PledgeOSBack to Home

Security at PledgeOS

Your email data is sensitive. We've built PledgeOS with privacy and security as core principles, not afterthoughts.

OAuth 2.0 Authentication

Google-authorized secure authentication. No passwords stored. Industry-standard protocol.

Read-Only Access

PledgeOS can only read emails. Cannot send, delete, modify, or access other Google services.

No Permanent Storage

Emails are processed in real-time and discarded. Only metadata about commitments is retained.

Encrypted Tokens

All OAuth tokens are encrypted at rest using AES-256 encryption standards.

Secure Infrastructure

Hosted on enterprise-grade cloud infrastructure with SOC 2 compliance.

Revocable Access

Disconnect PledgeOS instantly from your Google Account settings. Immediate effect.

Authentication Flow

  1. 1

    You click "Connect Gmail"

    Redirects you to Google's official OAuth consent screen.

  2. 2

    Google asks for permission

    You review and approve read-only Gmail access. Google verifies your identity.

  3. 3

    PledgeOS receives a secure token

    Google issues an OAuth token with read-only Gmail scope. Token is encrypted and stored securely.

  4. 4

    Daily processing begins

    PledgeOS scans recent emails, detects commitments, sends reminders. No human access.

What We Store vs. What We Don't

We Store

  • OAuth access tokens (encrypted)
  • Commitment metadata (deadline, status, summary)
  • Your email address
  • Subscription and billing info

We Don't Store

  • Full email content or body text
  • Email attachments
  • Your Google password
  • Emails from other users

Data Encryption

In Transit

All communication between your browser, PledgeOS servers, and Google APIs uses TLS 1.3 encryption.

At Rest

OAuth tokens and sensitive data are encrypted using AES-256 encryption before database storage.

Processing

Email content is processed in-memory only. No disk writes. Discarded after analysis completes.

Revoking Access

You can disconnect PledgeOS from your Gmail account at any time. This immediately revokes all access.

  1. 1. Go to myaccount.google.com/permissions
  2. 2. Find "PledgeOS" in your connected apps
  3. 3. Click "Remove Access"
  4. 4. PledgeOS can no longer access your Gmail

After revocation, you can request full data deletion by contacting privacy@pledgeos.com.

Compliance & Audits

  • Google OAuth Compliance

    PledgeOS follows Google's OAuth 2.0 guidelines and API usage policies.

  • Regular Security Audits

    Infrastructure and code undergo periodic security reviews and vulnerability scans.

  • GDPR & Privacy Laws

    We comply with international privacy regulations including GDPR and CCPA.

Questions or Concerns?

If you have security questions or want to report a vulnerability, please contact our security team.

security@pledgeos.com