Security
Last updated: March 31, 2026
Your email security is our top priority. We built DailyTaskProAI with a zero-storage architecture — your email content never touches our database.
Architecture
Zero Email Storage Active
Email content is processed in-memory only. After AI scoring and draft generation, the content is immediately discarded. Our database stores only metadata: scores, timestamps, sender addresses, and your preferences.
Encryption Always Encrypted
All data travels through secure encrypted channels, both in transit and at rest. Connection tokens are stored with additional encryption using separate key management.
Authentication
- Official sign-in only — Google sign-in for Gmail/Workspace/Calendar, Microsoft sign-in for Outlook/365/Calendar
- No password storage — We never see or store your email password
- Secure sessions — Session tokens stored in secure, protected cookies
- Password protection — Account passwords are securely hashed and never stored in plain text
- Token management — Connection tokens auto-refresh; revoked tokens are cleaned up immediately
Infrastructure
- Hosted on dedicated infrastructure (not shared hosting)
- Strict firewall rules with minimal open ports
- Rate limiting on all API endpoints to prevent abuse
- Security headers on all responses
- Cross-origin requests restricted to approved domains only
- All database queries use safe parameterized methods
Auto-Send Safety
Revenue Risk Protection Enforced
Emails flagged as revenue risk (invoices, payment requests, deal-critical) can NEVER be auto-sent. This rule is enforced at the service layer — it cannot be overridden by users, admins, or API calls.
Credit Safety
Credits are deducted before an AI action runs. If the action fails for any reason, credits are automatically refunded. You never pay for failed operations.
Compliance
- GDPR — Full compliance. Data export and deletion on request.
- CCPA — California Consumer Privacy Act compliant.
- Google API Services User Data Policy — Limited use compliance.
- Microsoft Graph API Terms — Full compliance with data handling requirements.
Reporting Vulnerabilities
If you discover a security vulnerability, please email security@dailytaskproai.com. We will respond within 24 hours.