Privacy Policy

Last updated: April 9, 2026

1. Who we are

TheHinter (“we”, “us”, “our”) operates thehinter.com and the TheHinter AI Email Warmup service. Our contact email is hello@thehinter.com.

2. What data we collect

  • Account information: Your name and email address, obtained when you sign in with Google.
  • Gmail access tokens: OAuth access and refresh tokens that allow us to send and read emails on your behalf for the warmup service.
  • Email activity data: Metadata about warmup emails sent and received (timestamps, delivery status, open/reply signals). We do not store the full content of your personal emails.
  • Subscription data: Billing status and subscription tier, managed by Lemon Squeezy. We do not store your payment card details.
  • Usage data: Log data including IP address, browser type, and pages visited, collected automatically when you use the service.

3. How we use your data

  • Gmail send access is used solely to send warmup emails from your account to our network of partner accounts. This gradually builds your sender reputation and improves deliverability.
  • Gmail read access is used solely to detect and process replies to warmup emails, and to measure deliverability metrics (inbox placement vs. spam folder).
  • To authenticate you and maintain your session.
  • To operate, maintain, and improve the service.
  • To send transactional emails (receipts, service updates).
  • To detect and prevent abuse or fraud.

We do not use your Gmail data to serve advertising, sell to third parties, or train AI models. Our use of Gmail data is limited to what is described above and is consistent with Google’s API Services User Data Policy, including the Limited Use requirements.

4. Data sharing

We do not sell your personal data. We share data only with the following service providers, strictly to operate the service:

  • Supabase — database hosting (EU/US)
  • Lemon Squeezy — payment processing
  • Resend — transactional email delivery
  • OpenAI — AI-generated warmup email content (no personal data sent, only anonymised prompts)
  • Vercel — application hosting

5. Data retention

We retain your data for as long as your account is active. If you cancel and request deletion, we will delete your account data within 30 days. Billing records may be retained for up to 7 years as required by law.

6. Your rights

You may at any time:

  • Request a copy of all data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your account and associated data.
  • Revoke Gmail access at any time via Google Account Permissions. Revoking access will stop the warmup service.

To exercise any of these rights, email us at hello@thehinter.com.

7. Security

We encrypt data in transit (TLS) and at rest. OAuth tokens are stored securely and never logged. We conduct periodic security reviews of our infrastructure.

8. Children

TheHinter is not directed at children under 13. We do not knowingly collect data from anyone under 13.

9. Changes to this policy

We may update this policy from time to time. Material changes will be communicated by email or a notice on the site at least 14 days before they take effect.

10. Contact

Questions? Email us at hello@thehinter.com.