MailBroom for Business · Last updated: 4 July 2026 · AIERT Ltd
This policy covers MailBroom for Business only — the web app for Microsoft 365 and Exchange Online at app.mailbroom.app. It is a different product from MailBroom for iOS, which runs entirely on-device with no backend at all; MailBroom for Business necessarily has a backend, since it connects to your mailbox via the Microsoft Graph API. See MailBroom for iOS's own privacy policy if that's the product you're looking for.
You sign in with your existing Microsoft work account via Microsoft Entra ID — the same login your company already uses for Microsoft 365. MailBroom never sees or stores your password. We only ever receive a scoped, revocable Microsoft Graph access token, used to read and act on your mailbox on your behalf. You (or your IT admin) can revoke that access at any time via your organisation's Microsoft admin settings.
AIERT staff supporting your account can see your organisation's plan, seat usage, and aggregate usage totals — never a list of individual employees' email addresses or their individual usage. The only individual contact details AIERT staff can see are the email addresses of your organisation's own designated admins (the people your organisation has chosen to manage billing) — people you control and can reassign at any time from the app's Billing page. Your organisation's own admins can see their full team's member list from within the app; AIERT's internal tools deliberately cannot.
Your company's licence is tied to your email domain (e.g. yourcompany.com) rather than individual invitations — anyone signing in with a matching company email address gets access automatically once your organisation has an active plan. Public email providers (Gmail, Outlook.com, Yahoo, etc.) are explicitly excluded from this automatic domain-matching, so one person's personal account can never grant access to unrelated strangers on the same free email provider.
Subscriptions are billed via Stripe, a PCI-compliant payment processor. AIERT Ltd does not receive or store your card details — Stripe handles payment collection, invoicing, and the self-service billing portal directly.
Your organisation's admin can optionally opt in to a public leaderboard on this site showing your company name and icon (fetched from a public favicon service using your company domain) alongside your aggregate CO₂/storage savings. This is off by default, requires an explicit admin action to enable, and never exposes individual employee data — only your organisation's own name, icon, and aggregate totals, and only if you choose to turn it on.
MailBroom for Business is intended for use by employees of business organisations and is not directed at children.
If we make material changes to this policy we will update the date at the top of this page.
For privacy-related questions, contact AIERT Ltd at enquiries@aiert.co.uk