🔒

Privacy Policy

MailBroom for Business  ·  Last updated: 4 July 2026  ·  AIERT Ltd

🔐 Need-to-know internal access only
🔑
Microsoft Entra ID sign-in
🚫
No passwords stored
🔐
No individual employee data for AIERT staff
💳
Stripe billing
📋

Overview

This policy covers MailBroom for Business only — the web app for Microsoft 365 and Exchange Online at app.mailbroom.app. It is a different product from MailBroom for iOS, which runs entirely on-device with no backend at all; MailBroom for Business necessarily has a backend, since it connects to your mailbox via the Microsoft Graph API. See MailBroom for iOS's own privacy policy if that's the product you're looking for.

🔑

Sign-in & Credentials

You sign in with your existing Microsoft work account via Microsoft Entra ID — the same login your company already uses for Microsoft 365. MailBroom never sees or stores your password. We only ever receive a scoped, revocable Microsoft Graph access token, used to read and act on your mailbox on your behalf. You (or your IT admin) can revoke that access at any time via your organisation's Microsoft admin settings.

🗄️

What We Store

  • Your email address and display name — used for sign-in and to identify you within your organisation.
  • Your company's licence and billing status — plan, seat count, subscription status.
  • Aggregate usage counters — e.g. total emails cleaned, storage freed, CO₂ saved. These are numeric totals only.
  • Microsoft Graph access tokens — used to make Graph API calls on your behalf; these can be revoked at any time via Microsoft.
🚫

What We Never Store

  • Email content — subjects, bodies, attachments. These are fetched live from Microsoft Graph to power features like Smart Sweep and Storage Cleanup, processed for that one request, and never written to our database.
  • Your Microsoft password — sign-in happens entirely through Microsoft's own login flow.
  • Payment card details — billing is handled entirely by Stripe (see below).
🔐

Internal Access Is Need-to-Know

AIERT staff supporting your account can see your organisation's plan, seat usage, and aggregate usage totals — never a list of individual employees' email addresses or their individual usage. The only individual contact details AIERT staff can see are the email addresses of your organisation's own designated admins (the people your organisation has chosen to manage billing) — people you control and can reassign at any time from the app's Billing page. Your organisation's own admins can see their full team's member list from within the app; AIERT's internal tools deliberately cannot.

🏢

Domain-Based Access

Your company's licence is tied to your email domain (e.g. yourcompany.com) rather than individual invitations — anyone signing in with a matching company email address gets access automatically once your organisation has an active plan. Public email providers (Gmail, Outlook.com, Yahoo, etc.) are explicitly excluded from this automatic domain-matching, so one person's personal account can never grant access to unrelated strangers on the same free email provider.

💳

Billing

Subscriptions are billed via Stripe, a PCI-compliant payment processor. AIERT Ltd does not receive or store your card details — Stripe handles payment collection, invoicing, and the self-service billing portal directly.

🌱

Public Leaderboard (Opt-In Only)

Your organisation's admin can optionally opt in to a public leaderboard on this site showing your company name and icon (fetched from a public favicon service using your company domain) alongside your aggregate CO₂/storage savings. This is off by default, requires an explicit admin action to enable, and never exposes individual employee data — only your organisation's own name, icon, and aggregate totals, and only if you choose to turn it on.

👶

Children

MailBroom for Business is intended for use by employees of business organisations and is not directed at children.

📝

Changes to This Policy

If we make material changes to this policy we will update the date at the top of this page.

✉️

Contact

For privacy-related questions, contact AIERT Ltd at enquiries@aiert.co.uk