Privacy Policy
Last updated: 2026-06-29
Soft Send is built so that your email content never leaves your device. There is no Soft Send server, account, or analytics endpoint.
What Soft Send does with your data
| Data | Where it goes | Why |
|---|---|---|
| Recipients, subject, body of a queued email | Stored locally in chrome.storage.local, and sent only to the Google Gmail API as a draft on your account | To hold the message and send it when the delay expires |
| List of addresses you've emailed before | chrome.storage.local on your device | Powers the "new contact" risk check |
| Daily counters (sent / saved) | chrome.storage.local on your device | Shown in the popup |
| Your settings | chrome.storage.sync (synced by your Chrome profile, by Google) | So preferences follow your browser |
Network connections
Soft Send talks to two external hosts, and only these:
https://www.googleapis.comโ the official Google Gmail API, using an OAuth token you grant via Chrome'sidentityAPI. This is used to create, send, and delete drafts in your own mailbox.https://extensionpay.comโ used only to process the optional Pro upgrade and check whether you've paid. Payment is handled by ExtensionPay (and Stripe); Soft Send never sees or stores your card details, and no email content is ever sent to ExtensionPay. If you never upgrade, the only data involved is the paid/unpaid status tied to your ExtensionPay login.
There is no Soft Send server, no relay for your email, and no telemetry. Your email content stays between your device and Google's Gmail API.
For ExtensionPay's own handling of payment data, see their privacy policy at https://extensionpay.com/privacy.
What we never do
- We never send your email content, contacts, or settings to any server operated by Soft Send or any third party.
- We never read mail other than the drafts Soft Send itself creates.
- We never sell, share, or monetize any data.
- We include no remote/hosted code; everything runs from the packaged extension (enforced by a strict Manifest V3 Content Security Policy).
Permissions and why they're needed
storageโ persist the queue, contact history, stats, and settings locally.identityโ obtain an OAuth token so the Gmail API can act on your mailbox.alarmsโ wake the service worker every 30s to process the queue.notificationsโ tell you if an email failed to send.host_permissions: https://www.googleapis.com/*โ call the Gmail API.host_permissions: https://extensionpay.com/*โ process the optional Pro upgrade and check paid status (no email content is ever sent there).- Content script on
https://mail.google.com/*โ intercept the Send button and render the queue banner inside Gmail.
Gmail API scope
Soft Send requests a single scope: https://www.googleapis.com/auth/gmail.modify. This is required to create, send, and delete drafts. Soft Send uses it only for the messages you queue through it.
Data retention and deletion
- Queue entries are deleted as soon as an email is sent or cancelled.
- All local data lives in your browser profile. Removing the extension (or clearing the browser's extension storage) deletes everything Soft Send stored.
- To revoke Gmail access entirely, remove Soft Send from https://myaccount.google.com/permissions.
Contact
This is an MVP / open project. For privacy questions, contact us at the support email listed on the Chrome Web Store listing.