Privacy Policy

Last updated: October 14, 2025

1. Introduction

Perpetua (“we,” “us,” or “our”) provides a service that helps users identify and manage their digital presence by analyzing online accounts associated with their email address. This Privacy Policy explains how we collect, access, use, store, share, and delete information, including any Google user data accessed through our application.

By connecting your Google account or using our services, you consent to the processing of your information as described herein.

2. Information We Collect

2.1 General

We collect only the minimum information necessary to provide our service. This includes:

  • Sender metadata from your email account (email addresses and domain names of messages you have received).

2.2 Google User Data (Gmail)

When you connect your Google account to Perpetua, we access limited Gmail data through Google's OAuth 2.0 mechanism. The specific Google user data accessed is limited to:

  • Gmail sender metadata (email addresses and sending domain names of messages you have received).

We do not access the body content of emails, attachments, drafts, calendar events, Google Drive files, or other Google account content.

2.3 OAuth Scopes

To operate, our application requests only the OAuth scopes necessary to read email metadata. Example scopes we request include:

openid email profile
https://www.googleapis.com/auth/gmail.metadata

The scopes listed above are provided as examples of the minimal scopes our application uses to access sender metadata. The precise scopes granted will be visible to you on Google's consent screen at the time you authorize the application.

3. How We Use the Information

We use the information we collect for the following purposes:

  • To identify online accounts and services associated with your email address;
  • To generate a private report summarizing connected accounts for your use;
  • To improve our detection algorithms and overall service quality via aggregated, anonymized analytics;
  • To operate and maintain our service and respond to user support requests.

We do not use Google user data for advertising, marketing, or profiling purposes outside the operation of the service described above.

4. Data Sharing and Disclosure

Perpetua does not sell, rent, or otherwise disclose personal Google user data to third parties for their direct marketing or advertising purposes.

We may disclose non-identifying, aggregated, or anonymized information for research or statistical purposes provided such information cannot reasonably be used to identify an individual.

We may disclose personal data if required to do so by law, regulation, subpoena, or other legal process, or to protect the rights, property, or safety of Perpetua, our users, or others.

5. Data Storage & Protection

  • All communications with Google are performed over secure, encrypted channels (OAuth 2.0 and HTTPS).
  • We do not permanently store raw Gmail message content. Only processed metadata (such as sender domain tallies or hashed sender addresses used in analysis) is persisted where necessary for service operation.
  • Processed data is stored in access-controlled systems and encrypted at rest. Administrative and technical safeguards are employed to prevent unauthorized access or disclosure.
  • Access to production systems and customer data is restricted to authorized personnel on a need-to-know basis and is logged for audit purposes.

6. Data Retention & Deletion

Retention practices are as follows:

  • We retain Gmail-derived metadata only for the period reasonably necessary to perform the analysis and generate your report. In typical cases this data is deleted automatically within 30 days of processing unless you explicitly request longer retention for a specific purpose and consent to such retention.
  • If you request deletion, we will remove your account data from our systems in accordance with applicable law and within a reasonable time frame (no later than 30 days after receipt of a verifiable deletion request, subject to legal or technical constraints).
  • You may also revoke Perpetua’s access to your Google account at any time by visiting the Google Account Permissions page and removing Perpetua’s access token.

To request deletion or to inquire about retention, contact: signup@withperpetua.com.

7. User Rights & Controls

Subject to applicable law, you may at any time:

  • Revoke Perpetua’s access to your Google account via Google Account permissions;
  • Request a copy of information we hold about you;
  • Request correction or deletion of your personal data;
  • Object to or restrict processing of your data to the extent permitted by law.

To exercise these rights, contact us at: signup@withperpetua.com.

8. Children's Privacy

Perpetua’s services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us and we will take prompt steps to delete it.

9. Policy Changes

We may update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. Material changes will be posted at https://www.withperpetua.com/privacy with an updated “Last updated” date and, where required, notification will be provided to affected users.