Data Privacy & Security

We have a simple approach to keep your data secure. If you have not opted in to sharing your data with us to improve our products:

1. Our servers don't permanently store your emails.
2. Our servers don't have the ability to fetch your emails.

We don't permanently store any of your emails on our servers, nor do we store any access tokens for connected accounts such as Google. Simply put, we don't keep your emails and we cannot fetch them on request. Even if we were compelled by a government agency to hand over your emails, we would not be capable of doing so since we don't keep them.

How does Lightfern work then?

Lightfern largely works in your browser at runtime.

To generate high quality suggestions, we use powerful AI models that require dedicated hardware. During inference time, relevant context required to generate responses (for example, the current email reply thread) is sent to our servers securely. This content is processed immediately and automatically deleted from our servers' memory within minutes.

Does Lightfern's servers have access to my email account?

No. When you log in using any supported provider, an authentication token (such as an OAuth token) is issued which allows access to parts of your account as needed. This token is stored only on your device; our servers never receive, store, or transmit it.

What about your inference providers? How do you keep my data secure?

We have zero-data retention agreements with our inference providers.

• Fireworks: Our custom models are hosted and served via Fireworks. Fireworks has zero data retention by default. Prompt caching is enabled with Fireworks, which shortly caches prompts in volatile memory to speed up inference requests. Data is cached only for a minimum amount of time needed to service requests, never stored permanently, and is securely deleted after it's no longer used.
• OpenAI: We use OpenAI's models to provide some AI responses. We have a zero data retention agreement with OpenAI.