Incoho
PricingHelpSign inStart Free Trial

Privacy Policy

Last updated: March 24, 2026

1. Information We Collect

When you use Incoho, we collect the following information:

  • Account information: Your email address, business name, and password when you create an account.
  • Email credentials: IMAP and SMTP credentials for your connected email accounts. These are encrypted at rest using Supabase Vault (pgsodium Transparent Column Encryption).
  • Email content: Incoming customer emails are processed by our AI to classify and draft replies. We store email metadata and content temporarily for processing.
  • Knowledge base data: Store policies, FAQs, and other information you provide to help the AI draft accurate replies.
  • Billing information: Payment details are processed and stored by Stripe. We do not store your credit card information directly.

2. How We Use Your Information

  • To classify incoming emails using AI (Anthropic Claude) and generate draft replies based on your knowledge base.
  • To send approved replies via SMTP on your behalf.
  • To manage your account, process payments, and provide customer support.
  • To improve our service and develop new features.

3. Data Retention

Email task data (classifications, drafts, and metadata) is retained for 90 days to support your workflow and analytics. You can request deletion of your data at any time. When you delete your account, all associated data is permanently removed within 30 days.

4. Third-Party Services

We use the following third-party services to operate Incoho:

  • Supabase: Database hosting, authentication, and encrypted credential storage.
  • Anthropic: AI email classification and reply drafting (Claude API). Email content is sent to Anthropic for processing but is not used to train their models.
  • Stripe: Payment processing and subscription management.
  • Resend: Transactional emails (welcome emails, notifications).
  • Vercel: Application hosting and deployment.

5. Data Security

We take data security seriously. Email credentials are encrypted using Supabase Vault with pgsodium Transparent Column Encryption. All data is transmitted over HTTPS. We use Row Level Security (RLS) to ensure merchants can only access their own data.

6. Your Rights

You have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data and account.
  • Export your data in a portable format.
  • Withdraw consent for data processing at any time by disconnecting your email accounts or deleting your account.

7. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at support@incoho.ai.