Privacy Policy

Thread is operated by Thread.xyz Inc. We provide a permission layer that lets people grant third-party applications ("Skills") scoped, revocable access to their mailbox, instead of handing over a password or a blanket OAuth grant. References to "you" mean either an end user who connects a mailbox, or a developer who builds a Skill.

• Account data. Your email address and authentication details when you sign in to a Thread portal.
• Connection data. The mailbox you connect, the provider (Google, Microsoft, or IMAP), and the OAuth tokens needed to access it on your behalf.
• Grants. Which Skills you have authorized, the scopes you granted them, and your revocation history.
• Mailbox content. We process message metadata and, where a granted scope requires it, message bodies and attachments — only to fulfill the access you granted.
• Operational data. Logs, timestamps, and diagnostics needed to run the service securely.

We access your mailbox solely to carry out the scopes you have granted to a Skill. A Skill can only ever see what its granted scopes allow — never your whole inbox by default. Content that falls outside a granted scope is masked before it ever crosses the Thread membrane to a Skill.

Thread uses large language models to classify and categorize messages so that scopes can be enforced and sensitive fields masked. We do not sell mailbox data, and we do not use your mailbox content to train models.

When you grant a Skill access, that Skill's developer receives only the data permitted by the scopes you approved. The developer is an independent controller of the data you choose to share with their Skill, and their use of it is governed by their own privacy policy. You can review and revoke any grant at any time from the user portal.

• Mailbox providers — Google and Microsoft, for OAuth-based access to the mailbox you connect.
• LLM provider — to classify and mask messages so scopes can be enforced.
• Infrastructure — hosting, database, and logging vendors that run the service under contractual data-protection terms.

We keep account, connection, and grant records for as long as your account is active. Mailbox content is processed transiently to serve a granted scope and is not retained beyond what is needed to deliver the service. When you revoke a grant or delete your account, we revoke the associated tokens and delete or anonymize related data, except where we must retain it to meet a legal obligation.

OAuth tokens and secrets are encrypted at rest. Access is least-privilege and audited. The permission engine enforces scopes server-side, so a Skill cannot reach data it was never granted, even if it asks.

• Revoke any Skill's access, instantly, from the user portal.
• Disconnect a mailbox, which revokes the underlying provider tokens.
• Request access to, correction of, or deletion of your personal data.
• Object to or restrict certain processing, where applicable law provides the right.

To exercise any of these, contact us at the address below. We honor revocation in real time — it is the core promise of the product, not a support ticket.

Thread is not directed to children under 16, and we do not knowingly collect their personal data.

We may update this policy as the product evolves. Material changes will be reflected by an updated date above and, where appropriate, a notice in the portal.

Questions or requests about privacy can be sent to privacy@thread.xyz. Thread.xyz Inc is the data controller responsible for your information.