbox content is ever sent to PostHog.
Payment processing (Stripe). Stripe processes your name, billing address, and payment method when you subscribe to a paid plan.
Knowledge base vector retrieval (Pinecone). We store embeddings (numerical representations) of your knowledge base entries in Pinecone so Ellie can retrieve relevant context when drafting a reply.
Transactional email and lifecycle messaging (Mailgun and Loops). We use these providers to send you account, billing and product emails. Only your email address and the message we send you are shared with them.
Error monitoring and application logs (Sentry and Better Stack). We collect application errors and operational logs to keep the Service running. We strip user-content fields from these logs wherever practical; we do not deliberately send Google user mailbox content to these services.
Affiliate attribution (Tolt). When you sign up via an affiliate link we share your account email and subscription status with Tolt to attribute the referral.

We do not share Google user data with any third party other than the subprocessors named above, and only to the extent strictly necessary to operate and improve the user-facing features of Ellie.

Children's Privacy

Ellie is not intended for use by children under the age of 16. We do not knowingly collect personal information from children. If you believe that a child has provided us with personal information, please contact us and we will take steps to delete such information.

International Data Transfers

We are based in the European Union and host our primary infrastructure (MongoDB, application servers, object storage, PostHog analytics) in the EEA. Some of our subprocessors — notably OpenAI, Pinecone, Sentry and Better Stack — process data outside the EEA, typically in the United States. Where this is the case we rely on the European Commission's Standard Contractual Clauses (SCCs) and equivalent transfer mechanisms, together with encryption in transit and at rest, to protect your data. Microsoft Azure OpenAI requests routed by Ellie for drafting are served from a dedicated EU endpoint.

3. Google API Services User Data Notice

When you connect a Google account to Ellie, the Service uses Google APIs to read and draft email on your behalf and — if you choose to enable them — to suggest meeting times from your calendar and to create follow-up tasks in your Google Tasks account. Ellie's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

i. The Google account data we access

Ellie has three Google integrations. Each is enabled by its own separate consent screen so you can grant only the access you actually want; you can also disconnect them independently at any time. In all cases we receive your Google account email address, name and profile picture so we can identify which account is connected.

Gmail

When you connect your Gmail account we access the contents of email messages and threads in your mailbox — including subject, body, sender, recipients, attachment metadata, labels, dates and message identifiers — together with drafts that Ellie or you have created. This is the data Ellie uses to categorise incoming messages and write reply drafts directly into your Drafts folder. We do not permanently delete your messages, send mail without your action, or change your account settings.

Google Calendar (optional)

If you connect Google Calendar, Ellie reads events on your primary calendar so it can suggest sensible meeting times when drafting a reply. The integration is read-only — Ellie cannot create, modify, or delete events or send invitations on your behalf.

Before any calendar data leaves the calendar-service layer we redact it. Event titles, descriptions, notes, locations, conferencing details, organiser information, and attendee identities (names and email addresses) are dropped server-side and never reach our database, our application logs, or our AI providers. The only calendar data that crosses that boundary is:

event start and end times;
whether you are marked free, busy, out of office, or working elsewhere;
whether the event is all-day, and whether it is part of a recurring series;
a count of how many attendees were on the event; and
two booleans — whether the sender of the email Ellie is replying to is on the attendee list, and whether you are on the attendee list.

We also read your primary calendar's timezone so suggested times appear in your local time.

Google Tasks (optional)

If you connect Google Tasks, Ellie creates a task list called "Ellie" inside your Google Tasks account and writes tasks into it when it identifies an email that needs follow-up. Each task contains a short summary plus a link back to the source email so you can find it quickly. Ellie reads, updates, and marks complete only the tasks it has itself created inside the "Ellie" list (to keep status in sync if you complete a task in Google Tasks directly); it only looks at your other task lists to the minimum extent needed to locate or create the "Ellie" list. Ellie does not read, modify, or delete the contents of any other task list.

ii. How we use Google user data

We use Google user data only to provide and improve the user-facing features of Ellie:

Categorising new email — we analyse incoming messages and thread context to assign them to one of your Ellie categories.
Drafting replies — we generate reply drafts based on the thread, your role instructions and your knowledge base, and we write the draft into your Gmail Drafts folder for you to review and send. Ellie never sends email on your behalf without your explicit action.
Style learning — with your permission, we analyse a sample of your previously sent messages to model your writing style so the drafts sound like you. The output is a style profile derived from your messages; we do not store or redistribute the underlying messages beyond what is necessary to compute and refresh that profile.
Suggesting meeting times — where you have connected Google Calendar, we use the redacted free/busy information described above to propose times when drafting a reply about a meeting. Only the redacted free/busy data (never event titles, descriptions, locations, or attendee identities) is used as input to this suggestion.
Creating follow-up tasks — where you have connected Google Tasks, we may create a task in your "Ellie" task list summarising an email that needs follow-up.
Operating the Service — standard technical operations such as syncing, error handling, security monitoring and abuse prevention.

We do not use Google user data to:

Develop, improve, or train generalised or non-personalised AI/ML models — neither our own models nor those of any third party. The AI providers we use (OpenAI and Microsoft Azure OpenAI) are configured so that prompts and completions containing Google user data are not used to train their base models.
Serve advertising of any kind, including personalised, retargeted, interest-based, or generic advertising.
Sell or transfer to data brokers, information resellers, or any party for credit-worthiness, lending, or other unrelated purposes.
Build or enrich aggregated databases for resale or sharing outside Ellie.

iii. Human access to Google user data

Ellie's processing of Google user data is automated. Our staff do not read your mailbox content except in the following limited circumstances permitted by the Google API Services User Data Policy:

with your explicit consent — for example, when you ask us for support and share a specific message with us;
where strictly necessary for security purposes, such as investigating abuse or a credible security incident;
to comply with applicable law, regulation, legal process, or enforceable governmental request; or
for internal operations using data that has been aggregated and anonymised so it can no longer be linked to you.

iv. Sharing Google user data

We share Google user data only with the subprocessors listed in section 2.iv above, and only to the extent required to provide the user-facing features described in this section. In particular, message content sent to OpenAI or Microsoft Azure OpenAI for drafting and categorisation is governed by those providers' data processing agreements; neither uses the data to train their base models. We do not transfer Google user data to any other party for any purpose other than providing the Service to you.

v. Storage, retention and revoking access

We store the Google OAuth refresh tokens needed to access your Gmail, Calendar, and Tasks integrations encrypted at rest in our database, keyed per user, with each integration's token stored separately. For Gmail we cache only the minimum mailbox metadata required to operate the Service (e.g. message identifiers, thread identifiers, categories we have assigned, drafts we have generated); raw message bodies are fetched from Google on demand and are not retained beyond the short-lived processing required to categorise the message or generate a draft. For Google Calendar we never persist event titles, descriptions, locations, conferencing details, organiser information, or attendee identities — those are dropped at the calendar-service layer as described above — and we only retain redacted free/busy summaries for the short period needed to generate the relevant draft. For Google Tasks we retain the identifiers of tasks Ellie has created in your "Ellie" list so we can keep their status in sync.

You can revoke Ellie's access to your Google account at any time and at the granularity of each integration:

by disconnecting Gmail, Google Calendar, or Google Tasks individually from the Accounts page in the Ellie webapp, which deletes the stored refresh token for that integration and stops further access; or
by removing Ellie from your Google account at myaccount.google.com/permissions.

When you disconnect an integration or delete your account, we delete the relevant stored OAuth tokens immediately and remove the associated cached data (mailbox metadata, redacted free/busy summaries, Ellie-created task identifiers) from our active systems within 30 days. Encrypted backups are purged on a rolling 90-day cycle.

4. External sources

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and practices of these sites, and cannot accept responsibility or liability for their respective privacy policies.

It's also possible for Ellie to generate URLs that link to external websites. The same applies to these.

5. Transfers of ownership

In the event that we are involved in a merger, acquisition, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will ensure that any new entity to which we transfer your data will continue to honor the terms of this Privacy Policy, or will provide notice and obtain your consent if required by applicable laws.

6. Security

We take the security of your personal information seriously and implement a variety of measures to safeguard it, including:

Data encryption: we use industry-standard TLS encryption protocols to protect data in transit, and AES-256 encryption at rest for sensitive material including the OAuth refresh tokens used to access your Gmail, Google Calendar, Google Tasks, and Outlook integrations.
Access controls: access to personal information is restricted to authorised personnel only, based on the principle of least privilege, and is logged.
Regular audits: we conduct regular internal security audits and assessments to identify and mitigate potential vulnerabilities, and we are subject to the periodic CASA (Cloud Application Security Assessment) review required by Google for apps that handle restricted Gmail scopes.
Secure storage: personal information is stored on secure servers in the EEA with robust access controls and monitoring.
User authentication: we employ multi-factor authentication (MFA) to secure our own user accounts and administrative access to our services.
Third-party security: we ensure that any third-party service providers we use also adhere to stringent security standards and practices, and we hold a data processing agreement with each.

We are committed to protecting your information and will continue to improve our security practices to keep your data safe.

7. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes to our practices, our subprocessors, or applicable law. When we make a material change — particularly to how we access, use, store or share Google user data — we will update the "last updated" date below and, where appropriate, notify you in-product or by email before the change takes effect.

8. Final provisions

We believe that by following these rules we can keep your data as safe as possible, but if you have any suggestions on how we can improve then let us know!

Your continued use of our website will be regarded as acceptance of our practices around privacy and personal information. If you have any questions about how we handle any of our data, feel free to contact us.

This policy was last updated on the 15th May 2026.

Previous versions:

For accountability we keep the old versions of our privacy policy around to view here.