Privacy Policy
Last updated: 23 June 2026
Europa helps you discover the online services you use and find European alternatives. This page is maintained by the Europa team to explain how we handle your data.
What we read from your inbox
When you connect Gmail, we request the gmail.readonlyscope. From your messages we only read:
- The sender address (From header)
- The subject line
We never read message bodies, attachments, contacts, drafts, or labels.
What we store
- Your account email and (optional) display name.
- Encrypted Gmail OAuth tokens, only used to run scans on your behalf.
- For each scan: the list of sender domains we discovered and the count of messages per domain.
Scans are automatically deleted after 30 days. You can delete everything immediately from the Security & data page.
Who we share with
Your inbox data is never sold, shared, or used to train models. Our subprocessors are:
- Google (your Gmail provider, accessed under your OAuth grant)
- Lovable Cloud / Supabase (database and authentication)
Your rights
Under GDPR you can access, correct, export, or delete your data at any time. Use the "Delete my data" button on the Security & data page, or email us.
Contact
Questions or data requests: privacy@europa.example