cirrux

Privacy Policy for Cirrux

Effective date: 2026-01-23

Cirrux ("Cirrux", "we", "our", or "us") is committed to protecting your privacy and we want to be completely transparent about how we handle your valuable data. This Privacy Policy explains how we collect, use, store, and protect your data when you use Cirrux, especially in connection with your Google account.

1. Information we collect

To create a Cirrux account, we collect and store the following information:

  • Your username
  • Your password (stored securely)
  • Your recovery email address

When you link your Google account to Cirrux, we collect and process the following information:

  • Gmail Data: With your permission, Cirrux accesses your Gmail data via Google's OAuth APIs to backup your email messages. This includes:
    • Message metadata (consisting of message ID, date, size and the labels attached)
    • Message contents (encrypted before storage)
  • Calendar Data: With your permission, Cirrux accesses your Google Calendar data via Google's OAuth APIs to backup your calendar events. This includes:
    • Event metadata (consisting of event ID, date, time, location and the attendees)
    • Event contents (encrypted before storage)
  • Contacts Data: With your permission, Cirrux accesses your Google Contacts data via Google's OAuth APIs to backup your contacts. This includes:
    • Contact metadata (consisting of contact ID, name, email address and the phone number)
    • Contact contents (encrypted before storage)
  • Authentication Data: Cirrux stores Google OAuth tokens in a secure, encrypted format so we can keep your backup up to date automatically. We do not have access to or store your Google account password. You can revoke access to your Google account at any time.

2. How we're using your Google data

We use your Google user data to create a secure copy and help you keep control over your data.

  • We do not and will never read, analyze, or process the contents of your emails other than encrypting and saving them.
  • We do not and will never use your Gmail data to train AI or ML models.
  • We do not and will never use your Gmail data for advertising or marketing purposes.

3. Encryption and storage

  • All email message contents are stored encrypted.
  • Encrypted data is stored securely on Exoscale servers located in Frankfurt, Germany.
  • Cirrux only stores minimal metadata (e.g., message ID, size, date) to support syncing and backups.

4. Data sharing and disclosure

Cirrux does not share, sell, transfer, or disclose your Google user data to any third parties, except:

  • When required by law (e.g., lawful requests by public authorities).
  • To enforce our terms of service or investigate violations

Cirux does not use your Google user data to train AI models.

5. Data retention and deletion

Your data is retained for as long as you maintain an active Cirrux subscription. If you cancel your subscription or delete your account, your encrypted email backups and all related metadata are automatically and permanently deleted within 48 hours. You may request manual deletion of your data at any time by contacting help@cirrux.co.

You can delete your Cirrux account at any time.

6. AI and machine learning

Cirrux does not use any AI or machine learning models that access, analyze, or interact with your Google user data.

7. Your privacy rights

You can revoke Cirrux's access to your Google account at any time via your Google Account Permissions page. You may also contact us to access, correct, or delete any personal data associated with your account.

8. Contact

If you have any questions or concerns about this Privacy Policy, please contact us at help@cirrux.co.

HelpPrivacyTerms